I’m considering switching to EOS on my main pc but I’ve never used arch before so there’s some stuff I don’t understand:
On debian I use a hook so whenever dpkg is invoked I create a btrfs snapshot with timeshift. So if I break something I have a fresh snapshot from a second before instead of having to do it by hand or using scheduled snapshots. How can I do that on arch? Would it work for AUR too or only pacman?
Why does EOS install a firewall by default? I’ve never seen that anywhere else. Is there a specific arch vulnerability that makes it necessary? Would I be ok if I just uncheck it on the installer? My network is secure and it’s a desktop pc that would never connect to a public wifi. I know it can’t hurt but having to setup firewall rules reminds me of windows.
You can do the same thing. You can write a hook yourself or just install timeshift-autosnap from the AUR.
AUR packages are still installed by pacman so it is possible to do it for AUR packages as well.
Yes, firewalld.
It is possible but it isn’t a great idea from a security perspective.
The idea that having network firewall in place means you don’t need a local firewall is fundamentally flawed unless you have only a single device on your network.
I saw that post. But it assumes a firewall is necessary at all, which is confusing to me. Maybe it is for arch? e.g. what if arch opens ports that are closed by default on debian? so I think I don’t need a firewall but I do.
Firewalld applet is simple even for new users. We need to only select zones which are as simple as “Home” or “Block”. That’s what I did when it was made available for first time !
