HARDWARE REQUIREMENTS

For the 64-bit version you need a Pi 3B, a UHS-1 micoSD card and HEATSINKS. Privacy Enhanced Linux 64 is optimized for performance and core temps of 79°C have been observed-- the pre-installed sensor viewer app doesn't update correctly but it works if you close and reopen the window. I've put copper heatsinks on the top and BOTTOM of the circuit board, on the memory chip, and it still gets hot enough to fry an egg. It would have to be a tiny blue Robin's egg and you'd need the world's smallest frying pan... think I'm going to McDonalds for breakfast.

TOUCHSCREEN BETA5

Daemonized Onboard so it's running as root at the Xdm (X display manager) screen. Don't run Onboard as a user or autostart it in settings, you'll just end up with two on-screen keyboards. Firmware config.txt preconfigured for my Waveshare 10.1 IPS touchscreen as always but any USB HID screen should work fine with this version, NO KEYBOARD REQUIRED.

LINK REMOVED USE BETA6
ZIP file has an md5sum of bdf917501ac82b432eb3bcd28399713d

To restore Onboard to previous configuration edit /etc/X11/xdm/Xsetup and delete the last line. Then use MenuLibre to make the Onboard icons visible again. That's it! Those are the only changes I made.

APPLICATION CHANGES

Nano because apparently I'm the only one still using vi. Claws Mail to complete the standard suite of desktop programs. MenuLibre so I could make the Onboard icons go away. And NTP (Network Time Protocol) to automagically update the fake hardware clock. All still neatly ZIPed into a one gigabyte file.

REMAINING ISSUES

gufw has a unlisted dependency on locales which I'm avoiding like the plague for now. If it would just update correctly instead of blowing away locale.gen forcing you reconfigure it every fookin' time.. but people have been complaining for YEARS and nobody cares so.. the plague I say. Plain ole UFW works fine from the command line.

Firejail tools has an ARM64 specific bug that apparently requires compiling with a special flag. I'm trying not to fook with packages that will need updating when upgrading to 17.10 so I'll probably uninstall it next time around.

RFCOMM doesn't seem to have a service file so my Bluetooth installation may be incomplete. If they had just made it a frickin' USB device like the built-in wired Ethernet adapter none of this shit would be required.

These three are the only remaining issues I have.

MULTI-TOUCH RANT

The projects are years old with no progress, just a few bug fixes, if you're lucky. With all the resources being devoted to bringing us a safe and secure Nazi init system, you'd think someone would have spent a buck or two on what's been standard for Winblows since version 8. I can't even frickin' two finger right click. Touchegg has never worked right with Xfce and Twofing is a dirty hack by even my standards, anywho. Luckily Onboard has a right click button or a big vein on my forehead would have popped.

MYSTERIOUS TRAVELER

He said he was from the future and he was carrying a Raspberry Pi 6C in the official holographic Pi Foundation case. I asked him for firmware for my Pi 3B and he used Quantum Entanglement Bluetooth v11.2 to write it to my SD card that was several miles away. I immediately drove home and made this backup image:

LINK REMOVED USE BETA5
1GB BETA4 ZIP has md5sum of 52dca140225a6009aa811055f32f457a

If you compare the GPU's boot code file byte-by-byte (using cmp) with the official one from 7-11-2017 they'll probably seem the same though. All the overlays might be from kernel 4.9.38 too. Maybe, possibly...

OMG! WTF? My firmware is from THE FUTURE :o

BUILT-IN BLUETOOTH

I've got it nailed down to a problem with RFCOMM which I really don't feel like researching at the moment. I'll give it another try before 17.10 is released though. Works with my Panda BT 4.0 USB dongle so I'm kind of over it for now.

KERNEL

git clone --depth 1 https://github.com/raspberrypi/linux

Since I'm not including any custom deb packages, this is how I get the source. Only real difference is the Pi Foundation includes their own default config that's not in Linus' stock kernel, so before make menuconfig do a:

make bcmrpi3_defconfig

Everything else is normal (make, modules_install) until the last step which is to rename the /linux/arch/arm64/boot/Image file kernel8.img and put it on the firmware partition (mounted as /boot.)

OVERLAYS

git clone --depth 1 https://github.com/raspberrypi/firmware

It would appear the overlays are specific to a particular kernel version. So even with the latest firmware you should copy /linux/arch/arm64/boot/dts/overlays/ over to your /boot dir. I have to start all over with Mesa and VC4 because I neglected to do this.

64-BIT UHS-1 BETA3

Yeah, you not only need a Pi3 for this one but you'll also need a UHS-1 or Class 10 microSD card. Edit config.txt file on firmware partition if that's a problem.

LINK REMOVED USE BETA5

1GB ZIP file has an md5sum of 0bc4d23ee3cca14203033edbd0d438b2

Latest Pi Foundation 4.9.38 kernel and Bluetooth almost works. Wasted a day playing with VideoCore4 before reverting back to beta2 and starting over. Got a steady 60 FPS out of fullscreen glxgears (running vsync on a 60 Hz HDMI screen) so it definitely works but it also crashes xdm on every startup and shutdown. Oh well, back to swrast, just for comparison though:

hardware accelerated:
OpenGL vendor string: Broadcom
OpenGL renderer string: Gallium 0.4 on VC4 V3D 2.1
OpenGL version string: 2.1 Mesa 17.0.7
OpenGL ES profile version string: OpenGL ES 2.0 Mesa 17.0.7
OpenGL ES profile shading language version string: OpenGL ES GLSL ES 1.0.16

software rasterizer:
OpenGL vendor string: VMware, Inc.
OpenGL renderer string: Gallium 0.4 on llvmpipe (LLVM 4.0, 128 bits)
OpenGL version string: 3.0 Mesa 17.0.7
OpenGL ES profile version string: OpenGL ES 3.0 Mesa 17.0.7
OpenGL ES profile shading language version string: OpenGL ES GLSL ES 3.00

I also tried compiling Mesa for vc4 myself but didn't seem to help with lockups. After all the build deps and source I had run out of partition space. I didn't want to make the img/zip files any bigger and it might have angered the package management gods when trying to upgrade to 17.10 so I left all that out.

Quite frankly, I almost called this one 1704R1 instead of Beta3. It's pretty close... but no cigar.

64-BIT BETA2

100 updated packages since beta1 including a critical systemd security fix. Cryptkeeper and Apertium-Tolk are no longer in Ubuntu 17.04 so I installed them manually. Firefox is now multi-threaded by default and you can (try to) launch it from Firejail Tools. Built-in Bluetooth and PulseAudio Volume Control are still buggy garbage.

LINK REMOVED USE BETA6
Administrator raz has a password of ubuntu2017

PELinux64 firmware config.txt is preconfigured for Waveshare 10.1" IPS touch

MORE PRIVACY ENHANCEMENTS

These apps have become standard on my desktop and are sure to be included by default in any future versions of PELinux.

StegoSuite lets you hide secret stuff (aka payloads) inside images.

 

 

FireJail and FireTools makes web-exposed apps much safer by using namespaces, the same used by Linux containers (high level virtualization.) I might make it the default way to run Firefox.

I'm still thinking October but I might try switching my apt sources over to 17.10 earlier. It's all really a beta test until 18.04 anyway. They can call them whatever they want I guess.

DD BACKUP EXAMPLE

I always use bs=512 because the hardware abstraction layer uses this block size. You can, of course, use the physical block size. Backing up a 64 GB SanDisk Ultra card over USB 3.0 still takes a considerable amount of time. If staring at a blank line that looks hung gives you rapid onset Tourette's syndrome like me, there's a trick buried in dd's man page that helps: send signal USR1 to the running process and it'll output its status. The rest of the info you need is in the man pages of top and kill though; I'll save you the trouble of all that scrolling...

If you popped the card in a laptop with sda hard drive then it'll most likely be sdb. Double check and make sure it wasn't automounted -- umount /dev/sdb1 and sdb2 if needed. Then change to your backup dir and:

sudo dd bs=512 if=/dev/sdb of=pi2_2017-07-11.img

Now open a SECOND TERMINAL window and run top. Hit the q key when dd shows up. First column is the process number:

 PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
1840 root 20 0 7332 764 696 D 52.9 0.0 3:10.28 dd
1772 root 20 0 0 0 0 D 5.9 0.0 0:08.24 usb-storage

You can now send the dd process the USR1 signal with the kill command. Don't worry, you won't actually kill anything.

sudo kill -s USR1 1840

On the FIRST TERMINAL window you'll see dd output something like:

68451041+0 records in
68451040+0 records out
35046932480 bytes (35 GB, 33 GiB) copied, 479.181 s, 73.1 MB/s

Plenty of time to go get another cup of coffee.