qdistro

qdistro v0.1: first public test

2026-05-17T00:00:00+00:00

What qdistro is</h2>
qdistro is a single-tenant Linux distribution inspired by Qubes OS, but built on commodity hardware and commodity software. Instead of Xen and a custom UI, it runs on a standard Tumbleweed install with a libweston compositor, a Python/Qt/QML userspace, and a layered isolation model that lets you choose how much containment each app gets.</p>
The goal isn’t maximum security — it’s the best isolation you can get without giving up your laptop. Everything is designed to be LLM-modifiable: the shell, the admin approval flow, the send-to plugins, the password vault. If you can describe the change you want, an LLM can write the QML or Python to make it happen.</p>
There is no ISO image. Instead, there’s a single bootstrap script that takes a fresh Tumbleweed install to a fully configured qdistro system in 10–20 minutes.</p>

What works in v0.1</h2>
Here is what you can actually do right now:</p>

Tier 1 — native SELinux silo.</strong> Every app launches in its own SELinux context. Open qterminator and run `id</code> — you’ll see a confined context. The terminal, the text editor, the calculator: all isolated from each other by default.</p> </li>`
`Tier 3 — container.</strong> Heavier workloads run in LXC containers spawned on demand. The admin app lets you create a container silo, install packages inside it, and launch apps that render through the compositor.</p> </li>`
`Tier 4 — VM with waypipe.</strong> Full virtual machines with seamless window integration. Chrome runs in a VM but its windows appear on your desktop alongside native apps.</p> </li>`
`Admin approval broker + audit log.</strong> Cross-silo actions (clipboard sharing, file transfer, device access) go through an approval queue. The tray-icon admin app shows pending requests and full audit history.</p> </li>`
`Screen locker + fingerprint.</strong> The qdlocker screen locker supports fingerprint authentication on laptops that have a reader (fprintd).</p> </li>`
`Browser bridge.</strong> Chrome and Firefox extensions can authenticate against the qdistro identity via HMAC-bound native messaging.</p> </li>`
`Password vault.</strong> The pwd</code> app stores credentials in per-vault encrypted databases and integrates with the system secret portal.</p> </li>`
`qdshell desktop.</strong> The Noctalia QML desktop shell with panels, launcher, and system tray runs on top of the qdwin compositor.</p> </li>`
qdgreeter boot.</strong> greetd on tty3 presents the qdgreeter login screen at boot.</p> </li> </ul> What doesn’t yet</h2> We’re being honest about the gaps so you know what you’re getting into:</p> Tier 5b — per-app VM-windowed.</strong> This is planned for v1.1. Right now the highest isolation tier is the tier-4 full VM, which gives you a whole desktop inside the VM, not individual seamless windows.</p> </li> Phone / Tailscale pairing.</strong> The phone integration infrastructure exists (Tailscale + ntfy) but hasn’t been scripted for first-time setup.</p> </li> GUI installer.</strong> There is no graphical installer. You install Tumbleweed manually, then run the bootstrap script.</p> </li> No ISO image.</strong> There is no installable qdistro ISO. The bootstrap script is the installation mechanism.</p> </li> Limited hardware testing.</strong> This has been tested on a handful of laptops. Your hardware may behave differently, especially around graphics drivers and fingerprint readers.</p> </li> Multi-monitor.</strong> Not tested. The compositor is single-output for now.</p> </li> </ul> How to try it</h2> The full step-by-step is in the “Try qdistro” section of the README</a>. In short: install Tumbleweed, clone three repos, run the bootstrap script as root, reboot, and you’re in. The whole thing takes about 30 minutes including the Tumbleweed install.</p> What we want feedback on</h2> We need real humans running this on real hardware. Specifically:</p> Installation friction.</strong> Was the bootstrap script clear? Did any package fail to install? Was the reboot-to-qdgreeter step smooth?</p> </li> First-boot experience.</strong> Does the qdgreeter login screen make sense? Is it clear how to launch apps and switch between them?</p> </li> Tier 3 and tier 4 usability.</strong> Can you actually run a useful workload in a container or VM silo? Is the admin approval flow for cross-silo actions intuitive or annoying?</p> </li> Missing features.</strong> What would make this your daily driver? What’s the one thing you need that isn’t here yet?</p> </li> </ol> File one issue per thing you find at codeberg.org/qdistro/qdistro/issues</a>. The most valuable feedback looks like: “I followed step X and step Y was unclear / broken.”</em></p> This is v0.1. Things will break. That’s the point of a public test release — so we can fix them before v1.0.</p>



Hello from qdistro
2026-05-14T00:00:00+00:00
This is the first post on the new qdistro site.</p>
Why another Linux</h2>
Existing isolation-first distros (Qubes, Whonix) draw a hard line at the
Xen hypervisor and a hardened UI. qdistro asks a different question:
what does a single-tenant, LLM-modifiable userspace look like when the
hypervisor and</em> the compositor are commodity Linux, and the interesting
work happens in Python/Qt/QML?</p>
class Silo:
    """One VM, one purpose, one set of permissions."""
    name: str
    runtime: Literal["bare", "qemu", "container"]
    transport: Transport  # libweston-mediated; never raw DRI
</code></pre>
What’s next</h2>

First end-to-end demo of the admin permission flow</li>
Public design docs for the cross-silo clipboard</li>
Real screenshots once qdshell</code> is wired into qdwin</code></li>
</ul>