Below is an archive of Version 0.2 of the Single ANIX Specification, also known as Version 2 of Research ANIX. It is left here for historical purposes.

For information on the current state of ANIX, visit the project index.

Start with a clean version of Debian 13 aka “Trixie”. Install it as you would install any other copy of Linux to your computer, but without selecting any additional packages other than standard sys utilities. When you are done, it should dump you right to the command-line. Do all other normal setup things, like setting the timezone and getting the internet connection working. Run apt update and get everything up to date.

Edit your fstab file to configure your /tmp directory as a tmpfs ramdisk. Do not rely on the stock systemd implementation.

Base text editor should remain nano, so we don't have to pick sides in the emacs-vs-vim war.

• Configure apt to use the https repos instead of http
• Configure the Backports repo and update to the latest kernel
• Install from apt: wget
• Install curl from Backports.

• /bin/sh symlinked to dash for startup scripts
• bash as the default userland shell
• Official support for zsh as an optional bash alternative

• Install from apt: rsyslog
• Neuter journald
• Have rsyslog publish its logs to /tmp/log
• Purge /var/log, but leave the folder and set up symlinks to the logfile locations in /tmp/log
• Keep track of anything else that makes logs and direct them to rsyslog (preferable) or /tmp/log
• Leave pathways for end-users to send persistent logs to ~/.log and /var/log

• Install from apt: ufw. Drop all incoming connections, log to dedicated log file via rsyslog
• umask 0077 as default
• Configure NetworkManager to randomize MAC addresses
• WireGuard & OpenVPN both preinstalled and ready to run configs from VPN providers, with easy killswitch option.
• A tor switch through which you can optionally route your VPN and vice-versa.
• An airplane mode switch that puts the machine into a full Ring 0-only mode.
• A preconfigured hypervisor that makes it easy to run sandboxed applications in virtual machines alongside non-sandboxed applications.
• Absolutely no telemetry or data collection. All third-party apps must be examined and hardened where possible.

• Install from apt: sway, swayidle, swaylock, swaybg, swayimg, sway-backgrounds, sway-notification-center, suckless-tools, waybar, bemenu, wofi, brightnessctl, grim, jq, slurp, imagemagick, wl-clipboard, xdg-desktop-portal, xdg-desktop-portal-gtk, xdg-user-dirs, xdg-utils, xdg-dbus-proxy, libadwaita-1-0, gnome-themes-extra, gnome-themes-extra-data, adwaita-qt, adwaita-qt6, wmctrl & xwayland
• Use HumphreyBoaGart/dotfiles package to wrangle Sway, Waybar and the Bash userland together.

• Terminal Emulators: sakura (with foot as backup/debug terminal)
• File Browsers: nemo and ranger
• Status Monitors: whatever works
• Timekeeping: whatever works
• Display Management: wdisplays or equivalent
• Session Manager: Stock login prompt (can be styled) that opens to Sway, coupled with Big-B/swaylock-fancy. Have option for autologin.

• At least two web browsers, including Firefox, sandboxed, preconfigured for security, and with garbage like Pocket deactivated. Disable disk caching and force the browser to cache to RAM.
• Install standalone GNOME components from apt: gedit, gnome-contacts, gnome-calculator, gnome-disk-utility, gnome-keyring
• Install libreoffice and libreoffice-gtk3 from Backports
• Install a password manager

• Whatever for image viewing
• Whatever for media playback
• A decently secure PDF reader
• PipeWire for hardware audio playback
• Install from apt: blueman, ffmpeg, cheese
• Install yt-dlp from Backports
• Whatever for wifi. Needs visual+cli interfaces for easily finding and connecting to wifi & mesh networks

• Metasploit Framework
• nmap, ncat
• anything useful that can be easily poached from Kali/Parrot, as most of those packages are just previously open-sourced software from independent developers.

• Flathub: Flatpak w/ Flatseal utility
• Dockerhub: Docker configured in Rootless Mode.
• Needs shortcuts in place to have apt quickly grab packages+dependencies from ISOs/Keydrives of compatible Debian-family distros, for fully offline package install.

You are not limited to the packages listed here. Feel free to include any additional pieces of software you think would be useful or necessary. This will help spur a healthy ecosystem of Research ANIX derivatives, as part of Anon's long-term scheme to conquer the world.

ANIX will be distributed as a single ISO, and this ISO will need to provide for (at the very least) these two default modes of operation:

1. Like most modern Linux installs, it will need to be able to liveboot off of virtual machines, and portable devices like USB drives. When it is run in portable mode, it will wipe itself back to a blank slate on every reboot, similar to Parrot OS.
2. Accessible from the liveboot mode will also be an installer which installs a permanent version of ANIX to the specified memory device, where data persists across reboots. The installer also needs to be able to set up full-disk encryption on the device it installs ANIX to.

Target platform is x86-64, though we certainly wouldn't complain if someone made an ARM64 or RISC-V build of Research ANIX.