Kali, I actually think that’s the old Backtrack logo

I think the arguments against the “bloat” are not towards systemd as an init system, but rather are because systemd does so many things other than being an init system. I also don’t mind systemd, but I absolutely hate systemd-resolved. I do not want my init system to proxy DNS queries by setting my resolv.conf to 127.0.0.53. Just write systemd- and press tab, that’s “the bloat”. I’m not saying that the systemd devs should not develop any new tools, but why put them all inside one software package? systemd-homed is cool, but useless for 99% of users. Same with enrolling FIDO2 tokens in a LUKS2 volume with systemd-cryptenroll. Far from useless or “bad”, but still bloat for an init system.

Correct, users that are not explicitly configured as sudoers are limited both in files they can access and commands they can run.

Yeah, Linux was built as a multi-user system, so user and group permissions have always been a core aspect of it. The “password locked admin account” is just the root user, although you should maybe leave that as a “failsafe” account and create a separate user with sudoer permissions. Every file and folder in Linux has an owner and read/write/execute permissions for the owner, members of its group, and others. By default, users are limited to their own home folder (/home/username, where folders like Documents are stored) and a handful of world-writable locations (like /tmp) If you need more specific permissions, ACLs are also available. Or SELinux.

The biggest difference regarding distribution choice is that some distros ship with SELinux enabled, while most don’t. For everything else there’s not much difference, so maybe start with Debian for its community support/resources?

until recently, it punished anyone on Nvidia

My brother in Christ, it’s Nvidia punishing you for using Wayland.