Get answers on Ubuntu Linux with this review and interview with Jeff Waugh

by Jaqui Greenlees | Apr 28, 2006 2:14:00 PM

Tags: UNIX, Operating systems, OPEN SOURCE, Web browsers, Jaqui Greenlees, Ubuntu, Ubuntu Linux, Linux, hardware, Jeff Waugh

59 comment(s)

Takeaway: Contributor Jaqui Greenlees had a few problems with his attempt to install Ubuntu Linux so he decided to confront one of the developers for some answers.

I recently decided to take a look at Ubuntu Linux, I found several problems during the install and with the configuration and default set of packages. I decided to raise the configuration and default package issues with representatives of Ubuntu Linux via e-mail.

The email interview / conversation with Jeff Waughis below. Jeff Waugh is a member of the UbuntuLinux's Core Development Team. The only editing I did of the e-mail exchange was layout oriented; I grouped the related sections together, and removed the formatting imposed by the email clients for readability. This still leaves the exchange at about six pages in length (US Letter size). I have also added URLs where needed for reference to items mentioned in the exchange.

Installation issues

The issues I had during install were fairly straightforward; the real problem was the steps I needed to follow to actually install Ubuntu Linux.

The version of the Parted partitioning tool that shipped with the Breezy Badger release of Ubuntu Linux was incapable of ignoring partitions it was told not to touch. I have a multi-boot system with multiple distributions of Linux on it, Ubuntu's version of Parted choked on my Debian created partitions on my main hard drive. I had to remove my primary hard drive from my system just to install Ubuntu Linux.

While the "eye candy" is there for Ubuntu Linux, the decisions made by their development team do leave me the feeling that Ubuntu is seriously lacking in functionality. They strive to achieve a broad range of hardware support out of the box, yet one such tool actually creates conflicts with hardware of the type it is specifically meant to support. The Laptop-utils package destroys Dell batteries for laptop computers, it creates conflicts with Dell laptops, yet Laptop-utils is absolutely required, you have to accept a 75 percent reduction in functionality of your laptop when not connected to a wall socket or use a different distribution of Linux. (It really doesn't make sense to require laptop tools for a desktop system.) Editor's note: Ubuntu developers dispute the accuracy of this statement.

The logic of requiring support for hardware that isn't present on a desktop system fails me, if anything this hardware support should be optional. The real issue behind this, by requiring support for hardware even if it isn't present, is that they consume system resources for no purpose. When a library is required by a package, it has RAM allocated when the package is started, then the library is also loaded into RAM at this time, to ensure it can be.

While it may be swapped into the swap partition if it isn't used, the RAM allocated for it is not released until the application closes, every mouse click is checked to see if it is calling a function supplied by that library (CPU time gone to support non-existent hardware). If you did call for a function that library supplies, without the hardware it supports, all you have done is cause an error message to be generated.

One issue that really makes no sense is the requirement to update all installed packages, even if one of the packages will be uninstalled as soon as the system allows you to, you have to update it first.

Imagine my surprise when the second worst browser can't be removed without crashing Ubuntu Linux. I do not use Firefox, since I detest the user interface, my reason being if I want Internet Explorer I'll install it via Crossover Office or WIne. Firefox was designed to look and feel like Internet Explorer, which is enough to have me not use it.

I personally will not use the default GUI for Ubuntu because GNOME has decided that it doesn't work right unless you have connectivity to MS servers. In my Linux-only environment this is a complete waste of resources, identical to the use of Laptop-Utils and Bluetooth-Utils mentioned above.

The Interview

Jaqui: Synaptic wouldn't accept a root password. What good is a GUI for aptitude if you can't start it?

Jeff Waugh: On Ubuntu, we disable the root account and provide the first user with full sudo administrative rights. So you just need to enter your account password when running any of the administrative tools. You'll note that the installer never asked you to provide a root password. :-)

Jaqui: It did ask for administrator password, I was presented with four password entry screens, and I put in two different passwords, one for root and one for a non-admin user.

Jeff Waugh: Did you do the "expert" install? It's not recommended, because it's a huge waste of time.

Jaqui: No, I just let the installer run.

Jeff Waugh: If you just ran the installer as usual, then you were not asked to provide a root password.

Jaqui:Bluez-utilities are REQUIRED??? WHY? I do not have any Bluetooth devices so it's a complete waste of system resources.

Jeff Waugh: We support a lot of hardware out of the box and provide the tools to use it. If you don't have any Bluetooth hardware, no resources are wasted, because it's not in use. (So sure, it uses space on your disk, but not much at all.)

Again, we support a lot of hardware out of the box. This is a tiny, tiny package (smaller that all the other laptop hardware support utilities that we include), so I would not regard this as 'pure stupidity'. It is not used if you do not have hardware that requires it.

Jaqui: But it should not be a dependency then; it should be a recommended but not required package. Few distributions require it to be installed or fail installation. And if there is no hardware that uses it, then it should be allowed to be removed. By requiring that laptop utilities be installed you are saying your users are too stupid to know what their hardware is.

Jeff Waugh: No, we're not saying users are stupid. We're understanding that in large part, they just don't care about those details. They just want it to work. Remember that Ubuntu is *only* one CD. We're doing a lot better at keeping things to a minimum than Apple, Microsoft, and Linux distributions, while having awesome hardware support, and a great out-of-the-box experience.

Remember, we ship our entire basic desktop on *one* CD. Most other Linux distros ship three or more. We've done a very good job of balancing ease of use, very broad hardware support and minimization of crap on the system.

Jaqui:Bluez is not required by ANY quality software, unless it is for connecting to a BLUETOOTH device.

Jeff Waugh: Actually, the libraries used to interface with the Bluetooth subsystem are used by numerous applications to provide integration with the hardware. A good example of this is 'nautilus-sendto', the little app that lets you send files from the file manager (using email, IM, Bluetooth, etc).

Jaqui: No? The help system and Ubuntu desktop run bluez-utils as a requirement, it cannot be removed. Supporting the hardware is fine, but not as an absolutely required library, with the entire GUI dependant on it.

Jeff Waugh: You can't depend on a library and then magically take it out of the stack. That's like playing Jenga, if you know the reference (it's the game where you pull out pieces of wood in a big tower, which eventually falls over).

Jaqui: FIREFOX is REQUIRED?????? I detest Firefox and will not use it at all, so naturally I don't want it installed.

Jeff Waugh: We install a minimal set of software that will be useful for as many users as possible. Firefox is the gold standard in browser technology, so that's what we ship out of the box. For various technical reasons, it can't be removed because other software on the system (such as the help browser) use the Firefox rendering engine, and this is not yet split out from the browser itself.

Jaqui: Just an F.Y.I. I normally use Linux From Scratch, and FIREFOX is not required by the software you say it is.

Jeff Waugh: The rendering engine is used by other software in our system, such as the help browser and other components.

Jaqui: Gecko rendering engine is not available separately; since when? It has always been a separate section of the sources.

Jeff Waugh: It is not available as a separate library interface. When XULrunner ships from Mozilla.org, it is likely that we will retarget all the software that uses the rendering engine to use it, at which point Firefox will no longer be required.

Jaqui: But gecko is not locked into Firefox it is a separate set of archives in the sources.

Jeff Waugh: Again, until XULrunner is released, the rendering engine is not available as a separate library interface. (Even then, it won't just be gecko, it will be the whole XUL stack.)

Jaqui: And, in my opinion, Firefox is not the gold standard, I would rather use Seamonkey. (Seamonkey uses exact same rendering engine, just a more powerful interface, with more tools. It is Mozilla suite's new version.)

Jeff Waugh: That's a fine preference for you, but there are great reasons why Firefox has achieved market share far beyond what Seamonkey was capable of. It sounds as if you enjoy tinkering with your technology -- keep in mind that you (and I alike!) are unlike most of the computer-using population out there. :-)

Jaqui: According to Mozilla's site, XULrunner is available.

Jeff Waugh: It's not stable or well-adopted yet. We may be adopting it in the Ubuntu 6.10 timeframe.

Jaqui: Laptop-Utils is required on a desktop system? Pure stupidity.

Jeff Waugh: Again, we support a lot of hardware out of the box. This is a tiny, tiny package (smaller that all the other laptop hardware support utilities that we include), so I would not regard this as 'pure stupidity'. It is not used if you do not have hardware that requires it.

Jaqui: No way to edit the system files outside of working with vim in console and it seems like root login is locked from the GUI completely.

Jeff Waugh: You can run graphical apps with sudo as well, if required, but it's not something that we want to encourage. There is a good selection of admin tools available -- we're not all that interested in forcing our users to edit system files at all! :-)

Jaqui: Since sudo single user does everything it is a seriously flawed security model, I always use root account for administrative purposes.

Jeff Waugh: Sorry, it's not a flawed security model. We're extremely attentive to security issues, and this is the kind of configuration that is recommended for large server deployments, and any situation where a task-based approach to privilege escalation is required. Turns out, that fits very neatly with the requirements of a desktop system. It is disappointing that the whole concept of root is inflicted on users of other distributions. You'll note that Mac OS X uses a very similar approach to Ubuntu.

Jaqui: Yet there was no way to put system administration password into system admin tools in the GUI. I definitely disagree that regular user as administrator is as good of a security model; that is the way Windows boxes get infested with malware.

Jeff Waugh: That's not how Ubuntu works. The user is an administrator only in that they have sudo rights should they need to perform administrative tasks. They do not have inflated privileges in general use. This is not qualitatively different to having a root password that just ends up being a different password to type in. We've thought about this long and hard, and we have a very conservative approach to security issues. Ultimately, this is the best way for UNIX systems to work in general -- professional sysadmins will tell you the same thing.

Jaqui: The "only administrator can do anything" is why every Windows box is being run as administrator. Microsoft has yet to create a good multi-user operating system; you are turning Linux into a clone of Microsoft's flawed multi-user model with this type of security model.

Jeff Waugh: See above and below for why that is not the case, but also, if you want to see bad ideas in action, look to Linspire. In Linspire, user accounts are optional, and in the default single user configuration, everything runs as root. *That* replicates the "everyone logs in as the Administrator user" mess on Windows.

Jaqui: Root account is there to be used, therefore sudo is a security risk. (Secunia advisory, sudo doesn't completely release from the system when it's shut down leaving the system vulnerable to exploit, a fact that was actually reported to Secunia by Ubuntu). I'll have to disagree that using sudo instead of the root account is more secure.

Jeff Waugh: Sorry, but I don't believe that you have the depth of knowledge to state that as a fact. You're welcome to your own opinion though. :-)

Jaqui: I only have one user allowed to use su, (my own login) and actually rarely use that even, all other users are not granted the su privilege. System admin is completely separate from general use. (for me)

Jeff Waugh: The same holds true for sudo, but at vastly more granular levels. That is why it is the choice of sysadmins who are interested in secure task-based privilege escalation. That's not true in general, and not at all true on Ubuntu due to other rules we put in place (timeouts per tty, etc). sudo is no more of a security risk in our setup than having a separate root account and password, and in fact reduces risk in the common case. We haven't done this on a whim.

Jaqui: FORCED UPDATE before you can work with any other packages? What are you Microsoft? Forcing people to install updates in order to do anything else with packages? Constant Notifications that updates are ready? (A Microsoft thing I don't miss in my LINUX only network.)

Jeff Waugh: I'm not sure which context you're referring to, but if it's the update after installation, that's a courtesy to our users so that they are running all of the latest security and bug fixes after install. We also let our users know when updates are available, because it's important that they play an active role in the upkeep of their system, and understand what it's doing. It would not be good to do this behind the user's back. I'm not sure why you characterize this as a Microsoft thing -- it is a very important function of any modern, secure operating system.

Jaqui: Since I wanted to install some more software, then do updates, being locked out of installing more software before installing updates is just an irritant. Why force people to go through the entire update process, just to add more packages? It doesn't save time either way. Or to remove unwanted packages. I'll update a package just before I uninstall it; waste of time to update it isn't it?

Jeff Waugh: Have a look at Dapper when it's released, I think it will resolve the issue you have with this. (Although this really is a small issue, if you take the whole challenge of Linux on the desktop in perspective.)

NOTE: popup windows about updates are an irritant, and Microsoft is the worst for that irritation, Ubuntu has followed Microsoft down this path of a popup every 30 seconds until the updates are installed -- a very Microsoft thing.

Jaqui:Libsmb is not required by any software that is worth using, unless you are connecting to a Windows server. No self respecting Linux desktop application would be built requiring Windows server connectivity. (Which is why I do not ever install GNOME, they were stupid enough to require the smb stack for this LINUX Desktop).

Jeff Waugh: All of the major Linux desktop systems provide a method of using Windows and Samba file sharing. We support it because it is a major use case for many of our users, whether they are using a completely Linux based network or using Windows machines (servers or not) in their day to day activities.

Jaqui: Yet you insist on forcing installation of software that in 90 percent of the cases will not be required? That is crap on the system. The laptop utils, bluez-utils, samba server stack are crap on the system unless you are on a laptop, have Bluetooth devices and are running a SERVER with Windows workstations. (I know, the Samba server stack is gnome's fault, not Ubuntu's, I keep frying them about the concept also.)

Jeff Waugh: We don't ship the Samba server, and GNOME does not require it (if you'd like to talk about GNOME, let me know -- I was release manager for the last five years).

I don't agree that it's crap on the system. It takes very little space in real terms, and most users just don't care. It's not slowing anything down or getting in anyone's way. You've noticed it because you're interested in the details, but I don't think you're putting these things in perspective.

Jaqui: So a GNOME app makes use of tools that aren't needed in a Linux only environment...Oh wait, GNOME itself uses tools that are a waste of resources in a Linux only environment. No surprise that they add more resource waste to extra apps then.

Jeff Waugh: I think this is a mischaracterization. Firstly, we do not design Ubuntu for use in Linux-only environments (which are very rare). We design it to work in the kind of environments our users face every day, and that means we need it to be interoperable with a whole stack of different systems. In technical terms, if you're not using the smb support, no 'resources' are wasted. The smb support is actually provided by a separate binary which runs out of process, so if you don't need it, it's never executed.

I think that if you're interested in taking on these debates, you need to start using more relevant terms than 'resources'. Sorry.

Jaqui: Sorry, no desktop software requires the Samba server stack if it's worth using, why would a desktop be a server?

Jeff Waugh: It doesn't require the server stack running on the desktop machine.

Jaqui: I reread the description of libsmb, it's the server stack to allow windows desktops to connect, not as I originally stated to enable connecting to Windows servers.

Jeff Waugh: No, it's not. The libsmbclient is an interface for other software to use the CIFS/SMB protocols. It does not require the actual Samba servers running on the local machine. The Samba package is not part of our desktop seed (the default install packages).

Jaqui: My issue with GNOME isn't libsmbclient, it is libsmb, which is the server stack and absolutely required for GNOME.

Jeff Waugh: There is no such thing as libsmb, and again, whatever you're referring to is not the Samba daemons, which for Debian and Ubuntu are in the Samba package. You do not need to have any of the Samba daemons running to use CIFS/SMB services via the GNOME file manager or through its vfs features.

Jaqui: That is the issue, why is it a requirement instead of a recommended package? If it's required, the system will not function without it; that means that the help system runs it -- that means the desktop runs it.

Jeff Waugh: No, that is not the case. I will give you an example. We ship a program called nautilus-sendto, which provides a very cute little file-sending feature for our file manager. It interoperates with Evolution, GAIM, and Bluetooth devices, so you can send files by email, IM or to your phone. It uses the Bluetooth libraries to do so.

If you removed the Bluetooth libs, nautilus-sendto would also be removed. That is how things work. The only time those Bluetooth libraries are used or loaded into memory is when the nautilus-sendto program is invoked. However, there are also the very low level Bluetooth support daemons, which are run at bootup if you have any Bluetooth hardware on your system. So, in the case where you do not have Bluetooth hardware, no "resources" (really, RAM) are used to provide these features.

There are lots of things we include in Ubuntu that are requirements of the software we ship, but are not always running.

Jaqui: That means that, since Ubuntu uses GNOME, there are three active networking stacks: the kernel level stack for most network cards, the libsmb stack, and the bluez-utils stack for the GUI.

Jeff Waugh: This is hard to answer, because you are conflating things that are not at all related. The three examples you mention above are not in the same category of software, so you can't say that having all three is wasteful or unnecessary. They all provide vastly different functionality, and are all installed by default for very good reasons -- notably, hardware support out of the box, and interoperability.

59 comment(s)