Ubuntu Desktop Favorite Apps
Howdy Ubuntu, Working with Will Cooke (Canonical's Ubuntu Desktop Engineering Manager), we've put together a short survey for you, the Ubuntu community, as well as the broader Linux ecosystem at large. We're seeking your input on your favorite apps for the Linux desktop. You're welcome to engage in discussion here, or in any one of the following venues where we've cross posted this request, in the interest of the broadest possible engagement with the Ubuntu community at large: Google Forms Survey: - https://ubu.one/apps1804 HackerNews: - https://news.ycombinator.com/item?id=14819508 Reddit: - https://www.reddit.com/r/Ubuntu/comments/6on93z/ubuntu_1804_lts_desktop_default_application_survey/ Slashdot: - https://slashdot.org/submission/7250965/ubuntu-1804-lts-desktop-default-application-survey Cheers, Dustin Kirkland Ubuntu Core Developer Ubuntu Product and Strategy @dustinkirkland -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Updater can't update kernel due to disk space
On Thu, Jan 15, 2015 at 9:12 AM, Adam Conrad wrote: > > On Thu, Jan 15, 2015 at 08:37:00AM -0600, Dustin Kirkland wrote: > > > > Around that time a few years ago, I wrote the "purge-old-kernels" command ( > > http://manpg.es/purge-old-kernels), which does a very effective job of > > saving > > your current kernel, and one other known working kernel, while deleting the > > rest. I was working on getting that into the distro (and out of the > > bikeshed > > package), but Adam Conrad told me that apt would fix this, itself. I've > > CC'd > > Adam. Can you advise us, Adam? > > apt does do this itself (via 'apt-get autoremove'), the missing puzzle > piece is that none of the friendly upgraders (like update-manager) do > automatic autoremove runs. It's probably time to revisit this policy. Aha! So I have autoupdate enabled, which keeps my packages (and kernels updated). But in the process, that basically guarantees that my disk will get filled, automatically, given enough time That's definitely not ideal! Let's do revisit this :-) > I can see several ways "power users" can shoot themselves in the foot > with autoremove, but no way that "normal people" can, and I'm not sure > catering to people who think they're clever doing unclever things is > the right default. Autoremoving kernels, when you have lots of them, and as long as you keep your current one (and one other known good one), should be very safe, for almost any user. > CCing Michael for opinions. > > ... Adam > -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Updater can't update kernel due to disk space
On Wed, Jan 14, 2015 at 3:39 PM, Alan Pope wrote: > On 14 January 2015 at 16:49, Chris Knutson > wrote: > > This is not a support request. I have no problem cleaning up my system. > > > > My mother should never have to do this if she wants to run Ubuntu. > > > > +1 > > The default installation on a Dell XPS 13 (a flagship device we > promote) has a separate /boot partition which runs out of space once > you have used it normally for some months. I have a few friends who > own them and I've personally "fixed" it for them more than once. The > error messages aren't clear, and don't advise what to do in this > situation, it requires a technical 'expert' to resolve. > > It's also the case if you choose the default partitioning scheme with > encrypted disk. So it's not a niche corner case (in so much as > installing Ubuntu or buying an Ubuntu machine is niche already) but a > common enough problem that we should fix properly and not work around > with arcane command line tools. > It's not just Desktops. I have Ubuntu Server instances in the Cloud, with very tiny root disks, one of which has run for several years, autoupdating, and accumulated 37(!!) kernels, which filled up its 8GB root partition. Around that time a few years ago, I wrote the "purge-old-kernels" command ( http://manpg.es/purge-old-kernels), which does a very effective job of saving your current kernel, and one other known working kernel, while deleting the rest. I was working on getting that into the distro (and out of the bikeshed package), but Adam Conrad told me that apt would fix this, itself. I've CC'd Adam. Can you advise us, Adam? Thanks, Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu One needs cloud encryption like LastPass does it
On Thu, Mar 22, 2012 at 6:38 PM, Martin Pool wrote: >> ...but then you wouldn't be able to interact with your data beyond >> your own computers. >> Ubuntu One's focus is to make it more convenient, access your files >> from anywhere (including the website), stream your own music, share >> your files, and well, more to come in that direction. > > > For photos, being able to share them online is highly useful; for financial > documents I don't want to share them and there is no useful web view, and I > care much more about keeping them confidential. > > It would be nice if I could use just one tool/service and choose on a > per-folder basis whether to encrypt the files. (Of course I realize options > have a cost, in development time, complexity, ui, bugs...) > > I guess you can stack ecryptfs on top of u1. Actually, you cannot... eCryptfs, itself, is a stacked filesystem, and it does not stack well on top of other stacked filesystems (NFS, Samba, AUFS, etc). Tyler (on CC) can provide more details, if you're interested. What you can do, however, is use eCryptfs to encrypt all of $HOME or just $HOME/Private (where you might choose to store your financial documents but not your photos), and then have U1 sync your underlying encrypted data, which is symlinked into $HOME/.Private/. I've heard from several people using U1 in this manner, though I haven't myself. It's been a really long time since I tried U1 (sadly, it didn't sync/preserve symlinks last time I played with it and I think my bug on it was marked won't-fix). -- :-Dustin Dustin Kirkland Ubuntu Core Developer -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Proposal to delay release of Precise Pangolin
On Tue, Oct 18, 2011 at 9:15 PM, nick rundy wrote: > Canonical/Ubuntu, please don't feel obligated to release Precise Pangolin in > April 2012. A delayed release would strengthen stability and allow more bugs > to be fixed in both Unity and GNOME 3.2. > > Considering the "long-lived" nature of an LTS release, it would be > preferable if Precise Pangolin was delayed a month or two (or more) than for > it to be released on time with visible bugs. There are so many bugs that > plague Oneiric. Many exist in GNOME 3.2. Perhaps Precise could be delayed a > month or two and Ubuntu developers could fix some of the "minor" bugs > plaguing GNOME 3.2? > > Although ranked as "minor," some of these bugs have existed for years and > really hurt the usability of Ubuntu. For example, please see bug > https://bugzilla.gnome.org/show_bug.cgi?id=552093 and take a look at the > screenshots posted by the bug's commentators. John Strandberg recently > posted a screenshot of Oneiric that highlights how much this bug hurts > productivity. Yet the bug has existed for more than 3 years. Sadly, the same > can be said for many other bugs. > > I love Oneiric, but it has too many bugs. Please consider delaying release > and having Ubuntu developers fix as many bugs as possible for Precise, even > if it means fixing bugs that GNOME themselves should be fixing. > > I feel confident that the community will have no problem with a delay, even > if it means skipping a 6 month release for once. The integrity of the LTS is > worth it. https://wiki.ubuntu.com/PrecisePangolin/ReleaseSchedule So that sort of happens, with the LTS "dot" releases :-) The 12.04.1 (the first of the "dot" releases") is scheduled for 23 August 2012, which is about 4 months after the 12.04 release (26 April 2012). The "dot" release is, in fact, a bug-fix and hardware-enablement only release cycle. Realistically, some enterprise server and corporate desktop users won't upgrade until that first "dot" release. For those interested in stabilization and quality assurance of Ubuntu 12.04, we'd very much invite you to get involved with your friendly Ubuntu QA, SRU, and LTS dot release teams! Cheers, -- :-Dustin Dustin Kirkland Ubuntu Core Developer -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Brainstorming for UDS-P
On Wed, Sep 28, 2011 at 5:39 AM, Colin Watson wrote: > On Wed, Sep 28, 2011 at 07:52:39AM +0200, Martin Pitt wrote: >> Scott Kitterman [2011-09-28 1:33 -0400]: >> > Will we sync from Testing or Unstable this cycle? >> >> My feeling is that syncing from testing served us well for the last >> LTS, and Debian is not in a freeze which would force unstable to calm >> down, so I would go again for autosyncing from testing, and letting >> developers manually sync from unstable at will. Now that this is by >> and large a self-service, this should work even better than in lucid. > > I agree. Another +1 (from the Server side). -- :-Dustin Dustin Kirkland Ubuntu Core Developer -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Oneiric Feature Freeze - reset to 2100 UTC
On Thu, Aug 11, 2011 at 11:31 AM, Kate Stewart wrote: > Dear Developers, > > Feature freeze[1] for Oneiric was scheduled for 1800 UTC today. > To those of you who have finished your new feature uploads - > Thank you!! :) > > Due to some last minute churn, it seems prudent to adjust the time > to 2100 UTC. After 2100 UTC, Feature Freeze exceptions[2] will be > requested for new features to be included in Oneiric Ocelot. Awesome!!! Any chance of making that time change permanent? It's a little tough in the western hemisphere to only get a half-day of development on freeze days.... -- :-Dustin Dustin Kirkland Ubuntu Core Developer -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: SOC like program for ubuntu
On Thu, Jun 9, 2011 at 12:43 PM, Gaurav Saxena wrote: > Hello > > On Wed, Jun 8, 2011 at 10:09 PM, Jan Claeys wrote: >> >> Robbie Williamson schreef op wo 01-06-2011 om 10:54 [-0500]: >> > > I don't have much experience of working on large projects like that >> > > and this >> > > is also a reason why I want to contribute to open source and to >> > > contribute >> > > to my favourite open source software would be a wonderful experience. >> > > It >> > > would be great if the community support my idea and it will be great >> > > if >> > > possible that I could get a mentor for such type of project and a >> > > certificate of completion for my academic benefit. >> >> > An official certificate might be difficult, however I'm sure whomever >> > you work with would be willing to provide an email certifying your >> > participation. Again, since the work is in the open, the need for a >> > certificate of proof is much less ;). >> >> A official-looking certificate might still be nice, at least according >> to the following talk given at LGM 2010 last year: >> >> http://river-valley.tv/how-to-get-contributors-to-your-freelibreopen-source-project-from-vietnam-and-asia/ >> >> She explains that in some countries/cultures it's important to have >> something to show to your family, as they are paying for your studies >> and want to know why you are working without getting anything in return, >> either money (a paid job) or certificates (e.g. a school, or an open >> source project). > > > Thanks a lot for considering my request. > Could you suggest me how can I start working on the projects related to > ubuntu . :) 60 seconds of searching through Google reveals step-by-step processes for each of a number of different teams... * https://wiki.ubuntu.com/MOTU/GettingStarted * https://wiki.ubuntu.com/ServerTeam/GettingInvolved * https://wiki.ubuntu.com/SecurityTeam/GettingInvolved * https://wiki.ubuntu.com/DesktopTeam/GettingStarted * https://wiki.ubuntu.com/Testing#How%20do%20I%20get%20involved? There are *so* many avenues to getting involved with Ubuntu it's perhaps overwhelming. I suggest picking one of those teams above (or one of many others), and trying to find your niche. -- :-Dustin Dustin Kirkland Ubuntu Core Developer -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Run From Pocket Drive Installer Option?
On Thu, Nov 18, 2010 at 5:55 PM, Jono Bacon wrote: > On Thu, 2010-11-18 at 17:50 -0600, Dustin Kirkland wrote: >> We could probably just detect if you have a persistence file on the >> media, and if there's anything of value in it, and if so, then change >> the verbiage from "Try Ubuntu" to "Launch Your Live Ubuntu" or >> something more appropriate. > > I think that would work great. Is this specced out in anyone's planned > work? I bet you could just poke Evan and file a single bug. It honestly doesn't sound like anything monumental. I could be wrong, though. The final wording should probably be passed by mpt, too. Evan? :-Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: SSH and the Ubuntu Server
On Thu, Nov 18, 2010 at 9:30 AM, Colin Watson wrote: > (Please, in future, do not cross-post between the moderated ubuntu-devel > and the unmoderated ubuntu-devel-discuss. Doing so produces time lags > which confuse people.) Dang. Sorry, Colin. Live and learn. > On Wed, Nov 17, 2010 at 03:38:53PM -0600, Dustin Kirkland wrote: >> I am asking for ubuntu-devel's consensus, and an eventual Ubuntu >> Technical Board approval of a new prompt in the Ubuntu Server ISO's >> text-based installer, which would read something like the following: >> >> -- >> | If you need a secure connection to this >> | server remotely, you may wish to install >> | the openssh-server package. Note that >> | this service will open TCP port 22 on >> | your system, and you should use a very >> | strong password. >> | >> | Do you want to install the SSH service? >> | >> | [[YES]] [no] >> -- >> >> Rest assured that the exact text will be word-smithed by an >> appropriate committee to hash out an optimum verbiage. > > Without wishing to express any opinion either way: this is an > excessively painful choice of implementation. If you want to default it > to yes, it would be sufficient, and much easier (take it from me, I'm > the one who gets to deal with the translation merge workload when you > guys add questions ...) to check the "SSH server" entry in tasksel by > default. > >> These key points map to the following considerations: >> 1) the current option to install SSH on Ubuntu servers is buried in >> the tasksel menu > > No, it's not. In Maverick it was arguably buried. In Natty, it is the > very top entry on the tasksel menu, and the cursor rests on it when you > reach that screen. Right, that's a great change. Makes it more obvious. I can concede your point that adding the proposed page to the installer would create work for you, which of course, is not my goal. I would gladly revise this proposal to simply: * Automatically 'tick' OpenSSH Server by default on the Server Tasksel screen Which would also sit there and wait for the user to consciously affirm their selection, and would avoid the countless server installations where people forget to install SSH and must make their way back to a console on their newly installed system and add the openssh-server package. :-Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: SSH and the Ubuntu Server
On Thu, Nov 18, 2010 at 10:00 AM, Serge Hallyn wrote: > Quoting Clint Byrum (cl...@ubuntu.com): >> On Wed, 2010-11-17 at 15:38 -0600, Dustin Kirkland wrote: >> >> > >> > This proposal requests that: >> > 1) a new prompt be added to the Ubuntu Server installer >> > 2) this prompt be dedicated to the boolean installation, or >> > non-installation, of the SSH service, as an essential facet of a >> > typical server >> >> +1 for adding this prompt >> >> > 3) the cursor highlights the affirmative (yes, please install SSH), >> > but awaits the user's conscious decision >> > >> >> -1 for having it default to Yes. > > Forgive me if the answer is obvious - but how is this any > better then than simply expecting users to click 'ssh server' > in the tasksel window which always comes up? It's not any better, Serge. :-( :-Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: SSH and the Ubuntu Server
I inadvertently left ubuntu-server@ off of the original distribution. Sorry about that. CC'ing now. There are a few responses already in the thread: * https://lists.ubuntu.com/archives/ubuntu-devel/2010-November/thread.html Thanks, Dustin On Wed, Nov 17, 2010 at 3:38 PM, Dustin Kirkland wrote: > Ubuntu has long maintained a "no open ports by default" policy. This > conservative approach arguably yields a more secure default > installation. Several exceptions have been granted to this policy, > which install services on the target system without the user's > explicit consent, but in the calculated interest and support of a > vastly more usable Ubuntu. > > Let me be clear: I am NOT requesting that sort of an exception. > > I am asking for ubuntu-devel's consensus, and an eventual Ubuntu > Technical Board approval of a new prompt in the Ubuntu Server ISO's > text-based installer, which would read something like the following: > > -- > | If you need a secure connection to this > | server remotely, you may wish to install > | the openssh-server package. Note that > | this service will open TCP port 22 on > | your system, and you should use a very > | strong password. > | > | Do you want to install the SSH service? > | > | [[YES]] [no] > -- > > Rest assured that the exact text will be word-smithed by an > appropriate committee to hash out an optimum verbiage. > > This proposal requests that: > 1) a new prompt be added to the Ubuntu Server installer > 2) this prompt be dedicated to the boolean installation, or > non-installation, of the SSH service, as an essential facet of a > typical server > 3) the cursor highlights the affirmative (yes, please install SSH), > but awaits the user's conscious decision > > These key points map to the following considerations: > 1) the current option to install SSH on Ubuntu servers is buried in > the tasksel menu > - SSH is more fundamental to a server than the higher level > profile selections for: > DNS Server, Mail Server, LAMP Stack, Virtualization Host, etc. > 2) users of the installation ISO will have the option to not install > SSH, as they so desire > - it is quite well understood that some users may not want SSH > installed on their server > 3) highlighting the "YES" option on this page is absolutely essential > to addressing this usability issue > - and that selection is easily overridden by hitting , > or by experienced admins in preseed configurations > > Please consider that the very definition of a "server" implies that > the system is running a "service". Moreover, our official Ubuntu > Server images as published for the Amazon EC2 cloud are, in fact, > running SSH by default listening on port 22 on the unrestricted > Internet (the 'ubuntu' has no password), and the Ubuntu Enterprise > Cloud installation by the very same ISO installs SSH on every every > UEC system deployed. This is not unprecedented. > > Having discussed the proposal with a subset of this audience (at UDS > and in IRC), here are some known FAQs: > > Q: WTF?!? Ubuntu has no open ports by default! > A: That depends on which "Ubuntu" you mean. Ubuntu-in-the-cloud runs > SSH. Ubuntu-as-the-cloud runs SSH. Ubuntu desktops run avahi. Most > importantly, this is not a "run by default" proposal. We have already > compromised on that subject, culminating in this proposal, which is > simply about providing Server users with an obvious way to install the > typically essential SSH service. > > Q: Why not default the cursor on that question to "No", instead of "Yes"? > A: That totally bypasses the value of this proposal, and is only > microscopically better than what we currently have, where Ubuntu > Server users must go out of their way to add one of the most > fundamental packages to almost any server installation. The proposal, > as it stands, is already a compromise from the original suggestion at > UDS; which was, "if you're installing a server, you're expecting to > run a service, so let's just install SSH by default". That idea is > entirely out of scope now. We are proposing this installer question > as a reasonable compromise. > > Q: What if the openssh-server package is compromised on the ISO? > A: Although this has happened before, it is relatively rare over the > history of Ubuntu. If/when this happens again, we would need to: > a) recommend that people choose "no" when prompted, and install > SSH post-in
SSH and the Ubuntu Server
what's shipped by default in Ubuntu, before running sshd? A: You sound like an advanced user; please preseed your installation, or add SSH after the initial install (as you would do now). Q: Do we have to add another question to the Server installer to accomplish this? A: Actually, we don't. We could possibly simplify or remove a couple of other questions. That discussion belongs in another thread, though. Sincerely, Dustin Kirkland Ubuntu Core Developer | Server Team | Guarded Gorilla http://bit.ly/5-gorillas -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Split all documentation into their own packages
On Sun, Sep 26, 2010 at 5:57 PM, Gonsolo wrote: > I own a web server with tight space (1GB). Over 300MB are in /usr, > over 25MB in /usr/share/doc. I'd like to remove all files in > /usr/share/doc but unfortunately it is not as easy as removing all > -doc packages. > > Is it possible to set up a policy that all packages that have files in > /usr/share/doc should be -doc packages and split from the main > package? Also, note that you can "wget http://manpages.ubuntu.com/dman";, make it executable, and then use 'dman [foo]' to remotely retrieve each given manpage from the web. Thus, you could remove all of /usr/share/man and just use 'dman' to pull manpages from the web on demand. I have packaged this tool and will be uploaded it for Natty (with a couple of other interesting hacks). :-Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Suggestion: Leaky temp directory with encrypted home directories
On Fri, Jul 2, 2010 at 10:16 AM, Sindhudweep Sarkar wrote: > Possibly, but for those really interested in preventing leaks, using ram is > no help either. > > A fair number of attacks using liquid nitrogen or other cryogenics have been > done recently. If that's what you're concerned about, then neither eCryptfs nor any other disk encryption mechanism for Windows, Mac, or Linux is going to help you. Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Suggestion: Leaky temp directory with encrypted home directories
On Fri, Jul 2, 2010 at 9:22 AM, Ansgar Burchardt wrote: > Hi, > > Dustin Kirkland writes: > >> However, it's worth mentioning that /tmp is wiped on every boot in >> Ubuntu. For this reason, I usually put my /tmp in a tmpfs in memory >> (on systems where I have a few GB of memory). Add this line to your >> /etc/fstab: >> tmpfs /tmp tmpfs rw >> >> This ensures that the data written to /tmp is never actually written >> to disk. I think this is an excellent best-practice for the security >> conscious. > > This is not always true. Contents of a tmpfs can be swapped to disk[1] > and you might thus leak information when you rely on the fact that > contents of a tmpfs will never be written to permanent storage. If you setup your encrypted home in the default manner, you automatically have encrypted swap. $ cat /proc/swaps Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Suggestion: Leaky temp directory with encrypted home directories
On Thu, Jul 1, 2010 at 2:55 PM, Rob King wrote: > Hello everyone, > Ubuntu's encrypted home directory feature is quite useful, and a good way > of increasing the security and privacy of information. > However, the scheme is a little "leaky". Applications still use the > default system-wide temporary directory (/tmp), which is not encrypted. For > applications that store things in the temporary directory, this can cause > leaks of sensitive information outside the encrypted home directory. For > things like Deja Dup, this can cause the entire contents of the home > directory to be copied into an unencrypted area. > I would suggest that, when a user enables the encrypted home directory > feature, the TMPDIR directory is set to a temporary directory inside that > user's home directory. This could easily be done in desktop sessions by > modifying ~/.xsessionrc. I'm not sure how easy this would be for > command-line logins. I agree that programs which leak truly sensitive nature to /tmp should be fixed. Please file a bug in Launchpad for each and every program you find that leaks sensitive data to /tmp. However, it's worth mentioning that /tmp is wiped on every boot in Ubuntu. For this reason, I usually put my /tmp in a tmpfs in memory (on systems where I have a few GB of memory). Add this line to your /etc/fstab: tmpfs /tmp tmpfs rw This ensures that the data written to /tmp is never actually written to disk. I think this is an excellent best-practice for the security conscious. :-Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Booting and login - why are users not logged in automatically?
On Wed, Mar 24, 2010 at 12:14 PM, Derek Broughton wrote: > Phillip Susi wrote: > >> On 3/24/2010 10:13 AM, Alan Pope wrote: >>> That still wont guarantee access to user files. If you use ecryptfs >>> (the default encryption system for /home on Ubuntu live CDs) then even >>> having physical access won't give you immediate access to files in the >>> user home directory. >> >> I didn't think auto logon was an option if you were using encryption... >> at least it's a very bad idea since it defeats the purpose of encryption >> in the first place. Most people don't use that though, so... > > I'm having some trouble imagining how auto-login would even work with > encrypted filesystems - auto-decryption, too? It doesn't work. As it shouldn't work. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Booting and login - why are users not logged in automatically?
On Wed, Mar 24, 2010 at 10:10 AM, Didier Roche wrote: > Le mercredi 24 mars 2010 à 10:20 -0400, Phillip Susi a écrit : >> On 3/24/2010 10:13 AM, Alan Pope wrote: >> > That still wont guarantee access to user files. If you use ecryptfs >> > (the default encryption system for /home on Ubuntu live CDs) then even >> > having physical access won't give you immediate access to files in the >> > user home directory. >> >> I didn't think auto logon was an option if you were using encryption... >> at least it's a very bad idea since it defeats the purpose of encryption >> in the first place. Most people don't use that though, so... >> > > There is only 3 cases (if you think about home encrypted directory > covered in ubuntu installation, not other stuff like entirely encrypted > partition as it assumes you will have to enter a passord in any case, so > out of scope): > - no autologin and no encrypted home: default desktop, makes sense. But > if someone has a physical access to your machine, you're screwed. > - autologin and no encrypted home: case of default ubuntu netbook > installation. Well, you're also screwed as in case #1 if someone has a > physical access to the machine. > - no autologin and encrypted home: you're safe. Maybe should be the > default on netbook? Too late for changing that in lucid in my opinion. > Can be discussed for +1 > > autologin and encrypted home: epic fail. Don't work as the password is > used to decrypted home with ecryptfs. :) > I'll add a check in the following days in gdmsetup to avoid setting an > user using encrypted home as default. Didier's analysis here is accurate (except that any discussion of using encryption by default will be riddled with argument and flamewars and I want no part of that). When we designed and added the 3rd option (require-password-and-encrypt) to the first two (auto-login, require-password), the idea was to provide 3 levels of security, defaulting to the middle one. * auto-login - easy, simple, totally insecure which may not matter to everyone * require-password - traditional unix/linux/windows/mac login procedure, a bit of additional security, allows for multiple users * require-password-and-encrypt - no more difficult than require-password, but highly secure data protection, requires the user record or escrow an additional passphrase, costs a minor bit of extra CPU usually non-noticeable I think the radio button is in the correct location for now, and users can either lower their security or raise it depending on their use case. Some netbooks/laptops never leave home and thus don't need additional security. Others travel the world and hold confidential information. Select the option that makes the most sense for you! :-Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Upstart
On Sun, Mar 7, 2010 at 2:21 PM, Tom H wrote: > Patrick's two Upstart posts reminded me of 2.5 queries of my own. > > 1. Why does /lib/init/upstart-job direct us to use service rather than > initctl? Because /usr/sbin/service can handle the start/stop/restart/status actions of both traditional System V init scripts in /etc/init.d as well as Upstart scripts in /etc/init. It's intended to be one-stop-shopping for managing services in either /etc/init.d or /etc/init. > 999. Could initctl be made to recognize, for example, both > avahi-daemon and avahi-daemon.conf? (If I am in /etc/init - it is rare > but it happens - and type "stop av//tab//", I end up with "stop > avahi-daemon.conf" which, after pressing //enter// results in an > "unknown job" message.) As answered above, that's service(8)'s job ;-) :-Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Google Earth Package
On Mon, Mar 1, 2010 at 8:19 AM, Michael Forrest wrote: > I'm trying to track down the maintainer of googleearth-package as it seems > like something kinda fun for people to know about. You can find the full changelog in Launchpad here, complete with times and dates of who change it last, and when, and email addresses thereof: * https://launchpad.net/ubuntu/+source/googleearth-package/+changelog You can also use: $ apt-cache show googleearth-package to display who the maintainer is, and other meta data about the project. Cheers, :-Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Patch for qemu
On Thu, Feb 11, 2010 at 8:18 AM, Benjamin Drung wrote: > Am Sonntag, den 07.02.2010, 21:15 +0200 schrieb Shahar Havivi: >> Hi, >> I have a patch to Qemu regarding bug >> https://bugs.launchpad.net/qemu/+bug/427612?redirection_url=https://bugs.launchpad.net/qemu/%2Bbug/427612 >> >> Where do I send the patch? > > Where do you want to send it? Do you want to send it upstream (to the > QEMU devs or Debian) or do you want to know how to get the patch > included into Ubuntu? As maintainer of the qemu-kvm package in Ubuntu, I would appreciate it if you would send this patch to the qemu-de...@nongnu.org mailing list, and CC me on it. If upstream has no objections to the patch and they add it to their git tree, I will gladly apply it to the Lucid qemu-kvm package and upload. Please note upstream's standards on submitting a patch and coding style. You are going to need a signed-off-by line too. http://wiki.qemu.org/Contribute/StartHere :-Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Dual Core CPU not seen after an upgrade to Karmic
On Wed, Jan 27, 2010 at 4:28 PM, David MENTRE wrote: > After an upgrade of my dual core AMD 4050e machine to Karmic, the > second core is no longer seen (/proc/cpuinfo shows only one CPU). I > have never seen this issue with Jaunty. > > Is this a known issue? Should I report it? To which package? No idea if this is known already, or seen, but you would report this against the "linux" package, which is the kernel itself. :-Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: How to report a feature request and receive mentoring
On Sat, Jan 23, 2010 at 5:16 PM, MPR wrote: > I'd like to have a new feature added to Ubuntu when the Calibre ebook > manager software is installed, but I do not know the proper procedure > for making the feature request or getting help adding it myself. I > looked at the details for the package with hopes of emailing the > package maintainer, but it listed this mailing list as the maintainer. > > The specific feature I would like is for Ubuntu to be aware of my > ebook reader when the Calibre package is installed. If I connect my > ebook reader, I want Ubuntu to open a window and say "It looks like > you added an ebook reader." and ask me if I would like to open > Calibre, or configure it to always open it. I would also like the > ebook reader icon to look different than the generic USB device icon > as it does now. All of these things are done when I connect a music > player, such as an ipod, so I know it can be done. > > What is the process for requesting this new feature? I would like to > try implementing the changes myself, but I will require an experienced > Ubuntu developer to help mentor me. How can I request mentoring for > such a project? Hi MPR- So I can't offer to mentor you for this project, but I can point you to a few tools that we use as developers when working and collaborating on a feature such as this. First, file a bug in Ubuntu, noting that this is a wishlist request. * https://bugs.edge.launchpad.net/ubuntu/+source/calibre/+filebug Assign the bug to you, mark the status and priority appropriately (as much as you have permission to do so anyway). Track your progress on the bug there. Attach patches (or ideally bzr branches) with your work in that bug. If this feature is actually a collection of a bunch of separate bugs, or affects multiple projects, file a Blueprint in Launchpad. * https://blueprints.edge.launchpad.net/specs/+new In this Blueprint, you can discuss your goals (as you have above), as for other contributors to subscribe, provide feedback, help out, etc. You can also link the one or more bugs and bzr branches against the blueprint. Note that it's getting a bit late in the Lucid development cycle (Feature Freeze is fast approaching) for major changes. But if you have a well formed blueprint, you'll be well on the way to getting something like this into Lucid + 1. Finally, if you're looking for mentoring, you might ask in #ubuntu-motu, as that's where most people go with new-developer type questions. The expertise there is mostly packaging-level, but you will hopefully get good pointers of all kinds from that channel. Hopefully this helps. :-Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Security vulnerabilities in default Ubuntu install boot process
On Mon, Jan 4, 2010 at 6:06 AM, Patrick Freundt wrote: > On Mon, Jan 4, 2010 at 12:43 PM, Martin Pitt wrote: > >> > This is clearly insecure. > >> Not really: > > Yes. > > And I would hope for a wiki article that explains how encrypted > filesystems protect you from these risks, instead of attempting to > argue whether these risks exist. Such articles abound. One such article discussing in great detail how you might encrypt your home directory in Ubuntu is here: * http://www.linux-mag.com/cache/7568/1.html Beyond this, you can use the Server or the Alternate installer to encrypt your entire drive using LVM. * https://help.ubuntu.com/community/EncryptedFilesystemLVMHowto And I agree with the security team's assessment -- if an attacker has physical access to your hard drive, encryption is your only real protection. Adding a password to Grub/Grub2 simply means that the attacker needs to have a screwdriver at their disposal. :-Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Introduction to Ubuntu Distributed Development
On Thu, Dec 17, 2009 at 10:40 AM, Scott James Remnant wrote: > On Thu, 2009-12-17 at 10:55 -0500, Adrian Perez wrote: > >> I think Git is better suited than Bzr for the job, and I don't make to >> make it personal. >> > If you think Git is better suited, please demonstrate it by building up > an equivalent infrastructure that has been built up around bzr, so fair > side-by-side comparisons can be performed. > >> It's true that there's an infrastructure set up, but I think the idea of >> voting is letting the community decide for itself, and don't impose us a >> tool which might not be the preferred choice for most of our developers. >> > Right now, that vote would be: > > ( ) continue using the existing apt-get source infrastructure, and > contribute by sending debdiffs around; merge from Debian by hand, > etc. > > ( ) use the new bzr infrastructure, contribute directly to revision > control branches, merge using native merge support There's also, as James mentioned, the git-bzr and hg-bzr projects. If there are people that really, really want to issue git commands (it certainly sounds like there are), instead of bzr commands, I can understand that. If you're in this camp, please consider contributing to the translation-layer projects, such that you can happily work in your git world with git commands, but when you're ready to push your work, push it through the translation layer, and let it land in the Launchpad/Bazaar backed repositories, which are currently well-integrated tools. :-Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: CLI friendliness
on Wed, Nov 11, 2009 at 1:26 PM, Shentino wrote: > Most of my important work is done on command line, and personally, I like > nothing better than a snappy full-screen VT. > > Typical uses: > > * MUDs > * SSH > * Kernel development > > Generally, how friendly is ubuntu planning to be with users like me? As Daniel also mentioned, I think you might well find Byobu useful on the command line, as it provides a very handy window manager entirely in a text based manner. :-Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: artwork
On Sat, Oct 24, 2009 at 6:18 PM, coz DS wrote: > Hey guys, > I had been on the art team for a number of years. > I am really surprised that some of the artwork, ie,,,boot splash and > splash screen with progress bar , were able to be considered let alone > actually used. > I have to tell you that that the choices for these images and colours > are completely not ubuntu in any way and certainly the worst choice. > When booting into karmic, the white ubuntu symbol should have had the > colours gradually fill it in as a progress bar...and the following boot > splash the ubuntu logo certainly should have had color and the background > for that image most definitely should NOT have been used...it implies a > dark..albeit muddy,, theme is going to be default system theme. > I have seen none of the major distributions have any > inconsistencies...including ubuntu...with graphics during install..or > boot..as radical and inappropriate as karmic has. > Who ever has made these decisions is most likely a developer and there > are NO developers capable of making final choices for anything without > discussing the options with at least one "qualified" artist. > Creating and deciding on graphics , especially for a distribution as > globally used as Ubuntu, takes as much skill and time and mental > capabilities as it does to code "any" application...or DE..and any of the > developers who think otherwise should be kept as far away from decision > making about graphics permanently!!! > To mr shuttleworth,,, if you are making final decisions then you need to > pull yourself away from graphics altogether and let the art team back in as > official...if on the other hand you are relying on an "artist" at cononical > to make these final decisions ,, then please give them their walking papers. > coz I tried very hard to ignore this bait, but I am going to bite... First, before sending an email criticizing aesthetics, I would pass my own text through a spell checker and carefully examine the format of the composition. Second, it is a gross miscalculation to assume that all software developers are necessarily art-challenged. Many of our own Ubuntu core developers are quite accomplished photographers, musicians, dancers, writers, and artists. Third, open criticism of the appearance of the Ubuntu development branch is most certainly welcome. However, please consider that these splash screens have been in the present form for several months now. To provide this sort of feedback in an inflammatory manner days before the release is hardly constructive. This feedback might have been quite useful around UserInterfaceFreeze, over a month ago: * https://wiki.ubuntu.com/KarmicReleaseSchedule Please keep this schedule in mind for our next release: * https://wiki.ubuntu.com/LucidReleaseSchedule Finally, to call for someone's job over artwork that does not suit a particular taste is rather insulting. I am a developer on the Ubuntu Server Team for Canonical, somewhat distanced from our artwork and user interface teams. However, I do know that these are brilliant people, who are working hard to make Ubuntu a beautiful collection of software. Your friendly Ubuntu developers are in fact real humans, with spouses, children, families. Heck, most even have feelings. We would do ourselves a service to remember this, before lobbing grenades over the wall. :-Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Apache Maven to be removed from Karmic?
On Thu, Oct 15, 2009 at 11:53 AM, John Moser wrote: > On Thu, Oct 15, 2009 at 11:09 AM, Alvin Thompson > wrote: >> First, as a Java developer I hope this doesn't happen as Maven is pretty >> much required for Java development (at least in the U.S.). > > I laughed. > > Your pet project is NOT "pretty much required for X" in any global > scope. I've hardly seen any Java shops, and the ones I did... well > I've never seen Maven. Most of the bigger shops are moving to the > next buzzword anyway: .NET (why the hell do people do this?) Hi John- I'm not a Java developer, but I certainly know of Maven. It is as essential to Java programmers as Make is to C programmers. I can't weigh in on the discussion about removing Maven, but I don't think it's appropriate to attack Alvin for stating his support of Maven in Ubuntu. :-Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: This new "report bugs using ubuntu-bug" requirement is a mess!
On Sun, Oct 4, 2009 at 1:55 PM, Chris Coulson wrote: > It isn't completely enforced though. There is a link on the wiki page > that you are redirected to, which you can use to avoid the redirection > and submit a bug normally through the web interface. Append this to the report-bug URL: ?no-redirect :-Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss