I
recently decided to take a look at Ubuntu Linux, I found several
problems during the install and with the configuration and default set of
packages. I decided to raise the configuration and default package issues with
representatives of Ubuntu Linux via e-mail.

The
email interview / conversation with Jeff Waughis below. Jeff Waugh is
a member of the UbuntuLinux’s
Core
Development Team. The only editing I did of the e-mail exchange was layout
oriented; I grouped the related sections together, and removed the formatting
imposed by the email clients for readability. This still leaves the exchange at
about six pages in length (US Letter size). I have also added URLs where needed
for reference to items mentioned in the exchange.

Installation issues

The
issues I had during install were fairly straightforward; the real problem was
the steps I needed to follow to actually install Ubuntu
Linux.

The
version of the Parted partitioning tool that shipped with the Breezy Badger
release of Ubuntu Linux was incapable of ignoring
partitions it was told not to touch. I have a multi-boot system with multiple
distributions of Linux on it, Ubuntu’s version of Parted
choked on my Debian created partitions on my main hard drive. I had to remove
my primary hard drive from my system just to install Ubuntu
Linux.

While
the “eye candy” is there for Ubuntu Linux,
the decisions made by their development team do leave me the feeling that Ubuntu is seriously lacking in functionality. They strive
to achieve a broad range of hardware support out of the box, yet one such tool
actually creates conflicts with hardware of the type it is specifically meant
to support. The Laptop-utils package destroys Dell batteries for laptop
computers, it creates conflicts with Dell laptops, yet Laptop-utils is absolutely required, you
have to accept a 75 percent reduction in functionality of your laptop when not
connected to a wall socket or use a different distribution of Linux. (It really doesn’t make sense to require
laptop tools for a desktop system.) Editor’s note: Ubuntu developers dispute the accuracy of this statement.

The
logic of requiring support for hardware that isn’t present on a desktop system
fails me, if anything this hardware support should be optional. The real issue
behind this, by requiring support for hardware even if it isn’t present, is
that they consume system resources for no purpose. When a library is required
by a package, it has RAM allocated when the package is started, then the
library is also loaded into RAM at this time, to ensure it can be.

While
it may be swapped into the swap partition if it isn’t used, the RAM allocated
for it is not released until the application closes, every mouse click is
checked to see if it is calling a function supplied by that library (CPU time gone to support non-existent
hardware). If you did call for a function that library supplies, without
the hardware it supports, all you have done is cause an error message to be
generated.

One
issue that really makes no sense is the requirement to update all installed
packages, even if one of the packages will be uninstalled as soon as the system
allows you to, you have to update it first.

Imagine
my surprise when the second worst browser can’t be removed without crashing Ubuntu Linux. I do not use Firefox, since I detest the user
interface, my reason being if I want Internet Explorer I’ll install it via Crossover
Office or WIne. Firefox was designed to look and feel
like Internet Explorer, which is enough to have me not use it.

I
personally will not use the default GUI for Ubuntu
because GNOME has decided that it doesn’t work right unless you
have connectivity to MS servers. In my Linux-only environment this is a
complete waste of resources, identical to the use of Laptop-Utils
and Bluetooth-Utils mentioned above.

The Interview

Jaqui: Synaptic wouldn’t accept a root password. What good is a GUI for
aptitude if you can’t start it?

Jeff Waugh: On Ubuntu, we disable the root
account and provide the first user with full sudo administrative rights. So
you just need to enter your account password when running any of the
administrative tools. You’ll note that the installer never asked you to provide
a root password. 🙂

Jaqui: It did ask for administrator password, I was presented with four
password entry screens, and I put in two different passwords, one for root and one
for a non-admin user.

Jeff Waugh: Did you do the “expert” install? It’s not
recommended, because it’s a huge waste of time.

Jaqui: No, I just let the installer run.

Jeff Waugh: If you just ran the installer as usual, then you were not
asked to provide a root password.

Jaqui:Bluez-utilities are REQUIRED??? WHY? I
do not have any Bluetooth devices so it’s a complete waste of system resources.

Jeff Waugh: We support a lot of hardware out of the box and provide the
tools to use it. If you don’t have any Bluetooth hardware, no resources are
wasted, because it’s not in use. (So sure, it uses space on your disk, but not
much at all.)

Again, we support a lot of hardware out of the box. This is a
tiny, tiny package (smaller that all the other laptop hardware support
utilities that we include), so I would not regard this as ‘pure stupidity’. It
is not used if you do not have hardware that requires it.

Jaqui: But it should not be a dependency then; it should be a recommended
but not required package. Few distributions require it to be installed or fail
installation. And if there is no hardware that uses it, then it should be
allowed to be removed. By requiring that laptop utilities be installed you are
saying your users are too stupid to know what their hardware is.

Jeff Waugh: No, we’re not saying users are stupid. We’re
understanding that in large part, they just don’t care about those
details. They just want it to work. Remember that Ubuntu
is *only* one CD. We’re doing a lot better at keeping things to a minimum than
Apple, Microsoft, and Linux distributions, while having awesome hardware
support, and a great out-of-the-box experience.

Remember, we ship our entire basic desktop on *one* CD. Most other
Linux distros ship three or more. We’ve done a very
good job of balancing ease of use, very broad hardware support and minimization
of crap on the system.

Jaqui:Bluez is not required by ANY quality
software, unless it is for connecting to a BLUETOOTH device.

Jeff Waugh: Actually, the libraries used to interface with the Bluetooth
subsystem are used by numerous applications to provide integration with the
hardware. A good example of this is ‘nautilus-sendto’,
the little app that lets you send files from the file manager (using email, IM,
Bluetooth, etc).

Jaqui: No? The help system and Ubuntu desktop
run bluez-utils
as a requirement, it cannot be removed. Supporting the hardware is fine, but
not as an absolutely required library, with the entire GUI dependant on it.

Jeff Waugh: You can’t depend on a library and then magically take it
out of the stack. That’s like playing Jenga, if you
know the reference (it’s the game where you pull out pieces of wood in a big
tower, which eventually falls over).

Jaqui: FIREFOX is REQUIRED?????? I detest Firefox and will not use it at
all, so naturally I don’t want it installed.

Jeff Waugh: We install a minimal set of software that will be useful
for as many users as possible. Firefox is the gold standard in browser
technology, so that’s what we ship out of the box. For various technical
reasons, it can’t be removed because other software on the system (such as the
help browser) use the Firefox rendering engine, and this is not yet split out
from the  browser itself.

Jaqui: Just an F.Y.I. I normally use Linux From
Scratch, and FIREFOX is not required by the software you say it is.

Jeff Waugh: The rendering engine is used by other software in our
system, such as the help browser and other components.

Jaqui: Gecko rendering engine is not available separately; since when?
It has always been a separate section of the sources.

Jeff Waugh: It is not available as a separate library interface. When XULrunner ships from
Mozilla.org, it is likely that we will retarget all the software that uses the
rendering engine to use it, at which point Firefox will no longer be required.

Jaqui: But gecko is not locked into Firefox it is a separate set of
archives in the sources.

Jeff Waugh: Again, until XULrunner is released, the rendering engine is not available
as a separate library interface. (Even then, it won’t just be gecko, it will be the whole XUL stack.)

Jaqui: And, in my opinion, Firefox is not the gold standard, I would
rather use Seamonkey. (Seamonkey
uses exact same rendering engine, just a more powerful interface, with more
tools. It is Mozilla suite’s new version.)

Jeff Waugh: That’s a fine preference for you, but there are great
reasons why Firefox has achieved market share far beyond what Seamonkey was capable of. It sounds as if you enjoy
tinkering with your technology — keep in mind that you (and I alike!) are
unlike most of the computer-using population out there. 🙂

Jaqui: According to Mozilla’s site, XULrunner is available.

Jeff Waugh: It’s not stable or well-adopted yet. We may be adopting it in the Ubuntu 6.10 timeframe.

Jaqui: Laptop-Utils is required on a desktop
system? Pure stupidity.

Jeff Waugh: Again, we support a lot of hardware out of the box. This is
a tiny, tiny package (smaller that all the other laptop hardware support
utilities that we include), so I would not regard this as ‘pure stupidity’. It
is not used if you do not have hardware that requires it.

Jaqui: No way to edit the system files outside of working with vim in console and it seems like root
login is locked from the GUI completely.

Jeff Waugh: You can run graphical apps with sudo as well, if required, but
it’s not something that we want to encourage. There is a good selection of
admin tools available — we’re not all that interested in forcing our users to
edit system files at all! 🙂

Jaqui: Since sudo
single user does everything it is a seriously flawed security model, I always
use root account for administrative purposes.

Jeff Waugh: Sorry, it’s not a flawed security model. We’re extremely
attentive to security issues, and this is the kind of configuration that is
recommended for large server deployments, and any situation where a task-based approach to privilege escalation is required. Turns out,
that fits very neatly with the requirements of a desktop system. It is
disappointing that the whole concept of root
is inflicted on users of other distributions. You’ll note that Mac OS X uses a
very similar approach to Ubuntu.

Jaqui: Yet there was no way to put system administration password into
system admin tools in the GUI. I definitely disagree
that regular user as administrator is as good of a security model; that is the
way Windows boxes get infested with malware.

Jeff Waugh: That’s not how Ubuntu works. The
user is an administrator only in that they have sudo rights should they need to
perform administrative tasks. They do not
have inflated privileges in general use. This is not qualitatively different to
having a root password that just ends up being a different password to type in.
We’ve thought about this long and hard, and we have a very conservative
approach to security issues. Ultimately, this is the best way for UNIX systems
to work in general — professional sysadmins will tell you the same thing.

Jaqui: The “only administrator can do anything” is why every Windows
box is being run as administrator. Microsoft has yet to create a good multi-user
operating system; you are turning Linux into a clone of Microsoft’s flawed
multi-user model with this type of security model.

Jeff Waugh: See above and below for why that is not the case, but also,
if you want to see bad ideas in action, look to Linspire.
In Linspire, user accounts are optional, and in the
default single user configuration, everything runs as root. *That* replicates
the “everyone logs in as the Administrator user” mess on Windows.

Jaqui: Root account is there to be used, therefore
sudo is a security risk. (Secunia advisory, sudo
doesn’t completely release from the system when it’s shut down leaving the
system vulnerable to exploit, a fact that was actually reported to Secunia by Ubuntu). I’ll have
to disagree that using sudo instead of the root
account is more secure.

Jeff Waugh: Sorry, but I don’t believe that you have the depth of
knowledge to state that as a fact. You’re welcome to your own opinion though.
🙂

Jaqui: I only have one user allowed to use su, (my own login) and actually
rarely use that even, all other users are not granted the su privilege. System admin is
completely separate from general use. (for me)

Jeff Waugh: The same holds true for sudo, but at vastly more granular
levels. That is why it is the choice of sysadmins who are interested in secure
task-based privilege escalation. That’s not true in general, and not at all
true on Ubuntu due to other rules we put in place
(timeouts per tty, etc). sudo is no more of a
security risk in our setup than having a separate root account and password,
and in fact reduces risk in the
common case. We haven’t done this on a whim.

Jaqui: FORCED UPDATE before you can work with any other packages? What
are you Microsoft? Forcing people to install updates in order to do anything
else with packages? Constant Notifications that updates are ready? (A Microsoft thing I don’t miss in my LINUX
only network.)

Jeff Waugh: I’m not sure which context you’re referring to, but if it’s
the update after installation, that’s a courtesy to our users so that they are
running all of the latest security and bug fixes after install. We also let our
users know when updates are available, because it’s important that they play an
active role in the upkeep of their system, and understand what it’s doing. It
would not be good to do this behind the user’s back. I’m not sure why you
characterize this as a Microsoft thing — it is a very important function of
any modern, secure operating system.

Jaqui: Since I wanted to install some more software, then do updates,
being locked out of installing more software before installing updates is just
an irritant. Why force people to go through the entire update process, just to
add more packages? It doesn’t save time either way. Or to
remove unwanted packages. I’ll update a package just before I uninstall
it; waste of time to update it isn’t it?

Jeff Waugh: Have a look at Dapper when it’s released, I think it will
resolve the issue you have with this. (Although this really
is a small issue, if you take the whole challenge of Linux on the desktop in perspective.)

NOTE: popup windows about updates are an irritant, and Microsoft
is the worst for that irritation, Ubuntu has followed
Microsoft down this path of a popup every 30 seconds until the updates are
installed — a very Microsoft thing.

Jaqui:Libsmb
is not required by any software that is worth using, unless you are connecting
to a Windows server. No self respecting Linux desktop application would be
built requiring Windows server connectivity. (Which is why I do not ever
install GNOME, they were stupid enough to require the smb stack for this LINUX Desktop).

Jeff Waugh: All of the major Linux desktop systems provide a method of
using Windows and Samba file sharing. We support it because it is a major use
case for many of our users, whether they are using a completely Linux based
network or using Windows machines (servers or not) in their day to day
activities.

Jaqui: Yet you insist on forcing installation of software that in 90
percent of the cases will not be required? That is crap on the system. The
laptop utils, bluez-utils,
samba server stack are crap on the system unless you are on a laptop, have
Bluetooth devices and are running a SERVER with Windows workstations. (I know,
the Samba server stack is gnome’s fault, not Ubuntu’s,
I keep frying them about the concept also.)

Jeff Waugh: We don’t ship the Samba server, and GNOME does not require
it (if you’d like to talk about GNOME, let me know — I was release manager for
the last five years).

I don’t agree that it’s crap
on the system. It takes very little space in real terms, and most users
just don’t care. It’s not slowing anything down or getting in anyone’s way.
You’ve noticed it because you’re interested in the details, but I don’t think
you’re putting these things in perspective.

Jaqui: So a GNOME app makes use of tools that aren’t needed in a Linux
only environment…Oh wait, GNOME itself uses tools that are a waste of
resources in a Linux only environment. No surprise that they add more resource
waste to extra apps then.

Jeff Waugh: I think this is a mischaracterization. Firstly, we do not
design Ubuntu for use in Linux-only environments
(which are very rare). We design it to work in the kind of environments our
users face every day, and that means we need it to be interoperable with a
whole stack of different systems. In technical terms, if you’re not using the smb support, no
‘resources’ are wasted. The smb support is actually provided by a separate binary which
runs out of process, so if you don’t need it, it’s never executed.

I think that if you’re interested in taking on these debates, you
need to start using more relevant terms than ‘resources’. Sorry.

Jaqui: Sorry, no desktop software requires the Samba server stack if it’s
worth using, why would a desktop be a server?

Jeff Waugh: It doesn’t require the server stack running on the desktop
machine.

Jaqui: I reread the description of libsmb,
it’s the server stack to allow windows desktops to connect, not as I originally
stated to enable connecting to Windows servers.

Jeff Waugh: No, it’s not. The libsmbclient is an interface for other software to use the
CIFS/SMB protocols. It does not require the actual Samba servers running on the
local machine. The Samba package is not
part of our desktop seed (the default install packages).

Jaqui: My issue with GNOME
isn’t libsmbclient,
it is libsmb,
which is the server stack and absolutely required for GNOME.

Jeff Waugh: There is no such thing as libsmb, and again, whatever you’re
referring to is not the Samba daemons, which for Debian and Ubuntu
are in the Samba package. You do not
need to have any of the Samba daemons running to use CIFS/SMB services via the
GNOME file manager or through its vfs features.

Jaqui: That is the issue, why is it a requirement instead of a
recommended package? If it’s required, the system will not function without it;
that means that the help system runs it — that means the desktop runs it.

Jeff Waugh: No, that is not the case. I will give you an example. We ship
a program called nautilus-sendto, which provides a very cute little file-sending
feature for our file manager. It interoperates with Evolution, GAIM, and Bluetooth
devices, so you can send files by email, IM or to your phone. It uses the Bluetooth
libraries to do so.

If you removed the Bluetooth libs, nautilus-sendto
would also be removed. That is how things work. The only time those Bluetooth
libraries are used or loaded into memory is when the nautilus-sendto program is invoked.
However, there are also the very low level Bluetooth support daemons, which are
run at bootup if you have any Bluetooth hardware on
your system. So, in the case where you do not have Bluetooth hardware, no
“resources” (really, RAM) are used to provide these features.

There are lots of things we include in Ubuntu
that are requirements of the software we ship, but are not always running.

Jaqui: That means that, since Ubuntu uses GNOME,
there are three active networking stacks: the kernel level stack for most
network cards, the libsmb
stack, and the bluez-utils
stack for the GUI.

Jeff Waugh: This is hard to answer, because you are conflating things
that are not at all related. The three examples you mention above are not in
the same category of software, so you can’t say that having all three is
wasteful or unnecessary. They all provide vastly different functionality, and
are all installed by default for very good reasons — notably, hardware support
out of the box, and interoperability.