A Gut Check On Gutsy Gibbon

jammag writes "Linux pundit Bruce Byfield looked inside the pre-release of Gutsy Gibbon and found what he calls 'Windows thinking.' His article, Divining from the Entrails of Ubuntu's Gutsy Gibbon, notes that Ubuntu is the dominant distro, having achieved a level of success that might be leading to complacency. He opines: 'Only once or twice did I find a balance between accessibility to newcomers and a feature set for advanced users. At times, I wondered whether the popularity might be preventing Ubuntu from finishing some rough edges.'"

Come ON, how full of crap is this?

[c0l0]

Unhappy with *[Uu]buntu's way of installing, not leaving many choices for the "IT professional"?
Use the alternative LiveCD. Note you don't need to "secure the system", since the default install does not bind any sockets listening. I actually consider it one of Ubuntu's strongest feats that you are not facing any choice of package selection whatsoever, so you can be sure you will end up with a sanely organized system you can build upon, if you want, or just walk on with the preset choices.

Next hilarious thing on his list is the boot menu - if you're actually an advanced-enough user to know about the possibility of testing your memory at bootup, I figure you also know about how to hit Escape to have GRUB's full menu appear.

He's got one point on fonts, as there can never be enough fonts included in an install. I personally do like Gentium though, and consider freetype's font rendering as Ubuntu sports it very pleasing to the eye.

On page two, where he's going to whine about "Proliferating package managers", the author imho show severe lack of understanding concerning Debian-ish package management. Well, let there be a lightweight update-checking-utility that does not come up with the whole bunch of X11-windows that is synaptic. It's a good thing it's there - it uses the same backends as apt-get, aptitude, synpatic, dpkg, adept, whatthefuckever use, and it saves you from manually checking for updates every so often. So would you please stop being anal about it? Thanks.

Also on page 2: "At any rate, the only way to judge how useful a package might be is to use it yourself." Oh wow, movie at eleven. I won't even comment on this, Cpt. Obvious to the rescue.

Page 3 is about security, and once again tha author seems clueless to me. An "intruder" on a default Ubuntu system can pretty much by definition (due to the lack of running network-interfacing daemons) only be a local attacker with physical access to your machine. Well, in case of physical access you're hosed anyway.
The point in criticizing default group memberships for the "desktop"-class of users is also beyond me. Well, that is how UNIX tends to work, and if it weren't for the desktop user to be able to, e. g., adjust the sound system's mixer levels or burn a CD, what's left for "desktop" usage to be done? No access via `sudo` means no (write-)access to other account's files and data. Besides, if you let people you don't trust gain local access to a machine via their very own personal account, you should probably check for your very own mental sanity/security first.

My point is, if Ubuntu actually behaved like he now states he'd like it to in his article, it'd be a flamefest of a different kind: namely criticizing how Ubuntu lacked in "usability", and how it would shy away "novice users".

Ubuntu is a very fine choice for someone starting out with GNU/Linux or computers all together. It's also a fine choice for someone more knowledgeable, since it's perfectly possible to stray away from the sane defaults the Ubuntu devs chose for the distro. If you happen to find your demands outstrip Ubuntu's capabilities, you're probably better off by creating a distribution of your own.

My 2 cent.

who

[wwmedia]

who gives ubuntu versions these crazy names?

Re:Name?

[kebes]

This has been brought up and explained many times on Slashdot.

Simply put, the name "Gutsy Gibbon" (and "Feisty Fawn," etc.) are developer code-names, just like "Longhorn" was for Windows Vista. The final released version of Gutsy Gibbon will be called "Ubuntu 7.10". So, if you are talking to your CEO, you will presumably mention "Ubuntu 7.10 Server" and not "teh Gibbon!!" Note that you won't see the term "Gutsy Gibbon" mentioned in an installed OS (except in the sources file for aptitude, but a normal user is unlikely to ever see that).

You can hardly fault the developers for wanting to have codenames for the releases. It's a useful means of differentiating between pre-release and final versions. Now, I fully admit that many users of Ubuntu stick to the codenames afer the release. If you read ubuntuforums, lots of people will ask things like "are you running Feisty or Dapper?" and so on. I guess that just means that Linux enthusiasts enjoy the whimsical names.

So, the developers are not interested in dropping the codenames, since the community seems to enjoy them. But please bear in mind that they are not "names of releases"--they are codenames that do not appear on the official releases. (For instance, check the download page [ubuntu.com]: it mentions "Ubuntu 7.04" and "Ubuntu 6.06".)

Re:Come ON, how full of crap is this?

[jonesy16]

I was going to write a long post regarding this article but it looks like you covered it already. Good work, cause I couldn't agree more. The only reason that we see a linux distro preinstalled on Dell computers, for example, is because of the strides made by the Ubuntu team in creating a distro that is easy for a Windows-level user to sit down and interact with.

I'm the first to agree that in a high-tech-level setting Ubuntu has MANY shortcomings. As an example, it takes me about 5 seconds to get a RedHat based machine configured on our Kerberos network using authconfig. I spent a half hour with it (I'm no Kerberos expert), and I still can't get Ubuntu working correctly since I have to do everything manually. My point, however, is that NO home user is EVER going to want to set up Kerberos, so that's not what Ubuntu is geared for and I can't get upset with them for that. Same goes for partitioning in the installer. Anyone remember the options in the Windows installer? They're on the same level: let the installer wipe the drive and commit it to Linux, or set up a few paritions on your own and tell the installer which one it can use.

Lastly, I have to disagree with the author regarding the user account classifications. He claims, erroneously, that by allowing for the use of 'sudo', an attacker only needs one password to break a system, whereas with a root account he claims you need 2. Umm . . . hello . . . you still only need one password, root's password! Unless your savy enough to not allow root logins . . . It seems perfectly acceptable to me to provide those three levels of user accounts and even that is more than most people will need.

Re:Choices and Plurality

[kebes]

I agree with you.

TFA is not wrong in what it says, but perhaps it misses a point. For years people were begging for a "user-friendly" Linux distribution, where the user would "not be inundated with choices" and so on. Ubuntu arose with the aim to be "Linux for human beings," where an ordinary person would be able (with some guidance) to install, learn, and productively use the OS. The aim of Ubuntu is to fill that niche.

TFA discusses needing to find the balance between "simplicity for beginners" and "power for advanced users." But he seems to think that each Linux distro should be finding that balance--rather than accepting that the point of having multiple distros is that each one can strike a different balance. Ubuntu, clearly, is a distro that favors simplicity, because it is trying to capture some of the "mass market" of beginners. If you want the installation to expose lots of details to you, then there are distros that will make that happen (e.g. Debian).

Now, having made the case that each distro can and should strike a different balance, I still find the argument misses the mark. I like to consider myself a "power user" who tries to do technical things (run webservers, programming, etc.), and Ubuntu (Kubuntu actually) is my distro of choice. Frankly, once you "know Linux" it's trivially easy to find and modify all the hidden features. Once you open a terminal, you have access to all the power, customization, and advanced features of any other Linux distro.

Furthermore, many experts may prefer Ubuntu's simplicity, because it lets you get to the tasks you actually care about (and care about customizing) faster. It's nice to be able to complete a full install in 15 minutes (yes, I timed it), with no hassles, and then fine tune it as needed. As I said before--it's not like the customizations are not there. Just open a terminal, edit a config file, just like any other distro.

Re:Wait for next

[eln]

I think with the sudo thing he's referring to the fact that most systems have more security vulnerabilities that allow you to take control of a non-privileged user, so it's a lot easier to hack into a non-privileged user than it is to hack into root. If you are able to hack into a non-privileged user that is in the sudoers file, you have root.

Of course, most of those exploits involve gaining control of daemon users, like the httpd user or whatever, and if you have any of those users in your sudoers file you're asking for trouble anyway.

There may also be the assumption that most people will choose stronger passwords for their root user than they do for their normal user account. I'm not so sure that this really holds true in a desktop environment, but it may in a server environment. Of course, there's also the issue that a frequently used password may be easier for someone to shoulder surf. So, while a normal person may only very rarely log in as root, so shoulder surfing opportunities are likewise rare, they probably log into their user account (which on Ubuntu will likely have sudo access) many times.

So, while I think there is a lot of hand waving involved in whether or not Ubuntu's model is really more or less secure, there is at least an argument to be made.

ubuntu

[treak007]

Ubuntu is very popular atm because it is very beginner friendly. Ubuntu seems to strive to make itself like Windows to attract more people. It is only a matter of time before Ubuntu looks and acts just like Windows.

Rough Edges indeed

[Anonymous Coward]

When I switched for a 1600x1200 (Dell) to a 1600x1050 (BenQ), Ubuntu recognized it, but did not reconfigure X for widescreen, and consistently picks some middling 4:3 format that gets stretched. It looks ugly and 2 version upgrades have failed to correct the problem

Editing xconf.org is not a solution for the non-technical user

User Friendliness

[Stooshie]

FTFA

... I find myself wondering whether user-friendliness must inevitably mean discouraging users from exploring their systems or taking firm control over them ...

and

... while even novices are unlikely to have much trouble if they accept the defaults, straying beyond them is difficult ...

I think this is where us techies fall down sometimes. We assume that everyone who uses a computer wants to "Explore their system" or take "control over them".

Let's face it, probably about 90% of computer users use an office type application, a browser and an email client and the more advanced of them may use a feed reader of some sort. The most "control" they want over their system is to change the background and perhaps the colour scheme, and they want to do it easily, no code, no hassle.

And that's fine! Their computer is a tool to do their job. They learn how to do what they need to do and that's it.

So, it's a good thing that Ubuntu is easy to use. Us techies who want to "stray beyond the defaults" will find the way to do it anyway.

Re:Come ON, how full of crap is this?

[recoiledsnake]

Page 3 is about security, and once again tha author seems clueless to me. An "intruder" on a default Ubuntu system can pretty much by definition (due to the lack of running network-interfacing daemons) only be a local attacker with physical access to your machine.

Wrong. A buffer overflow in Firefox can be the attack vector. As can be a hole in any internet facing software that use internet data (Synaptic, FreeAMP, Media players) or even applications that open any files(if GIMP has a vulnerability parsing JPEG files, even JPEG files could possibly result in a "intruder" gaining access to your machine(not root access though, unless you run GIMP as root).

Is there anything you can't do on Ubuntu? No.

[mpathy]

Welcome to the circle of friends.. ;)

And hey, if you want to do it, like you did on gentoo, than why not?

There are almost no reasons to do it like you do it there - the speed factor the self-compiling guys (*BSD, Gentoo) are pointing out isn't really there, thats so minimal you can forget about this argumentation.

1.) If you really have to - the package management is flexible enough to let you do this - try it like this:

Load the package you need to configure and compile like this, so the dependencies are resolved like you apt-get some binaries:

apt-get build-dep exampletool

Now do the configure stuff, you find it in debian/rules.

Then use this combined command to get the sources, compile them, and make a package out of them:

apt-get -b source exampletool

2.) Another, less automated way is to download the program you want to compile yourself, and then use a tool like "checkinstall" (its in the repositories).

In this scenario you do the usual things: ./configure --somespecialconfigureoptions
make
(and then instead of sudo make install you do:)
sudo checkinstall

Answer the questions and the selfcompiled program is also added to the package managment and also could be removed like you do it otherwise.

As you can see, if someone says "Ubuntu can't do this or this because its focused for beginners" it's just not true.

And not to forgot the rock-solid "Ubuntu-Server" flavour.. We put all our server also from Debian to Ubuntu, because its a lot easier to have actual versions of server-related software with a long-term support (security updates etc.) than to handle on D_____ with a massive amount of backports to achieve the same. And if you have security issues on packages there, you can hope, some people give the same massive amount of time in putting security updates up in a recent time.

Really, if someone can say me something I can't do there, please tell me, perhaps I am missing something :)

Re:duhh

[AvitarX]

Where is this lack of control in Ubuntu?

I have been using it for a while now and I think I have complete control.

Every remote service that is running I chose, I chose the desktop environment, the kernel optimizations (low latency), the theme, the default text editor.

As someone who has used Linux as a primary desktop for around 30% of the 8 years I would describe myself as a "power user", but not an "expert". With this background Ubuntu is fulfilling the promise that was started (from my perspective) with Redhat and continued with SUSE and Mandrake. I plug in a device, and it pretty much just works. Like Debian I have every package I could possibly want, but unlike debian I am never too far out of date (I understand that unstable is kind of like that now-adays).

Because Debian is a well loved distro and Ubuntu popular, I always can get packages for Ubuntu that are up to date, and not included in the massive selection available to the repositories. I personally feel that .deb files give me more control that compiling from source, because I can easily remove said packages and get everything off. I can also easily get a list of everything installed.

Re:duhh (I disagree completely)

[gosand]

Ubuntu isn't successful because it's an operating system for advanced users only (like Gentoo). It's successful due to being user friendly to people who are Windows users who are curious about Linux.

I completely disagree. I don't think Ubuntu is successful because of Windows users. At all. It is successful because it fills a need that Linux users have been waiting for - a distro that is easy to maintain. Unless you are maintaining multiple machines, you shouldn't be doing many installs. (even if you are, you shouldn't be doing many 'installs') I don't really care if the install takes 15 minutes or 2 hours. I only install once. I have never really understood why so many reviews focus on the installation! Yes, it is important, I have done some really tough installs in my day. It is a critical step, but the MORE important thing is how you maintain the system. That is where Ubuntu really stands out. It is why I switched to it. I was on Mandrake (before it changed names) and before that SuSE and various RedHat distros. This was dependency hell. Even though SuSE and Mandrake said you could update your system, you could not. I ran into ALL kinds of issues, my packages were getting outdated and I couldn't easily update them. So I have now been on Kubuntu for over 2 years, and even did an Upgrade with minimal hassle (damn NVIDIA). Dependency hell is pretty much a thing of the past for me.

Ubuntu lets me USE Linux, and I can tinker where I want to - not where I have to. I still feel like the tinker-factor is still a little high for the average user (esp Windows users) but the strides that Ubuntu has made over other distros is immense.

Re:Choices and Plurality

[starnix]

I completely agree with you. It sounds like this guy is just a debian fanboy and if it isn't debian it's crap.

aka 'Some guy realises Ubuntu!=Gentoo'

[dyftm]

This guy seems very confused. He wants a balance between usability and configurability? Fair enough, but he cites this as a negative point when talking about front ends to apt!

• Basic user - add/remove, updater
• Medium user - synaptic package manager
• Advanced user - apt-get/aptitude/dpkg etc in the terminal

His issues with the security groups are similar - a basic user is not going to mess around with those, whereas a medium user might, and an advanced user would configure it however they want to.

For what it's worth, I recently moved to Ubuntu, and its balance between usability and configurability has allowed me to learn a fair bit about using Linux systems without throwing me in at the deep end like other distros do.

Re:Wait for next

[Rei]

Yeah -- I just did a fresh Fedora 7 install for use by a complete computer novice (who is still in the stage that she's having trouble remembering how to use things like scroll bars), and was very pleased by how smooth it went. It replaced her old Windows ME system, which had almost no aps and, most critically, refused to work with two different wireless cards that I purchased. Her jaw practically dropped when I showed her the freshly configured Fedora system, up in KDE, with a news ticker and weather plugin in her task bar, a smooth desktop interface which I readily customized for her weaknesses (she has trouble with holding keys for too long, needs larger fonts, and has trouble with accidentally clicking on the trackpad). Everything she owns worked with the computer seamlessly, right out of the box -- an HP printer, a digital camera, a netgear pcmcia wireless card, and so on. The camera connecting even brings up the "Digikam" program, which is pretty neat and which I had never seen before.

Of all of the install-related issues, the only hiccups that I had that relates to Fedora** were the install method, and printing from Gimp.

The install method was a bit awkward for me because this was an older laptop, and it didn't have a DVD drive. Fedora no longer supports CD-based installs; your options are Anaconda from a LiveCD, or DVD install. I had to use the LiveCD option. Due to limited ram, without having swap available, the computer would eventually thrash if used too long, especially if I left X running. After several rounds of dealing with this, I did just a very basic install, which finished just fine, and then used Yum to grab the rest.

I got hundreds of packages through yum (including several dozen games for her; say what you will, but I love the state of Linux gaming today, and how easy it is to get new games of all kinds ;) ). I got Gimp via Yum after the fact, and it installed just fine. However, there was no "print" button. A bit of web searching told me to install gimp-print, so I did so. It got gutenprint instead, which has apparently replaced gimp-print. Still, no print button. So, I searched more, and the suggestion was "gimp-print*". So, I did that. No print button. After a while of searching, I eventually thought to try "gutenprint*"; that did the trick. "gimp-print" fetches gutenprint and gutenprint-foomatic, but not gutenprint-plugin (which is what gives you the option to actually print from Gimp).

** -- I also had some trouble with her wireless hub that the phone company installed, but it was their problem, not Fedora's.

Her practically obsolete Windows ME box is now a nice-running, net-connected, sleek-looking Fedora box. I'm happy, she's happy :)

Re:Wait for next

[shellbeach]

Ok, so there's no way to know the root password. But you can still reset it, and then you'll be able to login as root normally (locally, at least). Not that someone who manages to break in remotely using a sudo-able account would find that useful anyway, for the reasons I've pointed previously.

I would have thought the bigger danger is the following:

sudo passwd
su
rm -rf /etc/sudoers
[do whatever you want at this point without anyone being able to stop you ...]

The point being, once you've set a root password and disabled a normal user's ability to use sudo, they simply can't stop you from doing whatever you like to their system unless they're actually near the box and can hit the power switch (in which case, they can reboot with a live CD and restore the /etc/sudoers file and reset the password ...) They can't even shut the system down remotely.

Seems a bad security model if you ask me ...