From the Canyon Edge -- :-Dustin

Wednesday, April 29, 2009

Pictures from the Jaunty Release Party at the Jackalope in Austin, Texas



Until I hear any different, I'm going to go ahead and claim that the Ubuntu Jaunty Release Party in Austin, Texas was the only release party held in a pub named for the 9.04 namesake ... The Jackalope.

Note that I already have my eyes set on another bar in Austin for our next release party ... a little place called Karma!

Cheers to the ~30 people who joined us for a few beers and some demonstrations on Friday!

Also, thanks to Mario Limonciello for shooting a couple of pictures! Enjoy...







:-Dustin

Tuesday, April 28, 2009

ArsTechnica Article on screen-profiles



Ryan Paul attended yesterday's Ubuntu Open Week talk on screen-profiles, and wrote an excellent article about it for Ars Technica.
Thanks, Ryan!

Cheers,
:-Dustin

Monday, April 27, 2009

Teaching a Class with GNU Screen



I led an Ubuntu Open Week session earlier this morning on screen-profiles.

As part of the session, I setup a demo on an Amazon EC2 instance running Ubuntu 9.04. In that shared screen session, I as the "teacher" had read/write access to the instance, and 50+ "students" had read-only access. This proved incredibly handy for doing such a demonstration!

I did, however, have to configure a number of things manually to enable screen to operate safely and securely in such a shared environment.

A number of people asked me how I did this, so I thought I'd document those steps here...

  1. The screen binary must be setuid root. There are plenty of reasons why we don't do this by default in Ubuntu! However, this is absolutely required to use the multiuser feature of screen:
    $ sudo chmod 6755 /usr/bin/screen.real
  2. Once we've changed this, we must now change the permissions on the shared run space:
    $ sudo chmod 755 /var/run/screen
  3. Now, launch screen, title it "class", and select the light profile:
    $ screen -S class
  4. Next, add the following screen configuration parameters in your ~/.screenrc:
    # Ensure that permissions are propagated to all new windows
    aclumask guest+r guest-w guest-x
    # Give your guests read, but not write or execute permissions
    aclchg guest +r-w-x "#?"
    # Allow your guests to switch among windows, and detach
    aclchg guest +x "prev,next,select,detach"
    # Enable multiuser
    multiuser on
  5. And reload your profile with F5
  6. Next, edit /etc/ssh/sshd_config, and add this to the very end, to ensure that our guest user can login with a password, no forward ports, and only launch this one command:
    PasswordAuthentication yes
    AllowTcpForwarding no
    Match User guest
    ForceCommand screen -x ubuntu/class
  7. Also, if this is Amazon EC2, you'll need to enable password authentication in /etc/ssh/sshd_config with:
    PasswordAuthentication yes
  8. Now, let's add our guest user, set a password, and ensure that your guest users cannot mess with one another:
    $ sudo adduser guest
    $ sudo chown -R root:root /home/guest
    $ sudo touch /home/guest/.screenrc
  9. And restart sshd to get your configuration changes to apply:
    $ sudo service ssh restart
At this point, you should be able to direct your guests to ssh into your Ubuntu server instance. Upon login, they should immediately be connected to your shared screen session, and should only have access to:
  • F3 (previous window)
  • F4 (next window)
  • F6 (detach)
For more information, see the resources I used to compile this information:

:-Dustin

Tuesday, April 21, 2009

What I Want the Ubuntu Server To Be

My Canonical Ubuntu Server Team colleagues, Soren Hansen and Thierry Carrez, have recently published manifestos on what they would like to see the Ubuntu Server become. Accordingly, here are my thoughts on the matter...

What I Want The Ubuntu Server To Be...

Secure

Security is the most important element of a server to me. Kees, Jamie, and Marc on the Ubuntu Security team do a fabulous job keeping the Ubuntu packages updated, and our servers safe from published CVE's and known security bugs. They have hardened the Ubuntu toolchain in such a way that protects Ubuntu binaries from vast classes of vulnerabilities.

But, I believe that security goes far beyond fixing bugs in code. I believe that Security also consists of feature development. I believe that we've done a decent job integrating some really useful security features, such as:
  • AppArmor
  • Encrypted-Home and Encrypted-Private directories
  • ufw
I hope that we expand this list tremendously over our next releases.

I think every Ubuntu user (desktop and server) should automatically have an Encrypted Private directory where they can store their most sensitive information, with an easy option to encrypt all of $HOME.

I think we should use swap files, rather than partitions, by default, with supporting applications to automatically and manually resize it when your memory availability and requirements change. And I think you should be able to easily enable/disable swap encryption at your discretion--encrypted swap is essential for encrypted-private and encrypted-home directories.

I would like to see us move toward having ufw enabled and running by default. I think this means that all services would need appropriate hooks to open the necessary ports for operation--something that needs to be implemented carefully and over time.

I would like AppArmor and/or SELinux profiles for everything! This is a lot of very expert-level work, that I don't really want to do myself ;-) I want to run my servers with fully enforcing MAC protection, but I don't even want to know it's there. Yes, this is a tough one, I agree. I was an SELinux developer working on Fedora and Red Hat when they first turned SELinux 'on'. It was painful. Maybe it still is? (I don't know.) This is a lot of work, but totally worth it in my opinion.

Easy To Use

I would like the Ubuntu Server to be the easiest, friendliest Linux server on the market.

To some people, this means having a graphical desktop. For those people, I'd like to expose a simple option to basically:
$ sudo apt-get install --no-install-recommends ubuntu-desktop
Which would install a graphical desktop manager without some of the desktop addons like Evolution and OpenOffice, but continue to use the server flavor kernel. It might even be worth using XFCE rather than Gnome...

I don't think graphical desktops should be installed on the majority of servers, however. Most people don't need a graphical desktop manager, they simply need a window manager. For that, we have the command-line utility 'screen'. I've blogged several times about a new package I created with help from Nick Barcet: 'screen-profiles'. I think one of the screen-profiles configurations should be configured by default for each user on the server, and automatically launched on login. I believe that a shell running inside of a screen-profiles configuration for 'screen' should be the face of the Ubuntu server.

I would also like to see an ever growing set of tasksel package sets, for creating Ubuntu servers with stacks of applications configured and working well together. I have been installing Tomcat on Linux servers since the Summer of 2000, and it's been a huge pain for almost 8 years. Thierry's work on Ubuntu's Tomcat packaging (and all the Java dependencies) has finally made this a one-step operation... sudo apt-get install tomcat6. Beautiful! I would like to see the same quality for other complex application stacks (eg, alfresco, sugarcrm).

Also, a complete "collaboration server" stack would be phenomenal, containing servers for a wiki, irc, document editing, listserv, pastebin, etc. Any small business using open tooling should be able to get all of these in a box, up and running in a matter of minutes or hours.

Stable

We added LVM-by-default for Ubuntu servers in Jaunty. And Soren had the brilliant idea of always installing Ubuntu Servers with a degraded RAID-1. This would make it really easy to add a second disk to a server sometime later. Great idea. I've done this before with my servers (actually, created a mirrored RAID on a server that was not setup for it). There was a painstaking set of very specific steps that had to be executed perfectly. We would need some additional tooling in userspace (beyond just the installer) to make the feature practical. But this is quite doable.

I hope we take a close look at ksplice for Ubuntu servers. For non-ABI-changing kernel updates, ksplice can actually roll out kernel changes to a running kernel, merely by compiling some code and inserting a module. Scary, I know. And it needs some heavy testing and security review. But in the interest of uptime, this could be an incredible feature. I met the developers at the Linux Foundation Collaboration Summit, and it seems that they do much of their testing and development already on Ubuntu. I think this would be pretty cool.

Also, I'm a big fan of Thierry's work on putting /etc under revision control. This is a great idea, very easy to use, minimal overhead. I'm hoping we'll see this on Ubuntu servers by default very soon, and possibly on the desktop too.

Efficient

I would like the Ubuntu server to be the 'greenest' Linux server distribution on the planet. We took a couple of steps in this direction in Jaunty (ondemand cpu frequency scaling on by default, server suspend/hibernate/resume working, powerman & pwrkap packaged). But there's a lot more to do!

Cloud computing and virtualization presents us with new opportunities and challenges with respect to power management. I'm hoping to keep Ubuntu on top of these, with integrated functionality for migrating and consolidating workloads to the minimum number of virtualization hosts required to do the job, placing the rest in a suspended or hibernated state, and dynamically resuming hot-spare hardware when dictated by load.

Performant

I'm quite interested in btrfs. I don't know that we're quite ready to default to btrfs (for stability reasons), but I'm quite interested in heavily testing btrfs in Karmic, as there are some tremendous performance benefits available.

:-Dustin

Thursday, April 16, 2009

Jaunty Release Party: Austin, Texas



6th Street in Austin, Texas is home to a bar named after the upcoming Ubuntu release: The Jackalope! Okay okay, so the bar was named The Jackalope long before Mark defined our latest mascot.

But I haven't found any Jaunty Release Parties announced in Austin yet, and I can't think of a more appropriate place to hold this one.

So I, for one, will be at The Jackalope, 404 E 6th Street, from 5pm - 7pm on Friday, April 24, 2009, celebrating our latest release, enjoying a few beers, and demonstrating some of Jaunty's new features. Please join me!

:-Dustin

Tuesday, April 14, 2009

Your Article is Incorrect: Linux Magazine


Here is an article from Linux Magazine with a very unfortunate title:
In my opinion, this piece is a bit of sensational journalism targeted at the Ubuntu Server.

sensationalism: the notion that media outlets often choose to report heavily on stories with shock value or attention-grabbing names or events, rather than reporting on more pressing issues to the general public

I believe that this article was more about generating attention than improving distro security or the Linux ecosystem. To achieve the latter, one could easily file bugs and discuss the issues on any one of several mailing lists, forums, or IRC.

Update: Linux Magazine has assured me that the Novell/Microsoft advertisement is a coincidence, so there's no deeper conspiracy theory here, as suspect as it looks. I have also been assured that this article was not meant to pick on Ubuntu, but that this would be the first in a series of articles about insecurities introduced by distros in the interest of easier install processes.

We, the Ubuntu distribution, are leading the industry in a number of areas of Linux security. 8.10's encrypted-private feature (shown on the first page of his article) is unique among all Linux distributions, and 9.04's encrypted-home extends the functionality even further. As far as I'm aware, this is the first Linux distribution to provide seamless, per-user home directory encryption in the installer.

As of 9.04, if you choose to encrypt your home directory, it has 700 permissions. And if not, yes, your home directory is perm'd 755, with an option to create an encrypted Private directory, perm'd 700. These design choices delicately and intelligently toe the line between security and usability.

The Ubuntu Security Team has engineered a secure toolchain and compiler flags, by which all Ubuntu packages are built. These carefully constructed options affect nearly all packages built and hosted in the official Ubuntu archives, and have eliminated several classes of classic security vulnerabilities.

For the more paranoid, the Ubuntu kernel provides administrators with both Mandatory Access Control (MAC) models enabled and available at their discretion--AppArmor by default, as well as SELinux. And ufw (the Uncomplicated Firewall) is a truly elegant solution for administrators to control network access.

Finally, the author's arbitrary "grades" against Ubuntu are, in order: A-, B, A-. Is this really enough to justify a sensational headline in an otherwise respected Linux publication?

These sound like 3 reasonable wishlist bugs filed in Launchpad.

:-Dustin

Wednesday, April 8, 2009

Running Ubuntu, literally

I ran the Race for the Roses Half Marathon in Portland, Oregon with Leann Ogasawara on Sunday, April 5, 2009 in an Ubuntu Jaunty t-shirt -- my way of promoting what's shaping up to be a fantastic release ;-)

It was a great day for a run. Perfect sunny spring weather, for a good cause, and Portland is quite a beautiful city.

I've proposed that the Canonical Ubuntu Store offer a technical t-shirt for runners and cyclist with a pithy logo, perhaps something like this:

If you like this idea or have other suggestions, please leave a note in the feedback form at the Canonical Store!



:-Dustin

Printfriendly