Language Selection

English French German Italian Portuguese Spanish

Ubuntu

Ubuntu 20.04 LTS To Optimize GNOME For Fast/Modern PCs, Ubuntu 20.10 For Slow/Older PCs

Filed under
Ubuntu

Canonical's Daniel Van Vugt who has become well known for focusing on his GNOME performance optimizations over the past two years is not done yet. While recapping their performance achievements around GNOME Shell for Ubuntu 19.10, he commented on performance work to happen for Ubuntu 20.04 LTS and Ubuntu 20.10 later on.

In a lengthy blog post, Daniel Van Vugt went over the performance issues with GNOME Shell, the many real-time bugs found and addressed for GNOME 3.34, and some of the issues remaining. Two of the pressing bugs not yet resolved are for multi-monitor rendering in Wayland hitting some inefficiencies and Mutter frame scheduling in select cases.

Read more

Also: Ubuntu at Open Infrastructure Summit Shanghai

Here’s Why Ubuntu Linux 19.10 Feels Insanely Fast And Responsive

Filed under
Ubuntu

Despite a number of new features brought to the table by Ubuntu 19.10, the headlining feature is this: it just feels really fast, even compared to Ubuntu 19.04. That comes down to dramatic improvements in GNOME 3.34, the desktop environment used on Ubuntu. And we finally have a wealth of information detailing exactly what those are.

Pop a Live USB of Ubuntu 19.10 into your PC and play around with it for a few minutes. The overall speed and responsiveness will surprise you. After a few minutes you may be tricked into thinking it’s natively installed! That’s largely because of some thoughtful bug hunting and real-time performance improvements contributed to GNOME 3.34 by Canonical.

In a new blog post, Canonical’s Daniel Van Vugt goes into excruciating detail outlining the entire process. For the sake of brevity and to avoid any technical jargon that may make your eyes glaze over, I’ll try to condense this into the most vital points! However, if you want the deep dive, I urge you to read Daniel’s entire post.

Read more

Ubuntu Podcast, Ubuntu at Events and Bauh for Snaps

Filed under
Ubuntu
  • Ubuntu Podcast from the UK LoCo: S12E29 – DOOM

    This week we’ve been to UbuCon Europe and preparing for a new baby. We round up the community news including updates from Regolith, Xubuntu, ZFS on Ubuntu, GNOME fighting patent trolls and we discuss some of our news picks from the tech world.

    It’s Season 12 Episode 29 of the Ubuntu Podcast! Alan Pope, Mark Johnson and Martin Wimpress are connected and speaking to your brain.

  • FinTechs discuss security, regulation and innovation at New York City roundtable

    Earlier this month, Canonical, IBM and FinTech specialists Medici held a joint roundtable in New York for executives within the financial services sector to hear and discuss their pain points, the most prominent emerging technologies and what the future holds. Entitled ‘Graduating from FinTech to FinServ’, the roundtable was hosted by Ross Mauri, GM of the IBM Z and LinuxONE business, Canonical’s CEO, Mark Shuttleworth, and Aditya Khurjekar, Founder and CEO of Medici, to discuss the implications and considerations of moving new technologies into products consumed by millions of users. The event followed a week after the launch of IBM’s newest LinuxONE server including support for Ubuntu. Together, IBM and Canonical’s solutions are already jointly used by several companies in the financial services sector.

    Ross and Mark opened the roundtable with their perspectives on the industry which kicked off an engaging discussion among the attendees from established financial institutions and banks to disruptors and start ups. Mark discussed how developers are innovating faster on open source. This pace opens the door for new entrants to enter and gain an advantage, challenging more established banks and institutions. Ross emphasised the importance of advanced security and building infrastructure accordingly.

    As the world increasingly adopts digital assets, secure application environments are essential to safeguard data and encryption keys. Equally with banking systems needing to be ‘always on’, deploying a centralised system is much simpler in the event of a failure. Guest speaker Neil Fillary from Shuttle Holdings spoke about digital asset custody solutions and the need for the underlying infrastructure to be as secure as possible, and Ricardo Correia from R3 discussed his experiences of blockchain deployments in the financial sector and the importance of security.

  • Bauh is a nifty snap manager

    If you’re looking for an easy, non-techie way to install snaps, you want a simple store-like utility. Snap integration is available in both GNOME Software and KDE Discover, which cover a large portion of the Linux user base. However, in distributions and desktop environments that do not natively provide a snap-capable graphical frontend, users typically need to resort to the command-line functionality.

    Previously, we talked about Snaptastic, a snap management tool available in the elementary OS. Today, we’d like to review bauh, formerly known as fpakman, a friendly interface for software installation.

    [...]

    Looking at the project page on GitHub, bauh has an ambitious roadmap ahead. The developers are planning to add support for other packaging technologies not currently in the list, create separate modules for each (this should provide an even more robust management), improve memory utilization and performance, as well as introduce new features that will streamline the user experience.

    For snap users, this is another venue by which they can consume software, on Arch-based distributions in particular. If you’re not keen on the command line, or you don’t want to use the full Snap Store on your desktop, bauh offers a handy, convenient alternative, with multi-format support as an elegant bonus.

  • Canonical at ROSCon Macau 2019

    Hey everyone, listen up, ROSCon 2019 is days away, and the Ubuntu team is going to be there. If you’re coming to Macau be sure to come and say hi at booth 22. Mention reading this blog and get a free high five? It’s going to be an event to remember. If you were at ROSCon JP, you’d know how the community is continuously growing and producing the very best in robotic development. With a vast list of companies and individuals attending this year, the conference floor is going to be buzzing with innovation.

    We, Canonical, the publisher of Ubuntu, will be there demoing several robotic arms to a less than apparent end. We’ll be demonstrating some of the benefits of running snaps on devices and on any ROS projects. We will be equipped with Qualcomm hardware to exhibit how Ubuntu can be used embedded on development boards, and we’ll be there to talk. More than anything, we’ll be there to talk. Like everyone else in attendance we really just want to talk about ROS and see what other kind or Robotics people are working on. If you find some time, enlighten us on your work.

ExTiX 19.10 "The Ultimate Linux System" Is Now Based on Ubuntu 19.10, Runs LXQt

Filed under
Linux
Ubuntu

Dubbed by the developer as "The Ultimate Linux System," ExTiX 19.10 is based on Ubuntu 19.10 (Eoan Ermine), but ships with the lightweight LXQt desktop environment instead of GNOME to allow users to use it on their UEFI-enabled computers. ExTiX 19.10 is using the latest LXQt 0.14.1 desktop environment by default.

"ExTiX 19.10 LXQt DVD 64 bit is based on Debian and Ubuntu 19.10. The original system includes the desktop environment GNOME. After removing GNOME I have installed LXQt 0.14.1," said Arne Exton. "This ExTiX LXQt Build is for installation to UEFI-enabled computers."

Read more

System76 Releases Pop!_OS 19.10 with Many Improvements, Based on Ubuntu 19.10

Filed under
OS
Ubuntu

Based on Canonical's recently released Ubuntu 19.10 (Eoan Ermine) operating system, Pop!_OS Linux 19.10 ships with the latest GNOME 3.34 desktop environment and introduces a new upgrade process that supports offline upgrades, which will be used from now on to upgrade between Pop!_OS releases.

"When an upgrade becomes available, it is downloaded to your computer. Then, when you decide to upgrade to the newest version of your OS, the upgrade will overwrite the current version of your software. However, this is not to be confused with an automatic update," writes Systems76 on their blog.

Read more

Also: Theme Updates, Offline Upgrades Headline New Additions to Pop!_OS 19.10

Ubuntu Touch OTA-11 Release

Filed under
Ubuntu
Gadgets

Kugi has outdone himself this time. With this update you'll find a new way to edit text via the Ubuntu Touch on-screen keyboard: the Advanced Text Functions. Using this feature, you can move around your typed text, undo and redo actions, move around a text selection rectangle, and use the cut/copy/paste commands, all from the same overlay. To get started, press and hold the space bar!

We are still unsure about the discoverability of this feature, so stay tuned for changes that will make it even easier to find and use!

This update also adds the option of a Dvorak keyboard layout for the refined OSK user. The PR included fixes to allow multiple keyboard layouts to share the same correction dictionary and word overrides. Huge thanks, zoenb!

Rounding off the updates to the keyboard are improvements to the Polish layout, removing some diacritics that are not used in the language (Thanks, Daniel20000522!); the same treatment for the French-Swiss layout (Thanks, wilfridd!); and a tweak to the Japanese layout so that it respects your settings better (Thanks, Fuseteam!). If you'd like to get in on the keyboard-improving action, Tallero added instructions for building and testing the keyboard to its Readme at https://github.com/ubports/keyboard-component.

Read more

Also: UBports' Ubuntu Touch OTA-11 Released

Canonical Has a New Ubuntu Desktop Director

Filed under
Ubuntu

Martin Wimpress is a name that should be familiar to many of you due to his efforts within the open source and Linux communities.

This includes his leadership of the Ubuntu MATE flavour; his work as a Snapcraft engineer; development on the MATE desktop; involvement in open source events and conferences around the country; and his many podcast activities, including being velvet voiced co-anchor of the Ubuntu UK podcast.

Read more

Ubuntu MATE 19.10 Has Two Awesome New Features For Linux Users

Filed under
Ubuntu

The Ubuntu 19.10 upgrade season is officially upon us, and I’ve been dabbling with several of the freshly updated Ubuntu-based distributions this past week. One of those is Ubuntu MATE 19.10, which has a pair of minor but exceptional new features you might appreciate.

You may know this feature as Optimus, and PRIME is Nvidia’s name for the Linux implementation. (Clearly someone over loves Transformers). This allows you to drive your display with one GPU (and thus saving power) while offloading more demanding tasks like gaming to your dedicated Nvidia GPU.

Read more

Canonical Outs New Linux Kernel Security Update for Ubuntu 18.04 and 16.04 LTS

Filed under
Linux
Security
Ubuntu

Affecting both the Linux 4.15 kernel used in Ubuntu 18.04 LTS (Bionic Beaver) and Ubuntu 16.04.6 LTS (Xenial Xerus) systems, the new security patch fixed an improperly implemented Spectre mitigation in the ptrace susbsystem (CVE-2019-15902), which could allow a local attacker to expose sensitive information.

It also addresses a buffer overread (CVE-2019-15918) discovered that the SMB networking file system implementation, which could allow an attacker to expose sensitive information (kernel memory), two flaws (CVE-2019-15117 and CVE-2019-15118) discovered in the USB audio driver that may allow a physically proximate attacker to crash the system, and a flaw (CVE-2019-14821) in the KVM hypervisor implementation that let a local attacker to crash the system.

Read more

Ubuntu: 20 Things To Do After Installing Ubuntu 19.10, New Patches, and Extended Security Maintenance (ESM)

Filed under
Ubuntu
  • 20 Things To Do After Installing Ubuntu 19.10 ‘Eoan Ermine’

    Ubuntu 19.10 with codename Eoan Ermine is now here and available for install. For those of you who are eager to check the latest Ubuntu version and for all newcomers to the Linux family, we have prepared few tips to help you get started with Ubuntu 19.10 and get what you may need to complete the setup of your desktop/laptop distro.

  • Ubuntu 19.10 (Eoan Ermine) Gets First Linux Kernel Security Patch, Update Now

    Canonical's recently released Ubuntu 19.10 (Eoan Ermine) operating system has received today its first Linux kernel security patch to address an important security vulnerability.

    Released last week on October 17th, Ubuntu 19.10 (Eoan Ermine) brought numerous new features and improvements, including experimental ZFS on root support in the installer, LZ4 initramfs compression for all architectures, up-to-date toolchain, and embedded Nvidia graphics drivers. It also ships with the latest Linux 5.3 kernel series.

  • How Ubuntu Advantage delivers top-notch Linux security

    Every two years in April, a Long Term Support (LTS) release is published. Ubuntu LTS releases are commonly used in enterprise environments, with more than 60% of large-scale production clouds running Ubuntu LTS images.

    Ubuntu 18.04 LTS (Bionic Beaver) is the latest Ubuntu LTS release, with Ubuntu 20.04 LTS coming in April 2020. Each new LTS release is supported for ten years total; five years of standard support, and five additional years of support under Ubuntu Advantage for Infrastructure (UA-I). UA-I provides users and organisations access to key security fixes and patches, including Canonical’s Extended Security Maintenance (ESM) and Kernel Livepatch services.

    Twice every year, in April and October, interim releases are published. They are commonly used by those interested in the latest features and capable of upgrading more frequently.

    Our latest interim release, which arrived last week, is Ubuntu 19.10 (Eoan Ermine). It enhanced capabilities include the latest OpenStack Train release for live-migration assistance, improved security for Kubernetes deployments at the edge and significant updates to desktop performance. Standard support for an interim release is provided for nine months with no additional support extension offered.

Syndicate content

More in Tux Machines

Android Leftovers

Kernel Articles at LWN (Paywall Just Expired)

  • Filesystem sandboxing with eBPF

    Bijlani is focused on a specific type of sandbox: a filesystem sandbox. The idea is to restrict access to sensitive data when running these untrusted programs. The rules would need to be dynamic as the restrictions might need to change based on the program being run. Some examples he gave were to restrict access to the ~/.ssh/id_rsa* files or to only allow access to files of a specific type (e.g. only *.pdf for a PDF reader). He went through some of the existing solutions to show why they did not solve his problem, comparing them on five attributes: allowing dynamic policies, usable by unprivileged users, providing fine-grained control, meeting the security needs for running untrusted code, and avoiding excessive performance overhead. Unix discretionary access control (DAC)—file permissions, essentially—is available to unprivileged users, but fails most of the other measures. Most importantly, it does not suffice to keep untrusted code from accessing files owned by the user running the code. SELinux mandatory access control (MAC) does check most of the boxes (as can be seen in the talk slides [PDF]), but is not available to unprivileged users. Namespaces (or chroot()) can be used to isolate filesystems and parts of filesystems, but cannot enforce security policies, he said. Using LD_PRELOAD to intercept calls to filesystem operations (e.g. open() or write()) is a way for unprivileged users to enforce dynamic policies, but it can be bypassed fairly easily. System calls can be invoked directly, rather than going through the library calls, or files can be mapped with mmap(), which will allow I/O to the files without making system calls. Similarly, ptrace() can be used, but it suffers from time-of-check-to-time-of-use (TOCTTOU) races, which would allow the security protections to be bypassed.

  • Generalizing address-space isolation

    Linux systems have traditionally run with a single address space that is shared by user and kernel space. That changed with the advent of the Meltdown vulnerability, which forced the merging of kernel page-table isolation (KPTI) at the end of 2017. But, Mike Rapoport said during his 2019 Open Source Summit Europe talk, that may not be the end of the story for address-space isolation. There is a good case to be made for increasing the separation of address spaces, but implementing that may require some fundamental changes in how kernel memory management works. Currently, Linux systems still use a single address space, at least when they are running in kernel mode. It is efficient and convenient to have everything visible, but there are security benefits to be had from splitting the address space apart. Memory that is not actually mapped is a lot harder for an attacker to get at. The first step in that direction was KPTI. It has performance costs, especially around transitions between user and kernel space, but there was no other option that would address the Meltdown problem. For many, that's all the address-space isolation they would like to see, but that hasn't stopped Rapoport from working to expand its use.

  • Identifying buggy patches with machine learning

    The stable kernel releases are meant to contain as many important fixes as possible; to that end, the stable maintainers have been making use of a machine-learning system to identify patches that should be considered for a stable update. This exercise has had some success but, at the 2019 Open Source Summit Europe, Sasha Levin asked whether this process could be improved further. Might it be possible for a machine-learning system to identify patches that create bugs and intercept them, so that the fixes never become necessary? Any kernel patch that fixes a bug, Levin began, should include a tag marking it for the stable updates. Relying on that tag turns out to miss a lot of important fixes, though. About 3-4% of the mainline patch stream was being marked, but the number of patches that should be put into the stable releases is closer to 20% of the total. Rather than try to get developers to mark more patches, he developed his machine-learning system to identify fixes in the mainline patch stream automatically and queue them for manual review. This system uses a number of heuristics, he said. If the changelog contains language like "fixes" or "causes a panic", it's likely to be an important fix. Shorter patches tend to be candidates.

  • Next steps for kernel workflow improvement

    The kernel project's email-based development process is well established and has some strong defenders, but it is also showing its age. At the 2019 Kernel Maintainers Summit, it became clear that the kernel's processes are much in need of updating, and that the maintainers are beginning to understand that. It is one thing, though, to establish goals for an improved process; it is another to actually implement that process and convince developers to use it. At the 2019 Open Source Summit Europe, a group of 20 or so maintainers and developers met in the corner of a noisy exhibition hall to try to work out what some of the first steps in that direction might be. The meeting was organized and led by Konstantin Ryabitsev, who is in charge of kernel.org (among other responsibilities) at the Linux Foundation (LF). Developing the kernel by emailing patches is suboptimal, he said, especially when it comes to dovetailing with continuous-integration (CI) processes, but it still works well for many kernel developers. Any new processes will have to coexist with the old, or they will not be adopted. There are, it seems, some resources at the LF that can be directed toward improving the kernel's development processes, especially if it is clear that this work is something that the community wants.

Server Leftovers

  • Knative at 1: New Changes, New Opportunities

    This summer marked the one-year anniversary of Knative, an open-source project that provides the fundamental building blocks for serverless workloads in Kubernetes. In its relatively short life (so far), Knative is already delivering on its promise to boost organizations’ ability to leverage serverless and FaaS (functions as a service). Knative isn’t the only serverless offering for Kubernetes, but it has become a de-facto standard because it arguably has a richer set of features and can be integrated more smoothly than the competition. And the Knative project continues to evolve to address businesses’ changing needs. In the last year alone, the platform has seen many improvements, giving organizations looking to expand their use of Kubernetes through serverless new choices, new considerations and new opportunities.

  • Redis Labs Leverages Kubernetes to Automate Database Recovery

    Redis Labs today announced it has enhanced the Operator software for deploying its database on Kubernetes clusters to include an automatic cluster recovery that enables customers to manage a stateful service as if it were stateless. Announced at Redis Day, the latest version of Kubernetes Operator for Redis Enterprise makes it possible to spin up a new instance of a Redis database in minutes. Howard Ting, chief marketing officer for Redis Labs, says as Kubernetes has continued to gain traction, it became apparent that IT organizations need tools to provision Redis Enterprise for Kubernetes clusters. That requirement led Redis Labs to embrace Operator software for Kubernetes developed by CoreOS, which has since been acquired by Red Hat. IT teams can either opt to recover databases manually using Kubernetes Operator or configure the tool to recover databases automatically anytime a database goes offline. In either case, he says, all datasets are loaded and balanced across the cluster without any need for manual workflows.

  • Dare to Transform IT with SUSE Global Services

Audiocasts/Shows: FLOSS Weekly and Linux Headlines

  • FLOSS Weekly 555: Emissions API

    Emissions API is easy to access satellite-based emission data for everyone. The project strives to create an application interface that lowers the barrier to use the data for visualization and/or analysis.

  • 2019-11-13 | Linux Headlines

    It’s time to update your kernel again as yet more Intel security issues come to light, good news for container management and self-hosted collaboration, and Brave is finally ready for production.