The beta of Ubuntu 9.10, otherwise known as Karmic Koala, contains the expected core open-source updates, but includes a number of important enhancements to make it even more attractive as the Linux distro of choice on the desktop
The Ubuntu project has released a beta version of its next Linux-based operating system release, with a number of new enhancements designed to broaden its appeal as the Linux distribution of choice on the desktop.
It is known as Ubuntu 9.10 or more fancifully, as the Karmic Koala. I’ve been testing this in-development Ubuntu version for several weeks now, but this beta milestone seems like a good time to single out a handful of the new or enhanced features that have caught my eye so far.
Karmic will ship with a long list of enhancements and additions, including the sort of core open-source application updates you expect to see with any Linux distribution refresh (new versions of Firefox, OpenOffice.org and the GNOME desktop environment). Beyond these typical updates, however, I’ve taken particular note of changes around disk encryption, tightened system permissions and cloud service integration.
All told, I expect that the 9.10 release will strengthen Ubuntu’s position as the most popular Linux option for desktop and mobile implementations. On the server side of the distribution, the Ubuntu project has covered a lot of ground on private and public cloud deployment options with this release, and eWEEK Labs will investigate these enhancements in an upcoming story.
Given how easily notebooks and netbooks can be lost or stolen, and how easily an unauthorised person can pull sensitive data from an unencrypted disk, no one should be toting a portable computer around without the protection of hard-drive encryption. The past few Ubuntu releases have offered users the option of encrypting all but their boot partitions with block-level encryption, but this feature has been limited to the text-based alternate install disk, which most users pass over in favour of the default LiveCD-based install disk. What’s more, the UNR (Ubuntu Netbook Remix) installer offers no clear path to encrypted hard drives at all.
Rather than build this block-level encryption option into its default installer, the Ubuntu team has been pursuing an encryption scheme that’s layered atop the file system and that targets specific system folders, as opposed to encrypting everything on disk.
Version 8.10 saw the addition of an encrypted Private directory for each user. However, to take advantage of the directory’s protection, users had to copy files into the directory, and for application configuration folders, create symlinks from the folder to the home directory locations where the applications expected to find these folders. In Version 9.04, the team expanded this protection to cover the entire home directory, but the option to trigger this protection was exposed only in the alternate installer.
In Ubuntu 9.10, this home directory encryption option has finally made its way into the default LiveCD installer. During installation, the Ubuntu installer asked me whether I wanted to configure my system for auto-login, for password-protected login or for password-protected login with home directory encryption. Choosing the home directory encryption option also configures the swap partition for encryption, which is important because sensitive data can hang around in swap, even on systems with plenty of RAM.
In contrast to the block-level encryption option, which is still available in the alternate installer, Ubuntu’s home directory encryption should deliver improved performance by ignoring data outside of home or swap directories. Most of what’s in the root directory of an Ubuntu system isn’t particularly sensitive – after all, both the binaries and the source for most of what you’ll find there are available for free public download.
What’s more, this home directory encryption scheme allows for unattended booting (the block-level method requires a passphrase at boot time), as well as for multiple home directories, each encrypted with its own key.
For now, however, systems encrypted in this way lack hibernation support, due to the method used to encrypt the swap partition. With that said, the Ubuntu project is working on a solution for re-enabling hibernation.
Firefox AppArmor Policy
Ubuntu has been shipping with the AppArmor enhanced access control framework since Version 7.10, and while the Ubuntu’s AppArmor implementation has never been promoted or exposed to users as prominently as SELinux has in Red Hat’s Fedora and RHEL distributions, the framework has been making steady progress during the past several Ubuntu releases.