What’s new in Mandriva 2008.0

In less than two weeks time, six months after the great Mandriva 2007.1 Spring release, Mandriva 2008.0 will be ready and published. Currently, Release Candidate 2 is out, it’s your last chance to test it and make sure everything is working before the final release!

There were great ideas at the start of the development phase, and in in those six months that have passed, Mandriva has always been one of the most active projects on CIA.vc. This gives much hope for lots of improvements, so let’s take a look at what can be expected from Mandriva 2008.0.

Update 2 October 2007: The following translations of this article are now available, with thanks to the translators:

Installation

Mandriva’s installation is largely unchanged from a user point of view. The most important visible change, is the fact that the user is now asked which desktop he wants to install, KDE or GNOME. After this choice, no more questions are asked, and a default selection of packages based on the chosen desktop is installed. Of course advanced users, can still do a custom selection of packages to install. After the installation, the user gets welcomed in a web based first time wizard.

Mandriva 2008 installation: desktop choice

Mandriva 2008 installation: summary screen

Improved graphical and sound theme

Mandriva still uses the ia_ora graphical theme like was the case in previous version. There have been several important improvements however. Especially the KDE version, which was of a much lower quality than the GNOME version, has improved a lot. The menus and the window decoration look much nicer, the vertical separators in the toolbars are not ugly anymore,… For the Mandriva One live CDs a new nice blue colour theme has been created. The strong orange theme is not used by default anymore, but is still available for people who like it.

The wallpapers have been renewed, and also the splash screens (bootsplash, and GNOME and KDE splash screens) and screensaver have received a fresh new look. There is a new start-up sound, which will now also be enabled in GNOME.

Mandriva 2008.0 also has improved font rendering, thanks to the new freetype and the inclusion of the Liberation fonts, which improve compatibility with the non-free Microsoft fonts.

Mandriva 2008 boot splash screen

KDE splash screen

Improved and more stable desktop environments

KDE

The KDE version which is included is 3.5.7, with a lot of recent patches from the KDE 3.5 branch added. It is definitely the most stable KDE version ever. Especially the KDEPim applications (such as KMail and Korganizer), are a lot more stable now. KPDF is based on the latest version of XPDF now, which should improve rendering of some PDF documents. Konqueror’s rendering engine had a lot of bug fixes and when hovering your mouse over a link, an icon will now be displayed to show if the link will be opened in another window or in your mail client.

Kaffeine is now again the default video player in Mandriva’s free edition. Both the Xine back-end and Kaffeine have been compiled with XCB support, which should greatly improve the stability, especially when viewing embedded movies in Konqueror. In the PowerPack edition users can buy in the Mandriva Store, the default video player is Totem with the GStreamer back-end, because it includes non-free and patented codecs distributed by Fluendo.

The Kickoff menu is now available in Mandriva 2008.0, but not enabled by default, because not everyone likes it. If you want to enable it, you can do so by richt clicking on the menu icon in the Kicker panel at the bottom of your screen. The KDE ioslave sysinfo:/ will give a nice overview of your hardware.

Mandriva 2008 KDE desktop

Konqueror with Metabar

GNOME

Mandriva 2008.0 includes the brand new GNOME 2.20 which include a lot of improvements. The Evince document viewer now uses the new Poppler 0.6 back-end, which improves PDF rendering and supports interactive forms. Evolution will now warn you before sending if you refer to an attachment in your mail text, but forgot to include it. If you are using the threaded view in Evolution and a new message is received in a mail thread, the whole thread will be moved to the top (or bottom, depending on your ordering settings), so you surely won’t miss the new message. Keyboard users will like the fact that they can read all of their mail with a single key, the space bar. Pressing the space bar, will scroll further in the message, and when you arrive at the end, pressing the space bar, will bring up the next unread e-mail. Corporate users will be happy with the many improvements in the Exchange and Groupwise support.

The Rhythmbox music player now supports gapless playback, synchronizes with more portable media devices (notably via MTP) and its memory usage has been reduced.

The desktop search application Beagle included a lot of bugfixes. It will be more stable now, and thanks to performance improvements it will interfere much less with normal work.

Other GNOME improvements include the usage of notification messages if special events are happening (when e-mail arrives for example), improvements to the picture viewer EOG, a better documentation system,… Pidgin now replaces GAIM as the default instant messaging application. The popular Windows FTP client FileZilla has just made its debut in Linux with the newly released version 3 and it’s now the default FTP client in GNOME.

Mandriva 2008 GNOME desktop

Mandriva 2008 GNOME applications

XFCE

XFCE also received some attention in this Mandriva release. Mandriva now includes many typical XFCE applications, like Ristretto and Squeeze. Thanks to the task-xfce RPM package, you can easily install a complete XFCE desktop on systems with less powerful hardware. Compositing is now enabled in the XFCE packages. It’s possible there will be a Mandriva One version which uses XFCE as its default desktop later.

Mandriva 2008 XFCE desktop

Improved applications menu

One year ago, I wrote a proposal for a new menu structure. I dedicated a long time to write this proposal, and in the end I got a bit fed up with it, as I did not knew if actually it would lead to something. So as you’ll probably notice if you read the document, I’ve actually never proofread the whole document :-) Anyway, Mandriva apparently found my proposal very interesting, and decided to implement it for 2008.0. The menu structure is much less nested now: all important applications can now be found directly under the main categories, while before they were nested two levels deep. This will make applications easier to find. If you have both GNOME and KDE installed, the menus will now make a difference between desktop native applications, and applications of the other desktop. The desktop native ones will always be on a higher level, to indicate to users that they should rather use that ones for reasons of integration.

GNOME applications menu

KDE Kickoff menu

New cool desktop effects with Compiz Fusion

Mandriva 2008.0 includes Compiz 0.5.2 with the Compiz Fusion plug-ins. These are a merge of the old Compiz and Beryl effects. Compiz is generally faster than before, and there are lots of nice new effects, like the Shift Switcher plug-in, giving you Apple Coverflow or Vista window flip effects.

Gnome Compiz Fusion desktop cube
KDE Compiz Fusion shift switcher
KDE: Kaffeine and Compiz Fusion window preview

Better hardware support

Kernel

Mandriva 2008.0 will ship with a Linux 2.6.22.6 based kernel. It supports much more hardware than the kernel which was shipping with Mandriva 2007.1 Spring: support for all the newest SATA and SAS controllers, support for more DVB devices, improvements to the audio and networking support (for example important improvements to popular sky2, forcedeth, skge drivers and e1000 drivers) and much more.

Especially wifi support should be a lot better now. Linux 2.6.22 includes the new wifi stack mac80211, contributed originally by the company Devicescape. Mandriva has included many new drivers based on this stack, such as the b43 driver for Broadcom based devices, iwlwifi for Intel devices, Ralink drivers, etc…

Mandriva now also ships the pata drivers, which are a new replacement for the old IDE drivers. If you use these pata drivers, your IDE devices will now also be recognised like SCSI devices (sda, sdb, sr0,sr1,…). Because there are still some problems with these drivers, they are not used by default. The old, proven IDE drivers are still preferred for now.

Video card drivers

Mandriva 2008.0 ships xorg xserver 1.3 with many bug fixes included. It is a very stable basis. All latest xorg drivers are shipped, supporting all the newest graphical cards. Intel users will enjoy the randr 1.2 support, giving them the possibility to hotplug a second display. The 915resolution utility, which was needed to set the correct resolution on some laptop systems, is not needed anymore in Mandriva 2008.0.

Mandriva 2008.0 also includes the brand new Avivo driver for ATI r500 based chipsets (ATI X1xxx graphics cards, amongst others). Because the driver is in its early stages of development, it will only be enabled on cards on which this driver has already proven to be stable.

The ATI and NVidia binary drivers can now be downloaded from the non-free repositories. All the latest versions are available.

Laptops: suspend and resume

Suspend and resume support should be much better in Mandriva 2008.0, thanks to the new kernel and also the many improvements in Hal, which now includes more quirks for different laptop models.

Printers

Printer support has been greatly improved in Mandriva 2008.0. Mandriva ships with the latest Cups 1.3, and the latest PPD files from OpenPrinting. The new HPLIP drivers are included for HP devices, and Gutenprint has been updated to version 5.0.1, also adding support for new printer models. Printer drivers have been split, so the printing configuration utility will not need to install all different printer drivers on your system. GPL Ghostscript 8.60 is now included. It is the result of the merge between the AFPL Ghostscript which became GPL’ed, and the ESP Ghostscript systems.

Digital cameras and portable audio players

New versions of libgphoto2 which supports new digital cameras, and a new libmtp version supports new portable audio players, which can be accessed from Amarok and from Rhythmbox. Photographers taking RAW images, will be happy with the inclusion of Rawstudio, a graphical application to import and convert RAW images. Of course UFraw, with full colour profile support, wavelet noise reduction and a Gimp plug-in is included too.

Improved performance

The kernel in Mandriva 2008.0 now uses the CFQ (Complete Fair Queuing) I/O scheduler by default, while it was using the AS (Anticipatory Scheduler) in previous releases. On most systems, the CFQ scheduler will perform better. It tries to prevent disk intensive applications from slowing down other applications too much. It also takes into account the nice levels to determine the read priority. With the ionice command, I/O scheduling priorities can be tuned in yet more detail. If CFQ would cause performance regressions for you (possible with certain workloads, especially on laptops with slower hard drives), you can change the I/O scheduler back to AS by adding elevator=as to the append lines /boot/grub/menu.list.

The new CFS (Completely Fair Scheduler) process scheduler by Ingo Molnar has also been included in Mandriva’s kernel. This process scheduler will give all concurrently running tasks a fair deal of CPU time, so that one CPU intensive application cannot prevent other processes from getting the CPU time they need to work correctly. This is for example an advantage for multimedia applications, as it will make audio and video skipping much less likely.

The swap prefetch patch will preload swapped out pages in RAM if enough memory became free again. This way, the system will be much faster responsive after a “swap storm”.

The whole system has been built with the latest Glibc 2.6.1 libraries and the GCC 4.2.2 RC compiler. Together with many improvements in the different applications all over the board, this gives us a nice overall performance.

Better battery uptime for laptop computers

Mandriva 2008.0 will install a specially adapted kernel for laptop computers. This kernel uses 100 Hz resolution timers, and has the NO_HZ option set, so that timers will only be fired when an interrupt is waiting. USB suspend is enabled on this kernel, and when you install Mandriva 2008.0 on a laptop computer, also AC97 sound driver suspend will be activated.

Thanks to the Powertop application developed by Intel, a lot of other problems were detected and finally fixed in both the kernel and different applications. Most of the system is now tuned to not prevent the processor from entering the power consuming C3 state. The Beagle indexer will not be activated if you are running on battery power.

Improvements to the Mandriva Control Center

In the Mandriva Control Center, the different tools in the main categories, are now subdivided in subcategories, which will make it easier to find the right tool.

The network settings are now consolidated in the Network Center. In this tool, you will see an overview of the different network interfaces in your system (both wired and wireless), you can easily activate and disactivate them, and change their configuration or start a monitoring tool.

Another new tools is the Migration Wizard which helps users migrating from Windows to Linux. It can copy their documents from the Windows partition to the Linux home partition, import Outlook Express’ e-mail client settings, and configure the same wallpaper as in Windows.

Speaking of Windows, Mandriva will now mount the Windows NTFS partition with the ntfs-3g driver, giving stable write support.

Mandriva 2008 Control Center

Improvements to the package manager and packaging

The packgage manager urpmi has been greatly enhanced in Mandriva 2008.0. Its dependency resolution algorithm has been improved and a lot of performance enhancements were implemented. Urpmi will now show a much nicer list of the packages which will be installed. It also supports the “Suggests” tag for RPM packages: using this tag, a package can be recommended for installation together with another package, without defining it as a real dependency which the user cannot remove anymore afterwards. Thanks to the new devel packages policy, the user won’t have problems anymore with conflicting -devel packages, like was the case in the past when upgrading your Mandriva distribution.

The graphical package management applications in Mandriva benefit from similar performance enhancements.

Servers and security

Mandriva 2008.0 includes the latest server packages, which offer the best security: Apache 2.2.6, PHP 5.2.4 with the latest Suhosin patch protecting your PHP applications from attacks,… The Kolab groupware server package is supported again in 2008.0, and has been updated to version 2.1.

All services which are remotely accessible will not be started anymore and all security sensitive applicatons have been built with strong stack protection compilation flags, to prevent damage in case of a trivial buffer overflow. Like before, a firewall is activated by default. For the first time, Novell’s AppArmor is included in Mandriva. It will prevent further damage if one service (for example a web application) gets cracked.

Virtualisation

Users can take fully advantage of the hardware virtualisation support included in the new AMD and Intel processors thanks to the latest KVM and QEmu. Virtualbox is now updated to version 1.5, enhancing its performance and fixing bugs. The Xen packages finally received some needed attention, and should now be usable.

Virtualbox

Anti-competitive behaviour

Finally Microsoft lost the appeal against the ruling of the European Commission. I heard an analyst say on the radio here that this would be bad for customers: users would receive an OS without multimedia player now, and would have to search for such a basic application themselves. Not so knowledgeable people, would even pay for such software. It’s unbelievable that people who don’t even know what this case is about, are being considered as “experts”. Microsoft is still allowed to sell the version with media player, and actually as history has proven already, almost nobody will be interested in distributing the OS without the media player. The most important thing of this ruling (and always ignored in popular media), is that Microsoft is forced now to publish “interoperability information”, which can be used by for example the Samba team, to better implement things like Active Directory support. This is what matters in this ruling! For those people who think that Europe is only trying to bully a successful foreign commercial company, please read the whole ruling. As you’ll see, this was not a light decision. See paragraphs 807-809 for the decisions related to the interoperability information.

Speaking of anti-competitive behaviour, Apple currently is not much better than Microsoft. The new iPOD generation, protects its internal database with a hash, making it impossible to play any files uploaded with programs other than iTunes. All other alternatives cannot be used anymore, and because iTunes only exists for Windows and Mac OS X, Linux users are completely locked out. A few days later, the hash was already cracked, so this proves once again that all this DRM-alike stuff is not working at all, and just annoying users. Actually this is not the first time Apple is trying to block its competitors. It already has done something similar with the DAAP protocol in the past, also locking out all non-iTunes users. Hello Europe, will you continue accepting this?

If anybody knows of a good alternative for the iPOD, supporting Ogg Vorbis and having a capacity of at least 20 GB, I would like to hear about it. And don’t answer Cowon’s iAUDIO. Owning an iAUDIO M3 for a bit more than 3 years, I know that this player has a very serious hardware design flaw, actually making the whole device almost unusable in the end, and technical support in Europe is almost non-existent. So no more Cowon for me anymore…

Why people hate Microsoft…

I found this nice article by Jeremy Allison, developer of Samba, the widely used *nix implemtation of Microsoft’s CIFS protocol. I think it illustrates very well why lots of people started hating Microsoft. Apparently this company is all for standards if it’s in its own interests in order to defeat the competition, but once it is in a leading position itself, everything will be done to kill any standardisation and openness…

http://tuxdeluxe.org/node/255

The right Kaffeine back-end

Big discussion tonight on the -cooker IRC channel on irc.freenode.org: apparently the management has decideded that Kaffeine will be the default KDE player (which is fine) and that it will use the GStreamer back-end, which is actually marked as experimental by its developers

The reason why Mandriva wants to ship Kaffeine with the GStreamer back-end, is because they can then include the non-free decoders by Fluendo, which implement patent-protected formats. Mandriva has always been shipping xine and mplayer with complete ffmpeg support by default, and this supports formats like MPEG4 (read: divx), WMA, WMV, MP3 which are patent-protected. Most other distributions, actually don’t even support these formats out of the box, because of the patent trap. Now instead, Mandriva wants to use the Fluendo decoders in the Powerpack edition. These codecs are non-free (in both senses), but there are no legal issues, becaues Fluendo has signed agreements with the patent holders.

Some Kaffeine developers joined the discussion, and gave arguments why this should not be done. Actually they consider the Kaffeine back-end as experimental. It is not included in a lot of distributions, and thus has not been well tested. The Kaffeine developers don’t even plan to fix and maintain the GStramer back-end in the future, as it will be removed in favour of a Phonon back-end in KDE 4. The Gstreamer back-end does not support DVB, unlike the Xine back-end. Unlike Xine with XCB support, GSTreamer is not thread-safe, which could cause again the instabilities when embedded in Konqueror. This was the reason why Kaffeine was actually not the default video player in 2007.1, but instead, KMPlayer was installed. Also because of the change this late in the release process, Kaffeine + GStreamer would be very badly tested by Mandriva users before 2008.0 final is out.

Anyway, thanks to the discussion and the arguments given by the Kaffeine developers, it seems like Xine will after all be the default back-end in 2008.0. I think that’s the only right decision. It’s stable, it’s mature, it has been very well tested. So after all the consternation, the right decision will probably be taken, and Mandriva will release with a good video player by default!

New graphical template

I updated this blog to Serendipity 1.2 (svn branch snapshot) and set up a new graphical theme: bulletproof. There is still some tweaking left (reinstallation of some plug-ins, probably just like before I will still need to patch Serendipity a bit to play well with multilingual posts, etc…), but for now, I am very happy with the result.

Now I should try to blog a little bit more than the last few months :-)

Clamav is great

Like a lot of people, I use the free anti-virus program Clamav on my mail server. Last week, I was seriously impressed with its performance.

It started last wednesday, 25 July. At about noon, I received a mail by amavisd-new that it had blocked an e-mail containing a virus, Trojan.Downloader-11827. What was strange, is that I received this message on an e-mail account which is protected by my ISPs proprietary anti-virus solution. So it had not caught this virus, while Clamav did. Then I submitted the file to virustotal.com, and apparently only a few (about five) anti-virus programs detected the virus. Amongst others, Kaspersky, F-Secure, NOD32, Bitdefender, Symantec and of course Clamav. In the clamav-virusdb mailing list archives, I found that Clamav had detection for this virus since 7h21 CEST, so it was really amongs the first to detect this virus.

Then friday evening, I was looking at the blocked spam messages (I use spamassassin too on this server), and noticed that it had blocked an e-mail message containing an exe file. A spam message with an exe file, that sounded suspicious, but Clamav could not detect a virus. Again I submitted the file to virustotal, and there was one positive result: Ikarus detected it as a trojan horse. I submitted the file via clamav’s website at around 19h CEST. About half an hour later, I received a message that detection for this virus had been added. I updated Clamav, and indeed, it was recognized. I checked the file again on virustotal, around 20h, and then there were 4 anti-virus programs recognizing it: Clamav, F-Prot Ikarus and Virusbuster. 1.5h later, Antivir, AVG and Kaspersky had also added detection. Other well-known anti-virus vendors, still did not detect it at that moment such as Bitdefender, F-Secure, NOD32, Panda, Sophos and Symantec.

In the meantime, F-Secure blogged about these two virus outbreaks: funny.zip and fungame.zip

Two conclusions:

  • Clamav has an excellent response time, which is comparable to the best proprietary anti-virus solutions. If you have an e-mail server, you definitely want to integrate Clamav in it, even if you already have a proprietary solution (Clamav is particulary good in detecting phishing mails too!)
  • No anti-virus program is perfect. If you receive an e-mail message at the start of a virus outbreak, it’s quite possible that your anti-virus solution will not detect it yet, no matter which anti-virus you have.

Mandriva is not negotiating a patent deal with Microsoft

Several sites are spreading unfounded rumours that Mandriva will be the next one signing a patent deal with Microsoft, after Novell, Xandros and Linspire. Adamw, a Mandriva employee answered to the rumours on the Mandriva Cooker IRC channel today:

09:32 < AdamW> sander85: there are no plans to do a deal with microsoft,
and that comes from the top (fb)

(fb is probably François Bancilhon, Mandriva’s CEO).

Can we please stop spreading pointless rumours, and get back to real work and news please?

Update: Official statement

The end of the CK kernel patch set

Today kernel developer Con Kolivas announced that he will stop developing his Linux patch which improves desktop performance. For people who have followed recent discussions about his SD CPU scheduler and about the inclusion of his swap prefetching patches in the Linux kernel this will not come as a surprise.

The CK patch set was popular especially amongst desktop users who want to get maximum performance out of their machine. The CK kernel came with a different CPU scheduler (first Staircase, later SD), which improves the smoothness of desktop applications (for example no more sound stuttering), the mapped watermark patches, which makes the OS use less swap, and the swap prefetching patches, which makes the system more responsive after a memory hungry application caused others to be temporarily swapped out. The CK patch set was also used in several distro kernels, such as the Mandriva’s tmb kernel and kernels in Gentoo and Arch Linux.

The decision to completely stop kernel development, came after the critical reactions by other kernel developers about the SD scheduler and swap prefetching. After the first releases of the SD kernel, some developers preferred trolling instead of helping out to fix the problems which existed at that time. While the SD scheduler slowly became more and more stable, only thanks to Con Kolivas efforts, a competing scheduler (CFS) which was based on the same concepts, was started. Now that both schedulers are mature and stable, a lot of CK kernel users and Con Kolivas himself are left wondering why it was even necessary to start competing with SD, instead of uniting all powers to make one great scheduler.

Swap prefetching was already proposed for inclusion in the Linux kernel a long time ago. But several developers remained critical, while a lots of users reported improvements by these patches. The patches were included in the mm kernel, but developers did not really review it and proposed it for the mainline kernel. Until Ingo Molnar finally stepped up recently, and gave some positive comments after a code review. Again some developers started criticizing the patch, and the future of this patch became again unclear.

With all this in mind, it’s normal that Con Kolivas got fed up with Linux kernel development. It seems some Linux developers really need to do something to improve their communication, and need to be a bit more reasonable and constructive, instead of immediately criticizing one’s efforts. This is at least the second kernel developer who got fed up with the way the Linux kernel development goes in a short time.

Developers come and go, that’s a normal process. Still I think Con Kolivas’ departure could have been avoided. In the end, we can only thank him for his great work, which certainly was not useless. In the end, the CFS scheduler which will be included in Linux owes a lot to Con Kolivas’ ideas, and I hope the other patches will find their way to inclusion in other patch sets in way or another.

Resistance is futile, you will be packaged!

Today, I had again the honour to work with an operating system which is not based around a package manager. The victim: Mac OS X Server. It’s a brand new Mac Pro machine being used as a mail and web server.

Mac OS X Server already comes with most software for configuring a web and mail server included, and has graphical configuration tools. Postfix, Cyrus, Amavisd-new, Spamassassin, Clamav, Apache HTTPD, etc, are all there by default, and easy to configure. Sounds great? Wait a minute…

The problem is that the versions included, are really old, even completely outdated. Let’s take Apache. The version included is some 1.3 version. If you need Subversion running on Apache with Webdav support, then you need at least Apache 2.0… Clamav? the included version is some 0.88 version, which cannot use today’s virusdb updates anymore. That makes Clamav completely useless… Spamassassin? You have the outdated version 3.0.1, hardly impressive if you need to filter’s todays spammer’s creations.

So to make your system really useful, you have to compile a lot of programs by hand. On the system there was Macports installed, and Perl version 5.8 (not sure if it came like this by default, or someone else installed these on this machine before I touched it). So I installed Spamassassin with Perl 5.8 CPAN. All went fine. Let’s restart amavisd, and it will be using the new spamassassin, right? Wrong! Amavisd-new itself is a Perl program, and does not use the spamassassin or spamc binaries, but directly accesses the Spamassassin Perl module. amavisd-new was still using Perl 5.6 as installed by default in Mac OS X, while Spamassassin used Perl 5.8 from Macports, so amavisd-new only found the old Spamassassin in @INC. That should not be too difficult to fix: let’s just change the shebang in amavisd-new, so it uses Perl 5.8 in /opt/local/bin. I restart amavisd, and got a lot of errors of missing Perl modules. By trial and error (read: installing dependency, trying to start amavisd, getting new error, installing dependency,….), I succeed in the end in installing all its dependencies, and amavisd starts fine now. A bit later, new mail starts arriving, and this causes weird errors in the amavisd log (something about wrong file handles). Huh? Well, the amavisd-new included in Mac OS X is very old (from 2004 or 2005 if I remember correctly). Maybe it simply does not work with Perl 5.8?

So now I had to upgrade amavisd-new too… Fortunately some great documentation on the web helped me a lot. Again I had to install some Perl dependencies with cpan, I had to patch amavisd-new for Mac OS X as instructed in the guide, and I had to recreate a new amavisd.conf file. But in the end, I finally had a working amavisd-new installation.

But we don’t have finished yet! Now it seems mails are not scanned anymore with Razor2, although it is installed by default in Mac OS X and I have activated it in my Spamassassin 3.2 configuration… Well it’s the same problem again: Razor2 is installed in Perl 5.6 @INC, but not in Perl 5.8. So again I had to grab the sources and install it by hand, to make it work. While at it, I also compiled Pyzor and dcc-client. And I created a little cronjob wich uses sa-update to grab new rules from SARE.

So, after several hours of work, I think I finally have an adequate working spam filtering system on Mac OS X Server. On an operating system with a good package manager and enough available packages, such as Debian or Mandriva, this would have cost me about an hour at most. Operating systems like Mac OS X, Slackware and others which lack a complete and well integrated packaging system and ditto repositories, really make this a terrible experience. Avoid them if you can!

Virtualbox 1.4

Only one week after I had no success with running Virtualbox on my Athlon 64 system, a new version was announced. One of the important changes in Virtualbox 1.4 is support for AMD64 hosts, so this seemed exactly what I was looking for! To test new distributions and software, I have already been using VMWare Server for some time, which is free (read: it costs nothing), but a real Free (as in free speech) virtualisation solution always sounds interesting, especially as Fedora 7 always crashed VMWare Server and my host.

Installation of Virtualbox was very easy. It has been packaged and integrated in Mandriva, so a simple “urpmi virtualbox” sufficed to install it. Already a lot easier than VMWare Server, which comes in different RPM and ZIP files you have to download and extract. There was no hassle with licences, as Virtualbox is released under the GPL unlike VMWare Server for which you need to register on the site to request a licence key.

The kernel modules for Virtualbox were automatically built with dkms. This time, there were no problems with my x86_64 2.6.21-tmb kernel! Again this was easier than in VMWare, which often needs the installation of an extra patch if you are running a recent kernel.

Configuration is a bit different than VMWare, but actually very easy. The only thing which seems more complex than VMWare, is configuration of bridged networking, i.e. if you want to integrate your virtual machine directly in your real network like a real physical machine. According to the documentation it requires some manual bridge configuration on the host, but I did not try this. For simple NAT networking, I had not to do anything, this worked out of the box and was sufficient for me.

Virtualbox supports everything you would expect from a modern virtualisation system: ACPI, networking, cd/dvd drives (you can access a physical drive or use an ISO file, like VMWare) and sound. The sound implementation in Virtualbox is even better than VMWare, as it can use both OSS and Alsa. With VMWare I never succeeded in having working sound, because I’m using Alsa, and VMWare always complained that /dev/snd was in use. With Virtualbox and Alsa, everything is working great now. Virtualbox also supports creation of snapshots. In VMWare Server you can only create one snapshot, if you need to create more, you have to pay for another edition. Did I say that Virtualbox has everything you would expect? Well, maybe that’s not true. There’s one important thing missing: unfortunately it does not have USB support. This is an important omission which I hope will be added soon, as this works great in VMWare.

Unlike VMWare, Virtualbox does not have any problem with the fact that I am using frequency scaling on my processor (AMD’s Cool’n’Quiet with the powernowd daemon in Linux). In VMWare I had to disable frequency scaling, otherwise the clock of the virtual machine went too fast or too slow most of the time. But not with Virtualbox!

Virtualbox uses a nice QT interface, which integrates very well in a KDE environment. I don’t like QT’s open and save dialogs too much, but as this is a virtualisation product, and not a document editor, you won’t need these too much, so I can live with that. Virtualbox can use VMWare images, but unfortunately it is still not so easy to import your VMWare virtual machines as the virtual hardware is different. My Mandriva 2007 Spring installation in VMWare did not succeed to mount the root partition in Virtualbox, because of the different hard drive controller. With a rescue CD and some manual regeneration of the initrd, it should be possible to overcome this problem though.

Performance of Virtualbox is good. It feels at least as fast as VMWare, so there are no bad surprises here. Virtualbox is more of a workstation virtualisation product though. Unlike VMWare Server, you cannot run virtual machines in the background, and connect to the virtualisation server from the network. At least, I did not see this functionality.

So, in the end I have to say I like Virtualbox a lot! It has a lot of advantages to VMWare Server: it has better sound support, better time keeping, creation of snapshots and generally is a bit easier to install and configure. And it installs Fedora 7 without crashing my machine! If you need USB support or a client-server virtualisation solution, you still have to take a look at VMWare Server though.