Testing Mandriva 2008.1 Cooker GNOME

This week-end, I installed Mandriva Cooker in a Virtualbox virtual machine. I did a default GNOME installation, and noted and reported all problems I found, in the hope of improving the quality for when a new alpha or beta version comes out. I did a network installation from my local Cooker mirror (which only has the main repository, no contrib). Here’s a quick summary of the problems I found:

  • There are currently problems when installing the / partition on a logical volume using LVM. The problem is known and being worked on. As a work-around, I installed using standard partitions
  • The keyboard layout selection dialog is very ugly and confusing, especially when the “More” part is opened. Reported as Mandriva bug #36521.
  • When I set the timezone to Europe/Brussels, in the next screen, the local time and UTC time were equal, which is impossible in this timezone. Reported as Mandriva bug #36522
  • After the installation, X did not want to start. This was caused by a problem in the Virtualbox display and mouse drivers. This bug was already reported as Mandriva bug #35085.
  • When X failed to start, the dialog program was used to show a message informing me that X could not be started. While this message was visible, it seemed like dialog was using 100% of CPU time. I need to verify if I can reproduce this bug.
  • After running urpmi –auto-select, the dkms modules could not be build anymore. My kernel was updated, but because Mandriva’s installer did not select kernel-desktop-devel, the kernel-devel package was not updated too. Reported as Mandriva bug #36524
  • Mandriva’s update applet mdkonline is way too verbose: when it is checking for updates, it shows a notification bubble stating: “Warning – Please wait, checking for updates”, and if there are no updates available it way say: “Warning – Your system is up to date”. The warning word gives the (wrong) impression something is wrong. And actually these messages don’t really interest me. I just want to be notified if something if wrong or if there are any updates available. Personally, I think this applet should even be completely hidden if there’s nothing to say, so it does not clutter my notification bar. Reported as Mandriva bug #36526
  • The Firefox GNOME theme was not installed by default. The problem is that the main repository only contains an outdated version of the theme, which cannot be installed anymore with Mandriva’s Firefox 2.0.0.11 packages. Contrib contains the right version. Reported as Mandriva bug #36513
  • Personally I think subpixel font smoothing should be enabled by default because most people use TFT monitors nowadays and without this setting enabled, fonts look too blurry. Even on an old CRT monitor, I found subpixel font smoothing very acceptable and nice to use, so personally I don’t see any reason not to enable this by default.
  • The GNOME terminal was unusable: it appeared almost completely transparent and unreadable, including its menus and title bar. Disabling Metacity’s compositing fixed this problem. And it fixed also a problem where the screen would not refresh at all anymore after coming back from screen blanking. When disabling compositing via gconf-editor, the whole GNOME session hung. Reported as Mandriva bug #36527
  • In GNOME’s menu System – Preferences – Language and location the Region combobox was completely empty. It seems like this configuration tools also duplicates the functionality found in draklocale (run as user). One of the two should probably be hidden then.
  • The eog image viewer was not installed by default. Because of this, images would open in The Gimp, which is not very handy for quickly viewing an image. Reported as Mandriva bug #36520
  • When the system starts up, a message is printed: “Warning: Alsa driver is already running”. I guess the alsa or sound service tries to load the module which was already loaded by udev coldplugging before. Actually, years ago, it was said that those two sound services would be merged. This should really be done now, it is confusing because it is not clear what’s the difference between these two services.
  • OpenOffice.org requires the hsqldb RPM package. This package installs a service hsqldb, which does not even start without Java JVM. As far as I know, OpenOffice.org does not need this service at all, but just uses the hsqldb Java libraries. The hsqldb package should be splitted then, so that it’s not necessary to install and activate an extra service, which does not even start at all. Reported as Mandriva bug #36472 and Mandriva bug #36427
  • Because the openoffice.org-style-tango package was not installed while openoffice.org-style-gnome was, OpenOffice.org defaulted to the default Sun icon theme in large size, which is very ugly. Reported as Mandriva bug #36519
  • Personally I would prefer Beagle not to index aggressively when the screensaver is running. I find it very annoying that as soon as my screensaver starts, I hear my hard drive thrashing the whole time.
  • Personally I find Epiphany‘s minimum font size of 7 much too small. Setting it to 8 gave me comparable and much more easily readable fonts as in Firefox, while not causing any negative effects on web lay-outs (such as unwanted text overflow).
  • When starting Rhythmbox for the first time and opening the Edit – Preferences menu item, an error pops up that the Podcasts directory does not exist. Reported already as Mandriva bug #29908 and now also as GNOME bug #507541.
  • Mandriva includes some nice documentation, but none of it is installed by default. Reported as Mandriva bug #36518.
  • gstraemer-0.10-pulse was not installed because it is in contrib. Reported as Mandriva bug #36517.
  • I encountered a Yelp crash, but I had no backtrace, and could not reproduce it.
  • PulseAudio creates a whopping 6 menu items in the Sound & Video menu, which makes this menu look very cluttered. I think pavumeter should not be installed (removes two menu items, not a regression, because 2008.0 did not have any VU meters in the menu too), neither should paman (it only gives some technical information which does not really interest me) and padevchooser. Only the volume control should be installed by default, as that’s the only application normal user might use often. Not yet reported, as I think this should be accompanied by some other changes to the task-pulseaudio dependencies and suggestions, about which I need to think a bit more and about which I’ll start a discussion on the mailing list soon.
  • I think it could be interesting to install gstreamer0.10-ffmpeg by default because it enables playing WMA/ASX files and radio streams in Rhythmbox.
  • drakmenustyle is installed by default, while we only really support the Mandriva menu structure. The tool in itself still works, but the default GNOME menus were missing some applications present in Mandriva’s menus, as was expected. In that case, we should probably not install this application by default.
  • Still a bunch of faxing applications are installed by default (hylafax-client, efax). Personally I think the number of people having the right hardware to use their system as a fax and the number of people really using such software, is extremely low so that we don’t need to install this by default. Anyway, I have proposed this many times before, and it feels like I’m banging my head against a wall, so I won’t bring this up again.
  • Tightvnc and rfbdrake are old applications which are not really maintained anymore. They should be replaced by the much better Vinagre and grdesktop applications, which are much nicer.
  • Nautilus is somewhat broken, but this caused by the GVFS transition, and the problems are known, so no need to report this again. Let’s see how this evolves during the next few weeks.

Improving Mandriva’s menu structure

I finally started writing a new paper evaluating the new menu structure as was introduced in Mandriva 2008.0. Generally, I think the new menu structure was a huge improvement: no more having to go two or three levels deep to start a simple audio player or an compression utility, is a big advantage.

Some things can still be improved though, especially in KDE, where some menus tend to become a bit long. I’m trying to write down some proposals to fix these problems. I’m also going to write a bit about default choice of installed applications, as this also influences how menus look right after the installation. Don’t expect a complete new menu structure again, as that would be useless now, but some proposals for smaller improvements to the current structure, which should not be difficult to implement.

If anybody has any practical proposals for improvements, let them know here. Which menus are too long for you, and what are their contents? How would you propose fixing the problem? Which applications are installed by default, but do you remove immediately after installation because you never use them? Or the inverse, which extra applications do you install immediately after the installation of Mandriva?

Mandriva 2008.1 Spring ideas

Now is the time to publish all your feature requests for the next version of Mandriva on the wiki. Some of my personal requests: integrated LTSP support, KDEPim 3.5 Enterprise, IcedTea Java installed by default in Mandriva Free, LUKS support in Diskdrake, some more work for reducing power consumption, etc… Make your requests known now before it is too late!

PS: Please don’t post suggestions or bug reports here: they will only be ignored. The only right place for bug reports is Mandriva’s bugzilla, and for feature requests is the wiki.

What’s new in Mandriva 2008.0

In less than two weeks time, six months after the great Mandriva 2007.1 Spring release, Mandriva 2008.0 will be ready and published. Currently, Release Candidate 2 is out, it’s your last chance to test it and make sure everything is working before the final release!

There were great ideas at the start of the development phase, and in in those six months that have passed, Mandriva has always been one of the most active projects on CIA.vc. This gives much hope for lots of improvements, so let’s take a look at what can be expected from Mandriva 2008.0.

Update 2 October 2007: The following translations of this article are now available, with thanks to the translators:

Installation

Mandriva’s installation is largely unchanged from a user point of view. The most important visible change, is the fact that the user is now asked which desktop he wants to install, KDE or GNOME. After this choice, no more questions are asked, and a default selection of packages based on the chosen desktop is installed. Of course advanced users, can still do a custom selection of packages to install. After the installation, the user gets welcomed in a web based first time wizard.

Mandriva 2008 installation: desktop choice

Mandriva 2008 installation: summary screen

Improved graphical and sound theme

Mandriva still uses the ia_ora graphical theme like was the case in previous version. There have been several important improvements however. Especially the KDE version, which was of a much lower quality than the GNOME version, has improved a lot. The menus and the window decoration look much nicer, the vertical separators in the toolbars are not ugly anymore,… For the Mandriva One live CDs a new nice blue colour theme has been created. The strong orange theme is not used by default anymore, but is still available for people who like it.

The wallpapers have been renewed, and also the splash screens (bootsplash, and GNOME and KDE splash screens) and screensaver have received a fresh new look. There is a new start-up sound, which will now also be enabled in GNOME.

Mandriva 2008.0 also has improved font rendering, thanks to the new freetype and the inclusion of the Liberation fonts, which improve compatibility with the non-free Microsoft fonts.

Mandriva 2008 boot splash screen

KDE splash screen

Improved and more stable desktop environments

KDE

The KDE version which is included is 3.5.7, with a lot of recent patches from the KDE 3.5 branch added. It is definitely the most stable KDE version ever. Especially the KDEPim applications (such as KMail and Korganizer), are a lot more stable now. KPDF is based on the latest version of XPDF now, which should improve rendering of some PDF documents. Konqueror’s rendering engine had a lot of bug fixes and when hovering your mouse over a link, an icon will now be displayed to show if the link will be opened in another window or in your mail client.

Kaffeine is now again the default video player in Mandriva’s free edition. Both the Xine back-end and Kaffeine have been compiled with XCB support, which should greatly improve the stability, especially when viewing embedded movies in Konqueror. In the PowerPack edition users can buy in the Mandriva Store, the default video player is Totem with the GStreamer back-end, because it includes non-free and patented codecs distributed by Fluendo.

The Kickoff menu is now available in Mandriva 2008.0, but not enabled by default, because not everyone likes it. If you want to enable it, you can do so by richt clicking on the menu icon in the Kicker panel at the bottom of your screen. The KDE ioslave sysinfo:/ will give a nice overview of your hardware.

Mandriva 2008 KDE desktop

Konqueror with Metabar

GNOME

Mandriva 2008.0 includes the brand new GNOME 2.20 which include a lot of improvements. The Evince document viewer now uses the new Poppler 0.6 back-end, which improves PDF rendering and supports interactive forms. Evolution will now warn you before sending if you refer to an attachment in your mail text, but forgot to include it. If you are using the threaded view in Evolution and a new message is received in a mail thread, the whole thread will be moved to the top (or bottom, depending on your ordering settings), so you surely won’t miss the new message. Keyboard users will like the fact that they can read all of their mail with a single key, the space bar. Pressing the space bar, will scroll further in the message, and when you arrive at the end, pressing the space bar, will bring up the next unread e-mail. Corporate users will be happy with the many improvements in the Exchange and Groupwise support.

The Rhythmbox music player now supports gapless playback, synchronizes with more portable media devices (notably via MTP) and its memory usage has been reduced.

The desktop search application Beagle included a lot of bugfixes. It will be more stable now, and thanks to performance improvements it will interfere much less with normal work.

Other GNOME improvements include the usage of notification messages if special events are happening (when e-mail arrives for example), improvements to the picture viewer EOG, a better documentation system,… Pidgin now replaces GAIM as the default instant messaging application. The popular Windows FTP client FileZilla has just made its debut in Linux with the newly released version 3 and it’s now the default FTP client in GNOME.

Mandriva 2008 GNOME desktop

Mandriva 2008 GNOME applications

XFCE

XFCE also received some attention in this Mandriva release. Mandriva now includes many typical XFCE applications, like Ristretto and Squeeze. Thanks to the task-xfce RPM package, you can easily install a complete XFCE desktop on systems with less powerful hardware. Compositing is now enabled in the XFCE packages. It’s possible there will be a Mandriva One version which uses XFCE as its default desktop later.

Mandriva 2008 XFCE desktop

Improved applications menu

One year ago, I wrote a proposal for a new menu structure. I dedicated a long time to write this proposal, and in the end I got a bit fed up with it, as I did not knew if actually it would lead to something. So as you’ll probably notice if you read the document, I’ve actually never proofread the whole document :-) Anyway, Mandriva apparently found my proposal very interesting, and decided to implement it for 2008.0. The menu structure is much less nested now: all important applications can now be found directly under the main categories, while before they were nested two levels deep. This will make applications easier to find. If you have both GNOME and KDE installed, the menus will now make a difference between desktop native applications, and applications of the other desktop. The desktop native ones will always be on a higher level, to indicate to users that they should rather use that ones for reasons of integration.

GNOME applications menu

KDE Kickoff menu

New cool desktop effects with Compiz Fusion

Mandriva 2008.0 includes Compiz 0.5.2 with the Compiz Fusion plug-ins. These are a merge of the old Compiz and Beryl effects. Compiz is generally faster than before, and there are lots of nice new effects, like the Shift Switcher plug-in, giving you Apple Coverflow or Vista window flip effects.

Gnome Compiz Fusion desktop cube
KDE Compiz Fusion shift switcher
KDE: Kaffeine and Compiz Fusion window preview

Better hardware support

Kernel

Mandriva 2008.0 will ship with a Linux 2.6.22.6 based kernel. It supports much more hardware than the kernel which was shipping with Mandriva 2007.1 Spring: support for all the newest SATA and SAS controllers, support for more DVB devices, improvements to the audio and networking support (for example important improvements to popular sky2, forcedeth, skge drivers and e1000 drivers) and much more.

Especially wifi support should be a lot better now. Linux 2.6.22 includes the new wifi stack mac80211, contributed originally by the company Devicescape. Mandriva has included many new drivers based on this stack, such as the b43 driver for Broadcom based devices, iwlwifi for Intel devices, Ralink drivers, etc…

Mandriva now also ships the pata drivers, which are a new replacement for the old IDE drivers. If you use these pata drivers, your IDE devices will now also be recognised like SCSI devices (sda, sdb, sr0,sr1,…). Because there are still some problems with these drivers, they are not used by default. The old, proven IDE drivers are still preferred for now.

Video card drivers

Mandriva 2008.0 ships xorg xserver 1.3 with many bug fixes included. It is a very stable basis. All latest xorg drivers are shipped, supporting all the newest graphical cards. Intel users will enjoy the randr 1.2 support, giving them the possibility to hotplug a second display. The 915resolution utility, which was needed to set the correct resolution on some laptop systems, is not needed anymore in Mandriva 2008.0.

Mandriva 2008.0 also includes the brand new Avivo driver for ATI r500 based chipsets (ATI X1xxx graphics cards, amongst others). Because the driver is in its early stages of development, it will only be enabled on cards on which this driver has already proven to be stable.

The ATI and NVidia binary drivers can now be downloaded from the non-free repositories. All the latest versions are available.

Laptops: suspend and resume

Suspend and resume support should be much better in Mandriva 2008.0, thanks to the new kernel and also the many improvements in Hal, which now includes more quirks for different laptop models.

Printers

Printer support has been greatly improved in Mandriva 2008.0. Mandriva ships with the latest Cups 1.3, and the latest PPD files from OpenPrinting. The new HPLIP drivers are included for HP devices, and Gutenprint has been updated to version 5.0.1, also adding support for new printer models. Printer drivers have been split, so the printing configuration utility will not need to install all different printer drivers on your system. GPL Ghostscript 8.60 is now included. It is the result of the merge between the AFPL Ghostscript which became GPL’ed, and the ESP Ghostscript systems.

Digital cameras and portable audio players

New versions of libgphoto2 which supports new digital cameras, and a new libmtp version supports new portable audio players, which can be accessed from Amarok and from Rhythmbox. Photographers taking RAW images, will be happy with the inclusion of Rawstudio, a graphical application to import and convert RAW images. Of course UFraw, with full colour profile support, wavelet noise reduction and a Gimp plug-in is included too.

Improved performance

The kernel in Mandriva 2008.0 now uses the CFQ (Complete Fair Queuing) I/O scheduler by default, while it was using the AS (Anticipatory Scheduler) in previous releases. On most systems, the CFQ scheduler will perform better. It tries to prevent disk intensive applications from slowing down other applications too much. It also takes into account the nice levels to determine the read priority. With the ionice command, I/O scheduling priorities can be tuned in yet more detail. If CFQ would cause performance regressions for you (possible with certain workloads, especially on laptops with slower hard drives), you can change the I/O scheduler back to AS by adding elevator=as to the append lines /boot/grub/menu.list.

The new CFS (Completely Fair Scheduler) process scheduler by Ingo Molnar has also been included in Mandriva’s kernel. This process scheduler will give all concurrently running tasks a fair deal of CPU time, so that one CPU intensive application cannot prevent other processes from getting the CPU time they need to work correctly. This is for example an advantage for multimedia applications, as it will make audio and video skipping much less likely.

The swap prefetch patch will preload swapped out pages in RAM if enough memory became free again. This way, the system will be much faster responsive after a “swap storm”.

The whole system has been built with the latest Glibc 2.6.1 libraries and the GCC 4.2.2 RC compiler. Together with many improvements in the different applications all over the board, this gives us a nice overall performance.

Better battery uptime for laptop computers

Mandriva 2008.0 will install a specially adapted kernel for laptop computers. This kernel uses 100 Hz resolution timers, and has the NO_HZ option set, so that timers will only be fired when an interrupt is waiting. USB suspend is enabled on this kernel, and when you install Mandriva 2008.0 on a laptop computer, also AC97 sound driver suspend will be activated.

Thanks to the Powertop application developed by Intel, a lot of other problems were detected and finally fixed in both the kernel and different applications. Most of the system is now tuned to not prevent the processor from entering the power consuming C3 state. The Beagle indexer will not be activated if you are running on battery power.

Improvements to the Mandriva Control Center

In the Mandriva Control Center, the different tools in the main categories, are now subdivided in subcategories, which will make it easier to find the right tool.

The network settings are now consolidated in the Network Center. In this tool, you will see an overview of the different network interfaces in your system (both wired and wireless), you can easily activate and disactivate them, and change their configuration or start a monitoring tool.

Another new tools is the Migration Wizard which helps users migrating from Windows to Linux. It can copy their documents from the Windows partition to the Linux home partition, import Outlook Express’ e-mail client settings, and configure the same wallpaper as in Windows.

Speaking of Windows, Mandriva will now mount the Windows NTFS partition with the ntfs-3g driver, giving stable write support.

Mandriva 2008 Control Center

Improvements to the package manager and packaging

The packgage manager urpmi has been greatly enhanced in Mandriva 2008.0. Its dependency resolution algorithm has been improved and a lot of performance enhancements were implemented. Urpmi will now show a much nicer list of the packages which will be installed. It also supports the “Suggests” tag for RPM packages: using this tag, a package can be recommended for installation together with another package, without defining it as a real dependency which the user cannot remove anymore afterwards. Thanks to the new devel packages policy, the user won’t have problems anymore with conflicting -devel packages, like was the case in the past when upgrading your Mandriva distribution.

The graphical package management applications in Mandriva benefit from similar performance enhancements.

Servers and security

Mandriva 2008.0 includes the latest server packages, which offer the best security: Apache 2.2.6, PHP 5.2.4 with the latest Suhosin patch protecting your PHP applications from attacks,… The Kolab groupware server package is supported again in 2008.0, and has been updated to version 2.1.

All services which are remotely accessible will not be started anymore and all security sensitive applicatons have been built with strong stack protection compilation flags, to prevent damage in case of a trivial buffer overflow. Like before, a firewall is activated by default. For the first time, Novell’s AppArmor is included in Mandriva. It will prevent further damage if one service (for example a web application) gets cracked.

Virtualisation

Users can take fully advantage of the hardware virtualisation support included in the new AMD and Intel processors thanks to the latest KVM and QEmu. Virtualbox is now updated to version 1.5, enhancing its performance and fixing bugs. The Xen packages finally received some needed attention, and should now be usable.

Virtualbox

Mandriva is not negotiating a patent deal with Microsoft

Several sites are spreading unfounded rumours that Mandriva will be the next one signing a patent deal with Microsoft, after Novell, Xandros and Linspire. Adamw, a Mandriva employee answered to the rumours on the Mandriva Cooker IRC channel today:

09:32 < AdamW> sander85: there are no plans to do a deal with microsoft,
and that comes from the top (fb)

(fb is probably François Bancilhon, Mandriva’s CEO).

Can we please stop spreading pointless rumours, and get back to real work and news please?

Update: Official statement

Good things ahead!

Today I got an account on Mandriva’s build cluster! This means it will be easier for me to submit RPM packages for inclusion in the distribution. I’ve still got a lot to learn, but with some reading on the wiki and the greatly appreciated help from Dvalin, this will work out fine in the end. Currently working on a package for DrScheme, which is a Scheme IDE also used at university here.

Virtualbox released version 1.4.0 of their virtualisation software today. Especially interesting is that they added AMD64 support according to the changelog. This will probably fix the problems I was experiencing a few days ago when trying Virtualbox on my Athlon 64 machine.

At work, I’m currently installing a nice new server consisting of four dual core Opteron CPUs with 16 GB of memory :-) It will be used for running virtual machines (not with Virtualbox, but OpenVZ). Also a new version of the Linux clustering software Kerrighed was released, which I should definitely try out on one of the clusters at work, because the previous version was not much of a success (it just crashed when activating the cluster).

Other good news, I finally fixed my summer holidays. Now I really should start planning what I will do then. Gentse Feesten will of course be high on the list :-)

Bug fixing progress

Since a few days, the bug triaging process is in full force. The purpose is to review all old, unconfirmed bugs, and verify if they are still valid. And of course, making sure those valid bugs are fixed. I have the impression that it’s really a great success. Lots of Bugzilla e-mails are arriving in my mailbox, and looking at changelog mailing list, several old bugs are finally getting fixed.

I started to concentrate on bugs in Kaffeine and KMplayer. I think Kaffeine is now as stable as is possible now. That means: far from perfect, but I think all remaining problems should now be handled by its upstream authors. Already since some time, Kaffeine has XCB support, which should make it a lot more stable when viewing embedded videos in the Konqueror web browser. And since this weekend, Kaffeine correctly disables the screen saver when you are viewing a full screen video, and won’t copy the whole media file you open from media:/ URIs to your home directory. I proposed an update for Mandriva 2007.0 and 2007.1 Spring to fix the last two issues. Fixing the first one, is unfortunately a lot more difficult for older Mandriva versions, because it requires a more recent version of xine, and depends on libxcb, which is in contribs…

KMplayer was actually in a much better state. The only real serious issue, is that KMplayer does not add itself to KDEs service menus which appear when you insert a DVD disk. This is rather serious as KMplayer is Mandriva’s default video player, and thus user’s don’t get an option to actually play the movie when they insert a DVD disk. This should not be too difficult to fix though, so let’s hope we’ll have a fix soon.

I also reviewed Kopete bugs. About all of them are fixed in current Cooker, possibly we’ll also have udpated packages for 2007.0 and 2007.1 Spring implementing a higher framerate for MSN webcam support, fixing decryption of gpg encrypted messages (2007.1 only) and fixing errors when chatting on conference.jabber.org (2007.0 only).

For my own use (and pleasure), I also recompile a lot of Cooker packages for 2007.1. While recompiling a more recent version of libxml, I had problems with python crashing. After a lot of trying to find out what causes it, I found out that python-reportlab as shipped in both 2007.1 and Cooker makes python crash. Python-reportlab is a dependency of the hplip printer drivers, so if you don’t have these installed, you’ll probably never notice this problem. Ia also makes certain hplip utilities crash in 2007.1 and Cooker. Compiling a more recent version of python-reportlab, fixed all problems, so I hope we will see this as an update for 2007.1 soon.

Next on the bug review list, will be cd burning applications. Thanks to the article I wrote on this blog about audio cd burning applications, I already tested some of them, which always helps in reviewing bugs.

If you always wanted to get involved in free software development, this is actually a great opportunity to join the Mandriva bug reviewing effort! You don’t really need to have development skills, just some willingness to compare different bugs, to try to reproduce them, and to look them up in other bug trackers. Often those bugs are really already fixed, it’s just that someone has to confirm they actually are, or provide the good patch or solution which has been created by the upstream developers. If you are interested, do not hesitate to contact us on the bugteam mailing list!

Disk encryption in Mandriva

Last weekend, I bough an external USB hard drive to finally start regularly making back-ups of my computers at home. For security reasons, I wanted to store back-ups on an encrypted partition, because one never knows what may happen. Using an encrypted partition was not too hard, but still some bugs prevented it from being newbie proof.

For the encrypted partition, I chose to use LUKS. It seems to be some kind of standard, widely supported (by Hal for example), and it has some graphical utilities available which should make it a no-brainer.

First problem, I’m using x86_64, and apparently luks-tools only exists for i586 in Mandriva. I filed a bug, and a new luks-tools package for x86_64 should already appear very shortly on a Cooker mirror near you. If you have luks-tools installed, it should be as simply as running gnome-luks-format to set up an existing partition.

So I did it at the console. Of course, make sure you have the package cryptsetup installed, otherwise you won’t have the necessary utilities. First we’ll add a header to the partition, indicating that this is a LUKS encrypted partition, and which encryption type we are using:

cryptsetup -c aes-cbc-essiv:sha256 luksFormat /dev/sdb1

(as I already mentioned with gnome-luks-format, you should create the partition first, for example with diskdrake or cfdisk).
Once the header is in place, we’ll open the encrypted partition:

cryptsetup luksOpen /dev/sdb1 encbackup

Encback is a name you can freely replace by your own choice of course. Once you have done this, your encrypted partition will be mapped to /dev/mapper/encback. You can use this like any normal partition for example to create an ext3 file system on it:

mkfs.ext3 /dev/mapper/encback

Then we can mount it:

mount /dev/mapper/encback /media/encrypted-backup

And we’re ready to go. To close the encrypted device after I have umount it, I run

cryptsetup luksClose encback

When you plug in the USB disk, hall will automatically detect you have a LUKS encrypted partition. A dialog will appear, where you can enter your passphrase, and after that it is mounted automatically. At least, that’s the theory. Unfortunately, this was not working, probably because of bug #30015. Let’s hope this gets fixed soon! Also note that KDE does not seem to support this at all, so even then this is Gnome only. For now I have created two small scripts, which will run cryptsetup and mount or umount, so I don’t have to retype these commands by hand each time.

I opened another bug to request LUKS support in diskdrake. Disk encryption is becoming more and more common these days with all those portable storage media, so Mandriva’s default partition tool should have this support built in. I guess it should not be too hard to implement this.

Some nice documentation which helped me a lot during this exploration, can be found in Red Hat Magazine.

Update 22 May 2007: I updated the howto to use aes-cbc-essiv:sha256 instead of aes-cbc-plain. Reader David Crick pointed me to the fact that aes-cbc-plain is vulnerable to a cryptography weakness, which is called the “watermarking attack”. Thanks!

More community = less employees…

Last Thursday, at least four Mandriva employees received the news that their contract will be stopped next month. All of them are people who are very active in the Mandriva community, and sometimes maintainer of important packages (such as Apache). There has not been much more explanation about this decision. This gives the news last week that Mandriva wants more involvement of the community (read: people who are not payed) another dimension to me… :-(

Oh well, we’ll have to wait to see if this will impact development much. But it’s never a good sign that people have to leave a company.

Update 21 May 2007: It seems that the list referred to in the above posting in not completely correct. Currently a lot of rumours are going around, even on Mandriva’s official IRC channels, and even between current Mandriva employees. Probably more than four people are losing their job, but it seems not even Mandriva employees themselves know exactly who is concerned. The communication clearly has been catastrophic, and this is severely damaging Mandriva’s image :-(

Update 22 May 2007:To get a more complete picture of the problems, please also read Dvalin’s blog post.

Mandriva – The Next Generation

Mandriva 2007 Spring was already a very nice distribution with a lots of improvements and changes in style from the previous versions. severely improved graphical themes, the public availability of non-free packages, getting update notifications on the desktop without Mandriva subscription, and a generally more polished system.

For the next version of Mandriva, the bar is again set a lot higher than before. Last week, two interesting announcements were made:

  • David Barth announced that some internal re-organization was done at Mandriva, and that the community will be more actively involved in the development of the next Mandriva version. What this means in practice, and how this will work out, remains to be seen, but I have the feeling that this is a confirmation of something we have seen already in 2007.1: Mandriva really cares about the community now, and makes use of the community’s remarks to improve the distribution.
  • Anne Nicolas, who will follow-up development of next Mandriva’s versions from now on, announced that an effort will be done to get Mandriva’s bugzilla cleaned up and to improve the workflow of bug reports, which should result in a more bug free distribution. All new bug reports will first be checked by a team, which will verify the validity of the report, and which will collect all necessary information for the developers to be able to analyze and fix the bug. If developers receive more high quality reports, this will hopefully result in quicker and more bug fixing. Statistics about the bug fixing progress will be collected, in order to pinpoint problematic parts of the distribution, so this can be acted upon.

This is all great news. Mandriva shows that it is not wanting to be yet another ordinary nice Linux distribution, but that it has the ambition to be a real leader. Interesting times are coming!