Ubuntu: The Good, The Bad, and The Ugly

After the Amazon search results in the Dash debacle it was a good time to re-evaluate my support for Ubuntu. Do I want to continue to use Ubuntu on my desktop and server and to recommend to friends? The answer, after much deliberation, is still yes. Although the following are my observations/feelings/etc., they do indicate more advantages to using Ubuntu than disadvantages. I also feel that for a Linux distribution to succeed it has to offer soft benefits in addition to great technology, something Ubuntu does better than a lot of other distributions.

The Good

  • Six-month releases with newer technology
  • Long term support (LTS) releases every two years
  • Server and desktop offerings on par with any other good distribution
  • Free of cost for individuals and enterprises
  • Very good focus on desktop integration and user experience
  • Out of the box hardware support is much better than some other distributions. No other distribution has worked on my Gen 1 MacBook as well as Ubuntu has.
  • Based on the great work of the Debian project
  • Unity DE (to me) is the best Linux currently has to offer. Its integration, simplicity, and keyboard shortcuts make it a joy to use.
  • Very simple licensing and support options unlike Red Hat and SuSE (they confuse me to no end)
  • “Moving up” from development/test environment to production does not require re-configuring, re-installing or re-licensing (but you can buy support if needed) unlike RHEL (CentOS to RHEL) and SLES (OpenSUSE to SLES)
  • As soon as the latest LTS is released most package versions are fairly new but on a new RHEL release packages are mostly a year or more older from the get go. (Please correct me if I’m wrong). This means that you get to deploy newer technology with Ubuntu LTS and have it supported for five years.
  • It’s increasing market share for Linux, especially with Steam coming soon to Ubuntu

The Bad

  • A very visible Not Invented Here (NIH) syndrome
  • Not much collaboration with other distributions on reaching consensus over shared/common technology (see: systemd, AppArmor)
  • More focus on desktop and not as much attention to server
  • Decisions that sometimes polarize the community more than any other distribution
  • Keeping Landscape server closed source
  • May need to run sudo aptitude remove unity-lens-shopping starting in 12.10
  • Ubuntu is either a community project or a Canonical project with community contributions. It can’t pretend to be a community project and continue to give Canonical almost all decision-making power.
  • It doesn’t have a functionality like zypper ps by default, although it’s not really needed because aptitude usually restarts the services after upgrade anyways. One has to install sudo install debian-goodies and then use the checkrestart application to get functionality similar to zypper ps. Thanks to Equivalent of openSuse “zypper ps” on other distros? for this tip.

The Ugly

  • Honestly, I haven’t seen anything ugly so far

Wait and watch on systemd

I have been pondering the systemd situation for a while. My biggest concern has been that Debian and Ubuntu have not made decisions to adopt it as default, especially when Fedora, OpenSUSE, Mageia, and others have. Maybe Red Hat Enterprise Linux (RHEL) 7 will include it as well. So it seems like on the init system level, two fragmented groups are emerging: those who use systemd and those who don’t. My second concern is the ability for a casual/intermediate user to transition from a systemd-using system to one that doesn’t use it.

I have finally decided, after a long period of thinking, forecasting, etc., that I will use Ubuntu for the foreseeable future. This means that whether other distributions adopt systemd or reject it does not have much of an impact on me. If Ubuntu decides to adopt it then I’ll simply start using it. But I won’t worry about the fragmentation because it should not and does not matter to me. And it also shouldn’t matter to you either. Here’s why.

Ubuntu has been making big strides recently in adoption and popularity. More often than not you’ll find Ubuntu being deployed wholesale by organizations all over the world for desktop use. Google also uses a customized version within its own organization. Granted, Ubuntu is not as well adopted as RHEL on servers but it’s adoption is increasing at a rapid pace nonetheless. All this makes Ubuntu a viable alternative in the present and future.

Canonical, and by extension Ubuntu, sometimes does really annoying things. They have made me question my loyalty to the distribution many times. Not adopting systemd for 12.04 was one thing but to reject it outright, as Mark Shuttleworth did, did cause a bit of panic. But I overcame the systemd decision like I did other decisions because I support the diversity in the level of influence a distribution has over the future of Linux. RHEL has a big say in how organizations use Linux all over the world. Fedora, by extension, has the same influence because it prepares the technology of tomorrow. There’s a need for an equally influential player, Ubuntu in this case, to counter that excessive influence, not because RHEL is “evil” but because healthy competition is good.

Given the future viability of Ubuntu and the need to have another influential player, the fragmentation does not matter for those using Ubuntu exclusively. As long as you and I and millions more are using Ubuntu, any technology it uses to build itself is a viable and successful technology. So what if Ubuntu uses AppArmor instead of SELinux and Upstart instead of systemd? Both AppArmor and Upstart do their job and work on millions of installations.

The day when Ubuntu adopts systemd or SELinux I will happily use them. It’s not because Ubuntu can do no wrong but because I trust Ubuntu to make a better decision for millions of users than I can.

P.S. Ubuntu is not just a product. It’s a collection of people who care about FLOSS, Linux, and users. They are led, capably in my opinion, by Shuttleworth. And by joining the Ubuntu bandwagon I ensure that the product and project succeeds resulting in the success of many others tied to it.

IPv6 in Ubuntu 12.04

I have been exploring IPv6 for a couple months now. It’s a very interesting subject and will quickly become inevitable. IPv6 is coming and it’s here to stay. I have learned a lot about IPv6 in Ubuntu and Windows. Consider this the first article in a series I’ll be publishing as I learn more. I will not give an introduction to IPv6 here. There are lot of good places to learn about it

IPv6 is enabled by default in Ubuntu 12.04 Precise Pangolin. A Local Link Unicast (link-local) address is configured automatically. If you have Router Advertisement (RA) enabled on a switch or router on your network then Ubuntu will autoconfigure its own Global Unicast Address as well. But how does your /etc/network/interfaces file look? Something similar to below.

auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp

See how you didn’t have to do anything on Ubuntu to get IPv6 working? But let’s dig deeper.

If you still want to be explicit for Ubuntu to use autoconfiguration for IPv6 then edit /etc/network/interfaces.

sudo vim /etc/network/interfaces

And add a line for IPv6 to make the file look similar to below:

auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
iface eth0 inet6 auto

Bring down eth0 and bring it back up.

sudo ifdown eth0

sudo ifup eth0

Static IPv6 Address

What if you wanted to use a static IPv6 address? Just edit your /etc/network/interfaces file and make it look similar to below.

auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
iface eth0 inet6 static
    address 2999:abcd:1234:5678::a157
    netmask 64
    gateway 2999:abcd:1234:5678::1
    dns-nameservers 2999:abcd:1234:5678::20
    dns-search codeghar.com

Privacy Extension

Let’s say you want to enable privacy extension. That’s also quite easy to do.

sudo vim /etc/sysctl.d/10-ipv6-privacy.conf

In this file, make sure you have the following two lines. This will enable privacy extension on all interfaces. By default Ubuntu already has privacy enabled (I think).

net.ipv6.conf.all.use_tempaddr = 2
net.ipv6.conf.default.use_tempaddr = 2

Save the file and exit vim. Now run the following command to enable these settings.

sudo service procps restart

If that doesn’t work then you can restart your computer.

Look at your IPs and you’ll notice something interesting.

ip addr show

1: lo:  mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qdisc pfifo_fast state UP ql en 1000
    link/ether 00:05:06:07:08:09 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.100/24 brd 198.168.1.255 scope global eth0
    inet6 2789:1234:cdef:9876:395e:c9fd:78b4:d863/64 scope global temporary dynamic
       valid_lft 604349sec preferred_lft 85349sec
    inet6 2789:1234:cdef:9876:205:06ff:fe07:0809/64 scope global dynamic
       valid_lft 2591921sec preferred_lft 604721sec
    inet6 fe80::205:06ff:fe07:0809/64 scope link
       valid_lft forever preferred_lft forever

For eth0 you’ll notice two IPv6 addresses with scope global: “scope global temporary dynamic” and “scope global dynamic”. The term “temporary” means that this is a disposable address generated because of privacy extension. It will expire when “preferred_lft” seconds expire and new temporary address will be generated.

Since we chose value 2 in file /etc/sysctl.d/10-ipv6-privacy.conf, these temporary addresses will be used when connecting to other computers.

Security

Do not forget that you now need to maintain two firewalls, one for IPv4 and one for IPv6. I’ll write another post about ip6tables, the firewall for IPv6.

Disable IPv6

I highly recommend to NOT disable IPv6 in Ubuntu. But if you still want to you can.

sudo vim /etc/sysctl.conf

Add three lines to the file.

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

Save the file and exit vim. Now run the following command to enable these settings.

sudo service procps restart

If that doesn’t work then you can restart your computer.

Hat Tips

IPv6 privacy extensions on Linux; Make curl download using non-Privacy extension IPv6 address?; How to be anonymous on IPV6 protocol by not using MAC address in EUI-64?; Disable IPv6 If your Internet is Working Slow in Ubuntu 12.04 Precise Pangolin/Linux Mint 13; IPV6 auto configuration not working

Get Broadcom BCM4311 Working in Ubuntu 12.04

I have had the best luck following Jorge Castro’s steps on getting BCM4311 to work in Ubuntu. The steps are simple.

  1. Open Additional Drivers application
  2. Remove ‘Broadcom STA Driver’
  3. Open Ubuntu Software Center
  4. Search ‘bcm’
  5. Install ‘Installer Package for firmware for the b43 driver’ (firmware-b43-installer)
  6. Reboot your computer

Make sure if there’s a physical switch for Wifi that it’s enabled and after rebooting your machine your wireless should work fine.

I tested this on a Dell Latitude D630. lspci showed the following results for wireless.

0c:00.0 Network controller: Broadcom Corporation BCM4311 802.11b/g WLAN (rev 01)

Ubuntu 12.04 IPv4 NAT Gateway and DHCP Server

Before I begin this post, I want to thank Internet Connection Sharing – Ubuntu 10.04 NAT Gateway Setup (Abridged Version) for providing the bulk of the tutorial. I have made some modifications for Ubuntu 12.04.

The setup is simple: a single Ubuntu server will act as a gateway and DHCP server for a local network. All other machines on the local network will receive their IPs from the DHCP server. To make things easier, I’ll call this Ubuntu server “Skyray” for the rest of the post.

Skyray has two network interfaces, eth0 and eth1. eth0 is on the 10.20.30.0/24 subnet and this is the Internet facing interface. eth1 is on the 172.22.22.0/24 subnet, where all other machines are also present. Basically, eth0 will connect to the Internet and eth1 will serve DHCP requests and act as the gateway.

/etc/network/interfaces

First you need to configure eth0 and eth1 for Skyray. Edit the file and make sure it has at least the following settings (or whatever settings are appropriate for your environment).

sudo vim /etc/network/interfaces

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
    address 10.20.30.77
    netmask 255.255.255.0
    gateway 10.20.30.1
    network 10.20.30.0
    broadcast 10.20.30.255
    dns-nameservers 10.20.30.15 10.20.30.16
    dns-search codeghar.com

auto eth1
iface eth1 inet static
    address 172.22.22.1
    netmask 255.255.255.0
    network 172.22.22.0
    broadcast 172.22.22.255

/etc/sysctl.conf

You need to enable IPv4 forwarding. To do so, edit this file.

sudo vim /etc/sysctl.conf

And uncomment the line

# net.ipv4.ip_forward=1

so that it now appears as

net.ipv4.ip_forward=1

Save the file and run the following command to make the change effective without a reboot.

sudo sysctl -w net.ipv4.ip_forward=1

/etc/rc.local

You’ll need to allow iptables rules for NAT to work. Edit the file and save it.

sudo vim /etc/rc.local

Make sure the following two lines appear before the exit 0 line in the file.

/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables --table nat -A POSTROUTING -o eth0 -j MASQUERADE

To make these iptables rules active without rebooting, run the following commands:

sudo iptables -P FORWARD ACCEPT

sudo iptables –-table nat -A POSTROUTING -o eth0 -j MASQUERADE

Install DHCP server

sudo aptitude install isc-dhcp-server

/etc/dhcp/dhcpd.conf

Configure your newly installed DHCP server. Edit the file and save.

sudo vim /etc/dhcp/dhcpd.conf

The file is very well commented and you can learn a lot reading it. Just make sure it has at least the following configuration.

ddns-update-style none;

# option definitions common to all supported networks...
option domain-name "codeghar.com";
option domain-name-servers 10.20.30.15, 10.20.30.16;

default-lease-time 3600;
max-lease-time 7200;

# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;

# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local7;

# This is a very basic subnet declaration.

subnet 172.22.22.0 netmask 255.255.255.0 {
  range 172.22.22.21 172.22.22.250;
  option subnet-mask 255.255.255.0;
  option broadcast-address 172.22.22.255;
  option routers 172.22.22.1;
}

/etc/default/isc-dhcp-server

We want to serve DHCP only on eth1 interface to we need to configure it that way. Edit the file and save it.

sudo vim /etc/default/isc-dhcp-server

The line will look like this before you change it

INTERFACES=""

And after you change it, it will look like this:

INTERFACES="eth1"

Now you should stop and start the DHCP server.

sudo service isc-dhcp-server stop (if the service is already running; skip if it’s not running)

sudo service isc-dhcp-server start

Conclusion

Now any machines you have on the 172.22.22.0/24 network will get their IP address from Skyray if they are set to DHCP. And Skyray will also serve as their gateway.

Politics and Pragmatism in Using Linux Distributions

Recently I’ve been making decisions on which Linux distribution deserves my support when I write how-to or similar articles. I started my journey with Ubuntu. Out of all, this is the distribution closest to my heart and may be it always will be. I ventured into CentOS for work-related reasons and found it to be a workhorse. I forayed into Fedora on a netbook with some success. I have had to use a bit of SLES for more work-related stuff. And I have been attracted to, used, and migrated businesses to Debian. Both politics and pragmatism have played a part each time I used a distribution. And thus this post.

You can see from my recent posts that I have made a decision to go with Fedora. It was mostly for political (philosophical) reasons but also for pragmatism (cutting-edge technology, etc.). When the time came for me to choose something other than Debian or Ubuntu, I chose Fedora over openSUSE mainly for philosophical reasons. And I’ve been re-evaluating my decision ever since.

I am very happy I picked Fedora. It’s making bold decisions in the future direction of a Linux distribution, especially with the two most controversial and highly-debated steps: /usr unification and systemd. I have started using Fedora 17 alpha and find systemd a joy to use. I only care about systemctl enable/disable or systemctl start/stop as a user (or sysadmin) and it does exactly what I want it to. Much better than chkconfig, service or invoke-rc.d. The /usr unification hasn’t affected me so much so far. Package availability has also been excellent for the server use cases to which I have put Fedora 17.

Fedora seems like a good fit for me for now. But a second question still remains: which distribution should I recommend to others for home/workstation use when asked? My gut feeling is Ubuntu because they do a lot of good work for this sort of user. I’m also well-versed in it so I can provide ample support if required. But I also want to provide a different answer for users who don’t want to use Ubuntu. A very valid answer for this would be Linux Mint but it’s so similar to Ubuntu that it might not be an option in some cases. This leaves a few distributions that I would really like others to use (if only because they’ll come to me for answers most of the time).

The first distribution is openSUSE. Yes, I have some misgivings about the whole openSUSE, SUSE, and Microsoft triangle. But purely on technical merits is openSUSE good enough to replace Ubuntu as my default recommendation for others? This is a question I have asked myself and the one I’ll try to answer over the next few months. I’ve decided to be pragmatic about this particular case rather than political. I’m willing to be pragmatic if openSUSE can bring in new users to Linux like Ubuntu has done for a while. It’s a tall order but openSUSE looks like a good candidate from where I stand.

The other distribution I may recommend is Mageia. It’s on its way to the second release. These people have a very pragmatic, user-centric approach to their distribution and them being a community allays many misgivings I have about openSUSE. Technically they also appear to be sure-footed and thus deserve the support of people like me. Maybe Mageia can serve Ubuntu’s role of bring new users to Linux.

I wouldn’t recommend Fedora because of two things: (a) hardware support can mean using other repositories (such as RPMfusion); and (b) it’s too bleeding-edge to keep users on it for a while without too many issues.

Now that I have to give up my moral high ground, how does it feel? Very liberating, actually. When I use FreeBSD license instead of GPL, I consider the freedom of people over freedom of code. So why should I take such hard stances when it comes to Linux? People should matter more than code or a distribution. If Ubuntu or openSUSE are not ideal Linux ecosystem participants, they are productive and willing participants nonetheless. It may be about time I gave up on idealism and focus more on doing good for more people.

Follow

Get every new post delivered to your Inbox.

Join 30 other followers