On the security side, IPTables, via ufw, the Uncomplicated FireWall, is up and running. Aside from the firewall, Apparmor, an application security tool similar to SELinux, is also active. If Apparmor is news to you, here’s a brief description of what it is and what it does:
AppArmor is a Mandatory Access Control (MAC) system which is a kernel (LSM) enhancement to confine programs to a limited set of resources. AppArmor’s security model is to bind access control attributes to programs rather than to users. AppArmor confinement is provided via profiles loaded into the kernel, typically on boot. AppArmor profiles can be in one of two modes: enforcement and complain. Profiles loaded in enforcement mode will result in enforcement of the policy defined in the profile as well as reporting policy violation attempts (either via syslog or auditd). Profiles in complain mode will not enforce policy but instead report policy violation attempts.
In everyday speak, Apparmor is a “firewall” for applications (software) running on your distro. By default, ten profiles are pre-loaded. If you want to read those profiles, launch a shell terminal and type in
sudo apparmor_status. To mess with Apparmor profiles, use the
apparmor_parser command line tool.
What’s not so good (or not so bad)?: It’s good that the firewall is active by default. What’s not so good is that there is no graphical interface installed. My guess is Ubuntu (Canonical) expects you to install a graphical firewall client yourself. If that’s the case, and you need help installing one, read install a graphical firewall client on Ubuntu 9.10.
It’s great that Karmic Koala will automount and attempt to play your DVD videos. But what’s not so great is because libdvdcss2 is not installed, Totem cannot play that video if it is encrypted (most commercial DVD videos are encrypted). To help Totem play encrypted DVD videos, Ubuntu’s suggested solution is to launch a shell terminal and type in
sudo /usr/share/doc/libdvdread4/install-css.sh. I tried that and Totem still could not play my encrypted DVD videos. I was able to play my videos only after I installed VLC. To install VLC, launch a shell terminal and type in
sudo apt-get install vlc. Or just use Synaptic or Ubuntu Software Center to install it.
Mozilla Firefox is the best browser on the planet. But Firefox without multimedia plugins is not a very good browser to surf the Web with. The version installed on Karmic Koala (Firefox 3.5.4) has no flash plugins installed, and does not “understand” Java.
The Ubuntu Software Center gives users a third option for managing applications on Ubuntu (the others are the command line, and Synaptic). The problem with the software Center is that it does not give you access to all the applications available in Ubuntu’s repos. So if you search for an application in the Software Center and come up empty, do not assume that is not available. Use Synaptic instead. To get an idea of what I’m talking about, try installing ‘ssh server’ from the Software Center, and then try it from Synaptic. Keep in mind that the Software Center is a work in progress. Ubuntu has big plans in store for it.
Ubuntu Software Center
What’s bad: Nothing that I’ll consider bad on this distro. But wait, ncurses-based installer on a modern operating system! Now, that’s bad. What we need from Canonical, the company behind Ubuntu, is a graphical installer. The Live CD edition has one. The alternate installer edition could use one, too.
Final verdict: Out of the box, Ubuntu 9.10 does not offer the same level of user-friendliness and professional look and feel as Hymera Open, another Debian-based distro. But it’s a solid distro. The text-based installer, the edition reviewed here, gives users access to features of the Linux kernel (LVM, disk encryption, soft-RAID) that the Live CD edition doesn’t. The Live CD edition is good for test-driving Ubuntu, but if your want to install Ubuntu, the text-based installer is the one I recommend.
Download links for the alternate installer edition are available here.
You may view more screenshots from a test installation of Ubuntu 9.10, text-installer edition here.