Feeds

Ubuntu devs to get 15-min code review, full SDK love – Canonical

Faster, smoother, sandboxier

Secure remote control for conventional and virtual desktops

Changes in Ubuntu will speed up the process of building apps and getting them approved for Software Center - but they could leave you more tied into the Linux distro’s software development kit (SDK).

Canonical has said it is changing the way packages – another name for the apps that make the basic operating system interesting – are developed, downloaded and managed by penguins.

The company is also rolling out further sandboxing to contain naughty third-party apps and rogue code and to streamline the process for getting packages approved for download from the Ubuntu Software Center.

For better or worse, though, it sounds like you’ll have to use the Ubuntu SDK instead of cross-platform widget toolkits such as GTK or QT – hard luck for those of you who love your GIMP.

Ubuntu community manager Jono Bacon here revealed future versions of Ubuntu will feature something called "click packages" – a means of automatically wrapping up your project’s code simply by pressing a button available inside the Ubuntu SDK.

It seems the click packages will be used instead of the Debian packaging format – .deb – used primarily for building the operating system.

The maintenance of Ubuntu packages is being turned into an online service, too, according to Bacon, and click packages won’t include full dependency resolution.

Currently, packages are synched when you update using apt-get that checks back with the Ubuntu archive. Obviously the more packages, the more complicated and slower it is to identify and solve dependency conflicts.

From now on, all dependency will be on the Ubuntu SDK. “With a click package the software simply depends on the Ubuntu SDK. This means we don’t need to worry about all that complex dependency resolution: we know the dependency, the Ubuntu SDK,” Bacon said.

Further, information on those dependencies between different modules will be served and stored as a web service. “Instead of maintaining a list of packages on the system… they are on a web service. You need a connection to download the package anyway, so why not ask a service which packages are available?" Bacon wrote.

Full sandboxing is also being used to help simplify the process for developers uploading and updating their applications in the Ubuntu Software Center. Sandboxing is already provided in the Linux kernel and is on by default from Ubuntu 7.10 onwards using AppArmour.

According to Bacon, sandboxing will mitigate the need for a full code review of apps trying to get into the Ubuntu Software Center. This review process had been something of a bottleneck with the manual process swamped by new packages and new versions of existing packages that had to be individually vetted for clearance.

“This, combined with click packages not having maintainer scripts and complex dependency chains, makes reviews much easier and more efficient,” Bacon said. He promised review in less than 15 minutes, down from “multi-day” code reviews.

Click packaging and sandboxing is “largely complete” but the work on the latter is unlikely to appear until after the introduction of new display server Mir, Canonical’s replacement for the X Window graphic system currently used in Ubuntu. Bacon said Canonical is not investing in fixing keyboard sniffing in X.

Rather, the goal is for full implementation of Mir in Ubuntu 13.10, which will arrive in October this year – though there will be support for X if there are no Mir drivers – and for a default Mir stack by the 14.10 distro release in October next year.

You can get more technical detail on the Ubuntu website. ®

Providing a secure and efficient Helpdesk

More from The Register

next story
'Windows 9' LEAK: Microsoft's playing catchup with Linux
Multiple desktops and live tiles in restored Start button star in new vids
Not appy with your Chromebook? Well now it can run Android apps
Google offers beta of tricky OS-inside-OS tech
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
NHS grows a NoSQL backbone and rips out its Oracle Spine
Open source? In the government? Ha ha! What, wait ...?
Google extends app refund window to two hours
You now have 120 minutes to finish that game instead of 15
Intel: Hey, enterprises, drop everything and DO HADOOP
Big Data analytics projected to run on more servers than any other app
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.