The buzzword convergence has been bandied about a lot in relation to Ubuntu. That’s because the plan is to have one single Ubuntu that works the same way across phones, tablets, laptops, desktops, TVs, kiosks, and refrigerators. It’s an exciting idea that some other software environments have also aimed at, but so far have not been able to deliver on.
One of the key technologies that lets the same Ubuntu run on all kinds of devices from your pocket to your desktop is Unity 8, a graphical shell that presents a way to surface and launch applications and display some information. Unity 8 has been designed to dynamically adapt to the available display and input devices present, so it can flow from a full-screen personality on a tiny phone with only touch input to a multiple-display, multiple-workspace windowed personality with a mouse and a keyboard attached to an engineer’s workstation. Going hand-in-hand with Unity 8 is an entire SDK that can be used to build applications that are also flexible across all combinations of displays and inputs. Part of the magic underlying Unity 8 is the Mir compositing display server, which replaces the venerable X11 display server.
Underneath the shell layer is a new kind of way of running the fundamental operating system, with a read-only system image that can be transactionally updated. While that is a technical description of how things differ from the old DOS and Unix way, what it means in practice is that it’s very difficult to install malware that will take over your system and turn it into a spambot for some nefarious organization and it’s also difficult to get your system into a state in which it no longer boots up or runs improperly. In the hostile world of today’s always-on always-connected devices, that’s a very good thing. Also, no reinstalling the OS every few months when it starts to crawl, for those of you out there familiar with Microsoft Windows.
One final bit of change for Unity 8 is that instead of the factored deb packages in which you build your system up like a jigsaw puzzle, the newer systems use self-contained application packages, originally clicks and now snaps.
So, the major differences coming down the pipe with Unity 8 and convergence include the following.
- Mir instead of X11.
- Read-only system files.
- No debs.
What, you may ask, about all the many gigabytes of existing deb packages everyone relies on in the Ubuntu archives, their organization’s private archives, and third-party archives? Doesn’t this break the contract between Ubuntu and its users?
Libertine to the Rescue
The first answer to the above concern is that many of the more popular applications are being snapped as I write this. That means they’re being packaged up so they can be installed and run on a read-only system image without deb support.
Another answer is that the most popular toolkits like GTK+ and Qt (and even libSDL, for things that really count like games) have been ported to Mir so most applications don;t have to care what the underlying display server technology is.
The final answer is that we’ve come up with a cunning way to install and use your existing deb packaged X11 applications on a read-only deb-free system running Mir. We call it libertine.
We chose the name libertine because the word in the English language refers to an individual who feels they need to flout rules and engage in risky and socially unacceptable behaviours. What we’ve done is set up a container into which debs can be installed in which they can mess up the system in the container without affecting the real system, and they can run unconfined and unfettered without fear of stealing data or keystrokes and reporting home.
Libertine consists of a container with a minimal Ubuntu system installed in it, and a Mir client application that proxies the confined application. In the case of an X11 application, that proxy is called XMir, and is actually an x.org server with a Mir-based DDX — which is to say, it’s a bog-standard X11 server that ends up drawing its output on a Mir surface. Libertine also provides alternative proxies, such as a terminal application for venerable terminal applications such as Midnight Commander or good old vi.
The secret sauce is that actual application launching is taken care of by a tool we call the Ubuntu Application Launcher [UAL]. When you click or tap on an application icon in the Unity 8 Dash, a URI describing the application gets sent to UAL, which then figures out if it’s a native application, a libertine application, or even a snappy application, and then does the right thing to start the application. In the case of a libertine application, that means starting the XMir server and then using the libertine tools to launch the applications in its container. The libertine tools spin up the container as necessary, bind-mount various required devices and directories from the host system into the container, start some bridge daemons, and then start the application. Then takes a break because it works hard.
Here’s picture saying the same thing for the right-brained among you.
An interesting thing to note here is that a separate XMir process is spawned for every libertine application launched. This is the only secure way to use X11 in a hostile environment of keyloggers and data snoopers. Data sharing previously done through the X11 server, like cut-and-paste and drag-and-drop, has to be done through a trusted arbitrator called the content hub and involves attestation steps.
The libertine project consists of a suite of tools: a set of command-line utilities, a scope for discovering installed applications, a management GUI, and even a scope to browse the Ubuntu archives for packages to install.
Some of you may have heard the name Puritine bandied about. Puritine is a pre-rolled container with a set of 5 curated X11 applications that comes pre-installed on certain devices as a demonstration of convergence technology. The name was a play on libertine and puritan.
This was a brief high-level introduction to Libertine, our solution for running existing deb-packaged XApps under Unity 8. I’ll be diving into more technical detail in some upcoming posts, but in th mean time you can actually play with libertine right now on your Ubuntu device or desktop.