X11 Applications and Unity 8

The buzzword convergence has been bandied about a lot in relation to Ubuntu.  That’s because the plan is to have one single Ubuntu that works the same way across phones, tablets, laptops, desktops, TVs, kiosks, and refrigerators. It’s an exciting idea that some other software environments have also aimed at, but so far have not been able to deliver on.

One of the key technologies that lets the same Ubuntu run on all kinds of devices from your pocket to your desktop is Unity 8, a graphical shell that presents a way to surface and launch applications and display some information.  Unity 8 has been designed to dynamically adapt to the available display and input devices present, so it can flow from a full-screen personality on a tiny phone with only touch input to a multiple-display, multiple-workspace windowed personality with a mouse and a keyboard attached to an engineer’s workstation.  Going hand-in-hand with Unity 8 is an entire SDK that can be used to build applications that are also flexible across all combinations of displays and inputs.  Part of the magic underlying Unity 8 is the Mir compositing display server, which replaces the venerable X11 display server.

Underneath the shell layer is a new kind of way of running the fundamental operating system, with a read-only system image that can be transactionally updated.  While that is a technical description of how things differ from the old DOS and Unix way, what it means in practice is that it’s very difficult to install malware that will take over your system and turn it into a spambot for some nefarious organization and it’s also difficult to get your system into a state in which it no longer boots up or runs improperly.  In the hostile world of today’s always-on always-connected devices, that’s a very good thing.  Also, no reinstalling the OS every few months when it starts to crawl, for those of you out there familiar with Microsoft Windows.

One final bit of change for Unity 8 is that instead of the factored deb packages in which you build your system up like a jigsaw puzzle, the newer systems use self-contained application packages, originally clicks and now snaps.

So, the major differences coming down the pipe with Unity 8 and convergence include the following.

  1. Mir instead of X11.
  2. Read-only system files.
  3. No debs.

What, you may ask, about all the many gigabytes of existing deb packages everyone relies on in the Ubuntu archives, their organization’s private archives, and third-party archives?  Doesn’t this break the contract between Ubuntu and its users?

Libertine to the Rescue

The first answer to the above concern is that many of the more popular applications are being snapped as I write this.  That means they’re being packaged up so they can be installed and run on a read-only system image without deb support.

Another answer is that the most popular toolkits like GTK+ and Qt (and even libSDL, for things that really count like games) have been ported to Mir so most applications don;t have to care what the underlying display server technology is.

The final answer is that we’ve come up with  a cunning way to install and use your existing deb packaged X11 applications on a read-only deb-free system running Mir.  We call it libertine.

We chose the name libertine because the word in the English language refers to an individual who feels they need to flout rules and engage in risky and socially unacceptable behaviours.  What we’ve done is set up a container into which debs can be installed in which they can mess up the system in the container without affecting the real system, and they can run unconfined and unfettered without fear of stealing data or keystrokes and reporting home.

Libertine consists of a container with a minimal Ubuntu system installed in it, and a Mir client application that proxies the confined application.  In the case of an X11 application, that proxy is called XMir, and is actually an x.org server with a Mir-based DDX — which is to say, it’s a bog-standard X11 server that ends up drawing its output on a Mir surface.  Libertine also provides alternative proxies, such as a terminal application for venerable terminal applications such as Midnight Commander or good old vi.

The secret sauce is that actual application launching is taken care of by a tool we call the Ubuntu Application Launcher [UAL].  When you click or tap on an application icon in the Unity 8 Dash, a URI describing the application gets sent to UAL, which then figures out if it’s a native application, a libertine application, or even a snappy application, and then does the right thing to start the application.  In the case of a libertine application, that means starting the XMir server and then using the libertine tools to launch the applications in its container.  The libertine tools spin up the container as necessary, bind-mount various required devices and directories from the host system into the container, start some bridge daemons, and then start the application.  Then takes a break because it works hard.

Here’s picture saying the same thing for the right-brained among you.

Basic Libertine Block Diagram

An interesting thing to note here is that a separate XMir process is spawned for every libertine application launched.  This is the only secure way to use X11 in a hostile environment of keyloggers and data snoopers.  Data sharing previously done through the X11 server, like cut-and-paste and drag-and-drop, has to be done through a trusted arbitrator called the content hub and involves attestation steps.

The libertine project consists of a suite of tools:  a set of command-line utilities, a scope for discovering installed applications, a management GUI, and even a scope to browse the Ubuntu archives for packages to install.

Some of you may have heard the name Puritine bandied about.  Puritine is a pre-rolled container with a set of 5 curated X11 applications that comes pre-installed on certain devices as a demonstration of convergence technology.  The name was a play on libertine and puritan.

This was a brief high-level introduction to Libertine, our solution for running existing deb-packaged XApps under Unity 8.  I’ll be diving into more technical detail in some upcoming posts, but in th mean time you can actually play with libertine right now on your Ubuntu device or desktop.


More Trusty Excitement

I have another bit of exciting news on the Ubuntu 14.04 LTS front.

dota2One  of the things we’ve done is managed to port the Simple Direct Media layer (SDL) to the Mir display server.  For those of you fortunate enough to not have a clue what the means, SDL is a portability layer used by many games, including many available on Valve’s Steam platform.  The consequences of that work is that a whole slew of really good games are going to be available immediately on Unity8 when it finally hits the desktop.

Wait!  There’s more.  SDL autodetects the actual video layer.  That means you can install a game from Steam on Unity7 running on X11 today on Ubuntu 13.10, and when you log in to your Unity8 session running on top of Mir on Ubuntu 14.04 LTS, it will just work.  Isn’t that just the bee’s knees?

There’s still more.  The SDL layer isn’t just used for games.  It’s used for professional applications like remote desktop interfaces and various visualizers.  They will all just work on the Unity8 desktop running on Mir.  I’m really excited by this, and you should be too, because it just might mean next year will really be the year of the Linux desktop. Heh.  Humour me.

The screenshot here is the game DOTA2 running on Mir, taken by Brandon Schaefer. He’s the wizard who did most of the work of making the wonderful and widespread SDL library work on Mir in cooperation with Valve and the SDL maintainers.  I’m sure it was tough having to play games during work hours, but he made the valiant effort out of a sense of duty when asked.  Unfortunately, now he has to get back to work fixing high-DPI issues in Unity7.

The Mir back end will be released with libSDL 2.0.2 in the very near future.

Edit: Brandon also has a video capture.

Progress on the Converged Desktop

It’s still very early days in Canonical’s efforts to unify the experience from phone to tablet to desktop to TV, but results are starting to trickle in.

Picture of Unity8 home screen

Unity8 home screen on a Lenovo Yoga 2 Pro

One of the side projects on my plate is a Unity8 login session you can install alongside the regular Unity7 desktop (or other desktops, your choice). The idea is to have a preview session available for the Trusty Tahr that lets Unity 8 developers and Touch App developers tune the experience on the desktop. For example, there’s evidently still some work to be done to make Unity8 useful on high-DPI screens like my Lenovo Yoga 2 Pro (3200×1800 pixels on a 13″ laptop).

Sorry for the potato. I haven’t got screen capture working yet so I had to use an actual physical camera. Early days. You can see the high-DPI issues in this picture.  For example, see the teeny-tiny indicators at the top?  Didn’t think so.

The cool thing about this session is it runs on the Mir display server with no X11 in sight. LightDM (the program that accepts your password and logs you in in Ubuntu) uses X11 to run the Unity7 greeter, then shuts it down gracefully and starts a Mir server, then uses Upstart to run a Unity8 session. Gee whiz.

Right now you could just install this from a PPA and go at it, but there are some big wrinkles that still need to be worked out. For instance, there’s no cursor support so mouse and trackpad support is a little troublesome (works swell with a touchscreen), and keyboard input seems to have no effect — Unity8 has been developed with phones and tablets in mind, they don’t generally have a mouse, trackpad, or keyboard. It’s OK, there are plans in the works to add those, and that’s one of the reasons we have this session at this point in the Ubuntu release cycle.

Also, there is no way to log off from Unity8 (phones and tablets don’t generally support that concept) so that pretty much requires a reboot of the whole system unless you have an SSH session open.

Finally, there seems to be some trouble actually launching applications. No worries, that’ll get fixed too.

I think this is pretty exciting. That’s why I’m letting you all in on this project in its infancy. The Ubuntu community deserves to be kept abreast of the coming excitement that will be available in Ubuntu 14.04 LTS.