Table of Contents

Introduction

The Xubuntu developers are moving quickly to bring you the latest and greatest software the Open Source Community has to offer. This is the Xubuntu 9.10 release, which brings a host of exciting new features.

Upgrading from Xubuntu 9.04

To upgrade from Xubuntu 9.04 on a desktop system, press Alt+F2 and type in "update-manager -d" (without the quotes) into the command box. Update Manager should open up and tell you: New distribution release '9.10' is available. Click "Upgrade" and follow the on-screen instructions.

Download

Get it while it's hot. ISOs and torrents are available at:

New features since Xubuntu 9.04

These features are showcased for your attention. Please test them and report any bugs you find:

Xfce 4.6.1

The latest release of Xfce is included which contains the newest bugfixes to ensure a smooth desktop experience.

Multimedia

Xubuntu 9.10 includes the Exaile 0.3.0.x music player to make enjoying podcasts, streaming radio, audio books, and music library easier than ever before. On the go? No problem! Exaile's portable media player device manager lets you take your favorite songs with you.

Power Management

New to Xubuntu 9.10 is the Xfce4 power manager which will replace the Gnome Power Manager on the Xubuntu desktop to provide a more integrated power management experience.

Desktop Notifications

Be notified both in style and consistency thanks to improved notify-osd integration with the Xfce4 desktop and numerous applications included with the default Xubuntu desktop.

Upstart

As part of our boot performance work, we have now transitioned to Upstart native jobs, to let users get to their desktop faster after boot. Upstart is written by Scott James Remnant.

Boot Experience

We've done some work on improving the overall look and feel of booting the system.

Performance

After enjoying a faster and smoother startup, you can also expect faster application load times and reduced memory footprint for a number of your favorite Xfce4 applications thanks to improvements in library linking provided by ld's --as-needed flag.

Linux kernel 2.6.31

Xubuntu 9.10 includes the 2.6.31-11.36 kernel based on 2.6.31.1. The kernel ships with Kernel Mode Setting enabled for Intel graphics (see below). linux-restricted-modules is deprecated in favour of DKMS packages.

hal deprecation

Xubuntu 9.10's underlying technology for power management, laptop hotkeys, and handling of storage devices and cameras maps has moved from "hal" (which is in the process of being deprecated) to "DeviceKit-power", "DeviceKit-disks" and "udev". When testing Xubuntu 9.10, please be alert for regressions in those areas and report any bugs you find.

New Intel video driver architecture available for testing

The Intel video driver has switched from the "EXA" acceleration method to the new "UXA", solving major performance problems of Xubuntu 9.04. Xubuntu 9.10 also features kernel mode setting by default on Intel hardware, which reduces boot-time flickering and dramatically speeds up suspend/resume.

ext4 by default

The new "ext4" filesystem is used by default for new installations with Xubuntu 9.10; of course, other filesystems are still available via the manual partitioner. Existing filesystems will not be upgraded.

If you have full backups and are confident, you can upgrade an existing ext3 filesystem to ext4 by following directions in the Ext4 Howto. (Note that the comments on that page at the time of writing about Xubuntu's use of vol_id vs. blkid are out of date and are not applicable to Xubuntu 9.10.) Maximum performance will typically only be achieved on new filesystems, not on filesystems that have been upgraded from ext3.

GRUB 2 by default

GRUB 2 is the default boot loader for new installations with Xubuntu 9.10, replacing the previous GRUB "Legacy" boot loader. Existing systems will not be upgraded to GRUB 2 at this time, as automatically reinstalling the boot loader is an inherently risky operation.

If you wish to upgrade your system to GRUB 2, then see the GRUB 2 testing page for instructions. See also the upstream draft manual.

Some features are still missing relative to GRUB Legacy. Notable among these are lock/password support, an equivalent of grub-reboot, and Xen handling.

iSCSI installation

The iSCSI installation process has been improved, and no longer requires iscsi=true as a boot parameter; the installer will offer you the option of logging into iSCSI targets if there are no local disks, or you can select "Configure iSCSI" in the manual partitioner.

Putting the root filesystem on iSCSI is now supported.

AppArmor

AppArmor in Xubuntu 9.10 features an improved parser that uses cache files, greatly speeding up AppArmor initialisation on boot. AppArmor also now supports 'pux' which, when specified, means a process can transition to an existing profile if one exists or simply run unconfined if one does not.

New profiles

In addition to the above changes to AppArmor itself, several profiles were added. Enforcing profiles for ntpd, the Evince document viewer (evince), and libvirt are enabled by default. Complain mode profiles for Dovecot are now available in the apparmor-profiles package. A new profile is provided for Firefox as well, though it is disabled by default. Users can enable AppArmor sandboxing of their browser by running:

$ sudo aa-enforce /etc/apparmor.d/usr.bin.firefox-3.5

Please see the SecurityTeam/KnowledgeBase for a full listing of readily available profiles in Xubuntu.

Libvirt

Libvirt now contains AppArmor integration when using KVM or QEMU. Libvirtd is configured to launch virtual machines that are confined by uniquely restrictive AppArmor profiles. This feature significantly improves virtualisation in Xubuntu by providing user-space host protection as well as guest isolation.

Uncomplicated Firewall

The Uncomplicated Firewall now has support for filtering by interface and egress filtering when using the ufw command. Documentation for ufw is also improved to help users better utilise the ufw framework and take full advantage of Linux netfilter's power and flexibility. See UbuntuFirewall#Features for a full list of features.

Non-eXecutable Emulation

Non-eXecutable (NX) memory protection, also known as eXecute-Disable (XD), has always been available in Xubuntu for any systems that had the hardware to support it and ran the 64-bit kernel or the 32-bit server kernel. The 32-bit PAE desktop kernel (linux-image-generic-pae) now also provides the PAE mode needed for hardware with the NX CPU feature.

For systems that lack NX hardware, the 32-bit kernels now provide an approximation of the NX CPU feature via software emulation that can help block many exploits an attacker might run from stack or heap memory.

Blocking Module Loading

To block the loading of any further modules after boot (generally for servers with unchanging hardware), the /proc/sys/kernel/modules_disabled one-way sysctl flag now exists to add another layer of protections against attackers loading kernel rootkits.

Position-Independent Executables

Building on the work done in Xubuntu 8.10 and 9.04 to proactively protect Xubuntu from unknown threats by using strict compiler flags, more applications have been built as Position-Independent Executables (PIE) to take advantage of the Address Space Layout Randomisation (ASLR) available in the Xubuntu kernel.

In addition to the growing program list, PIE programs are now also built with the BIND_NOW linker flag to take full advantage of the existing RELRO linker flag. This results in PIE programs having fewer places in their memory that can be controlled to redirect program flow when an attacker attempts memory-corruption exploits.

Known issues

For a full list of errata for Ubuntu 9.10, please see the Ubuntu 9.10 release notes.

Reporting bugs

It should come as no surprise that this release of Karmic Koala contains other bugs. Your comments, bug reports, patches and suggestions will help fix bugs and improve future releases. Please report bugs using the tools provided.

If you want to help out with bugs, the Bug Squad is always looking for help.

Participate in Xubuntu

If you would like to help shape Xubuntu, take a look at the list of ways you can participate at

More information

You can find out more about Xubuntu on the Xubuntu website and Xubuntu wiki.

To sign up for future Xubuntu and Ubuntu development announcements, please subscribe to Ubuntu's development announcement list at:

Xubuntu/ReleaseNotes/KarmicKoala/Final (last edited 2012-03-25 16:41:25 by nblzone-227-162)