LINUX Unplugged - 397: Linux Desktop Levels Up
Episode Date: March 17, 2021We break down the next-level features coming to a Linux near you in just a few weeks. ...
Transcript
Discussion (0)
I have discovered a web-based virtual machine,
x86 virtualization in your browser.
It's recompiling x86 to WebAssembly on the fly,
and you can spin up distros and, of course, like you just heard,
Windows 98 in the web browser.
It's a proof of concept, but it's kind of incredible.
You hipster, I'm running Windows 3.1 over here playing some Solitaire.
Oh, yeah? Oh, I got to try that too.
That's pretty great. It boots up pretty quick as well.
Taking a look at the GitHub, looks like there's even some rust involved here, Chris.
But I do have one bit of bad news.
No, plan nine doesn't work.
We'll put a link in the show notes.
Oh, hey, friends.
Welcome into your weekly Linux talk show.
My name is Chris.
My name is Wes.
This episode is brought to you by the all-new Cloud Guru. They are the leader in cloud for Linux and other modern tech skills. They have
hundreds of courses, thousands of hands-on labs. So get certified, get hired, and get learning at
a cloudguru.com. All right, so this week, there's been something that I've been sitting with for a
couple of weeks. Some old friends of mine of longtime Linux users
have taken to the web to pronounce that Linux,
Linux is boring.
Linux isn't going anywhere.
Maybe you saw some of those posts recently.
And the funny thing is,
is I think anybody who's been around for a while,
we've seen this commentary from time to time,
almost on a yearly basis.
It's definitely as long as I've been in the Linux community,
I've seen this.
And I've never really agreed with the sentiment.
I've always felt like maybe they were just sort of
settling down into Linux, and they were getting bored.
But Linux itself, I think,
the desktop's been getting more interesting than ever recently.
And if you keep reading all the announcements
and the mailing lists and you follow developers
and you talk to people,
you see there's new debates raging, there's new concepts being tried.
And I think when you keep up with that stuff, you learn that that stuff is still going somewhere.
It's not done.
Just because the desktop actually works for getting work done doesn't mean it's boring.
Is that what you're saying, Chris?
That's what I'm saying.
And I think there's some new stuff that's just, some of it just weeks away
that's going to make Linux
better than ever.
And so your Unplugged program today
is going to go through some of this,
specifically through the lens
of Fedora 34,
because what I see in Fedora 34
right now,
which is in development,
I see there the future
of the Linux desktop.
And even if you're not,
don't worry,
even if you're not a Fedora user
or even a GNOME Shell user,
I think some of what's landing in 34
is going to find its way
into every Linux distro in the future.
So coming up on the show today,
we're going to break down some of those features
and tell you the ones that we think
are the most exciting in particular.
This is one of those topics
where we have been geeking out and realized
we could probably make a show out of this. Yeah, I mean, as long as we're re-imaging
everything with Fedora and playing with the latest unreleased GNOME, we better talk about it.
So a lot of this stuff is coming together for Fedora. It's a lot of work. Version 33
was great. It was exciting. You know, version 33 we talked a lot about because really was bringing ButterFS to the
workstation versions of Fedora.
So we talked a lot about that before, but today we're going to talk about what's coming
not just to 34, but to all the distributions.
So to help us break through that, to help us chew it all and analyze it all, we're going
to bring in a team of experts.
We're going to bring in our virtual lug.
Time-appropriate greetings, Mumble Room.
Hello, Chris.
Good evening.
Hello, everyone.
Namaskara.
Hello.
Hello, everyone.
It's exciting times ahead.
I don't know if any of you have seen some of the sentiments posted online recently that
things are getting a little boring and that GNOME 40 doesn't do anything to change that.
I just completely disagree, and I think we have some very exciting times ahead of us.
I want to say, although I feel like people think I'm exaggerating,
but I want to say potentially the most exciting times we've had
on the Linux desktop in general.
I know it's a big statement, but it really feels like we are on the precipice
of several technologies coming together.
It's peak Linux desktop, everybody.
So let's talk about some of this groundwork. So Fedora 34 is in development right now. It's peak Linux desktop, everybody. And that's why I say when you look at 34, you kind of see where the future of desktop Linux is going, even if you don't run GNOME or Fedora.
And I think you'll find something interesting in all of this.
Essentially, this stuff lands here first in Fedora often
and then makes its way out.
And there's an ecosystem effect we're going to talk about as well.
And as he has been known to do,
senior manager for desktop at Red Hat, Christian Schaller,
wrote a detailed blog post
about what to look forward to
in Fedora Workstation 34,
which will have the first take
at a lot of these goodies.
We'll have the full post
in the notes if you're curious,
and it's definitely worth
going through
if you're a Fedora user
or a GNOME user
or just interested
in the future of the desktop.
But we're also going to break down
a few things that we think
will have the biggest
long-term impact on desktop Linux.
Yeah, and I think the number one with a bullet is Wayland.
We've been talking about it for years, and Wayland is production ready for more use cases
than not now in Fedora 34 and for other distributions here in the future.
It took a little while to get there.
Of course, you had to get accelerated X-Wayland support working.
It took partnering up with NVIDIA to get them to start working on a driver
that works with Wayland, which isn't complete yet.
It took figuring out ways to share screen and do things securely.
There's a lot of engineering work that went into make Wayland
actually adoptable by the wider community.
Of course, some of that work was in ex-Wayland, including some work going on for headless display support,
which is kind of a critical feature for people who want to run a desktop instance on a server in the cloud
or do some fancy VNC or RDP tasks.
And I think it's exactly that area where that's what we mean with Wayland and that ecosystem getting to production ready
is that some of those less common
or more advanced use cases,
those are finally getting ironed out.
And it required some plumbing be developed
to make it all possible.
And that's where Pipewire came together
that makes doing things like packaging applications
securely with Flatpak possible
while also enabling video and screen sharing on Wayland.
And then bridging the gap between the different audio subsystems too now.
So Pipewire, it's another big ticket item that is shipping in Fedora Workstation 34.
Most of you know it's an engine to handle video streams
and it became also an engine to deal with audio.
In Workstation 34, the plan is for Pipewire to take over that audio role.
That has been kind of more in development phase.
It is something Wes and I have been playing with
and have had a lot of good experiences so far with it.
Pipewire, it does audio management more like you would be used to using a tool on the Mac,
like Audio Hijack Pro.
It's more of the Mac style, but still compatible with Pulse and Jack Audio
and simpler in a lot of ways.
And it's been seamless in my testing.
What do you mean by Mac style?
I think I agree, but for folks who maybe don't ever run a Mac,
what does Mac style mean?
So you'd actually probably be better at explaining it.
So it's like the opposite of the way you connect devices in Jack, right?
In Pipewire, they're almost on by default, you know what I'm saying?
Hmm, yeah.
I guess once you're using some of the Jack tooling that lets you do audio routing,
you can see everything on your system,
whether the client is using Jack or the client is using Pulse Audio.
It's all integrated, and you can connect arbitrary applications together
without those
apps having to opt into the system. Whereas right now, you kind of either have to be using Jack
or do some complicated tricks with Pulse Audio bridges. And either way, it's not intuitive.
And additionally, on top of that, Wes, it makes it just really simpler from just the way that I
think users expect things to work. Like you launch, say, VLC. VLC shows up in one of these tools and you can just connect audio in and out the way you
would expect to be able to just connect blocks. And you're using established Jack tools to do it.
It's really cool how they've, they kind of managed to re-engineer this section of Linux,
but keep it in a way that is compatible with the existing tools. And so with the approach they've taken,
and it's really down to how they've interacted with the community,
it's come down to how they've managed people
and how they've managed these different,
I guess you could call them stakeholders.
They've gotten people excited and participating in the process.
And so even commercial vendors are testing for pipewire compatibility now.
Like there's been, they've created a momentum because they've worked with people. It hasn't been hostile. It's been
collaborative. And so it's moving really rapidly and it's going to debut in 34. But I would think
by this time next year, distros will be shipping it, just all of them. It's kind of fascinating.
It's sort of a slow play, right? It's tough to reintroduce a new sound system,
take things over on the Linux desktop.
I mean, look at how difficult Pulse Audio was,
and it's kind of still a little controversial, right?
I mean, we've all got feelings about Pulse,
but Pipewire seems to be doing it the right way,
getting compatibility in place.
Now, of course, a lot of this stuff is still, you know,
very much a work in progress,
and if you find applications that use some of the niche features
of, say, Pulse Audio or Jack,
okay, maybe you run into some edge cases
where it doesn't work just yet,
but as those get ironed out,
I mean, Pipewire seems to be rock solid at the foundations.
That's what's so impressive,
is even with all the warnings about, like,
hey, this is new, hey, we're just trying it out,
we've been kind of abusing it, Chris, and it just keeps working.
Mm-hmm, mm-hmm.
Let's fast forward to Flatpaks, Wes, because it kind of all stacks.
You've got Wayland, and then Pipewire is sort of a necessary enabling technology for the Wayland reality.
And then Flatpaks, they also play a role with the way their security model works.
And Pipewire enables some functionality there as well.
They're all kind of connected together.
And there's been a lot of work behind the scenes
for the last year to try to shore up
the RHEL and Fedora infrastructure for Flatpaks
and the overall experience.
And Christian writes about how they're moving forward
to eventually make Flatpaks the primary packaging format
that Fedora users consume.
Now, I want to come back to that in a moment.
But in that effort,
they're making a lot of things simpler
and easier for maintainers.
And they're working on introducing
a really solid incremental update method for Flatpaks,
like you see on Flathub, that make them much faster and quicker to update.
That, I think, is also going to have wide-ranging benefits.
That Flatpak work they're doing here for the future of Fedora is going to improve the Flatpak
situation for distributions like elementary OS eventually.
Boy, yeah.
I think getting performance right, making a really solid user experience,
if you're going to become the next standard of packaging,
it's kind of the low bar right there, right?
All right, but hold up.
Red alert here on, again,
I know I mentioned this on the show once before,
but are we just all of a sudden comfortable
with the idea that we're going to replace
the native packages on the system and
start shipping desktop level applications as flat packs because i seem to recall it was a pretty big
issue when the idea was that it might be snaps on ubuntu so i i'm curious where the mumble room
stands on this one and why why i feel like i'm not seeing the outcry with flat pack anybody have
thoughts on that yeah um one of the reasons why we tend to see
and why we're seeing a little bit of a different attitude here is that the Flatpak ecosystem
generally puts the user in control of their workflows and their sources and their management
of the software, which I think the broader Linux community prefers over, admittedly, the simpler user experience,
the more continually updated but slightly out of control model that the snaps offered.
And on top of that, there was a lot of specific outreach done in the Flatpak ecosystem
to make sure the technologies that were being leveraged to do
sandboxing and things like that were not distro specific. And that was a misstep that Canonical
did early on with Snap, where it required Ubuntu App Armor as opposed to the standard App Armor
that ships in the Linux kernel for all the other distributions. That is something I hear a lot.
And again, like not every distribution ships a mandatory access control system.
A lot of them basically flat out hate
mandatory access control systems,
despite the fact that they're very valuable.
And so if your desktop application sandbox mechanism
hard depends on a mandatory access control system,
be it SELinux, AppArmor, or Ubuntu AppArmor,
then you're toast. It's not going to actually serve that purpose. So people feel like
you're taking away control without giving any benefit because for the vast majority of people
outside of the Ubuntu sphere, it's actually worse.
Right. Actually, I want to let Colonel get in on that point. Colonel, do you sense
that the Snap Store plays a role in this?
Yeah, I think that there was a certain amount of backlash against Snaps because the source for the
Snaps is controlled by Canonical. And I think that it was twofold. One, similar to what Conan was
saying, is that it's controlled by one person. But I think there was also a certain amount of, with snaps, a not invented here in reverse almost, where people were lashing out against it because it came from canonical.
And I don't think that's a fair reason to lash out against them.
It's a reality, though.
Yeah, it's a reality.
And I think that Conan actually summed up a lot of what I was going to say.
reality. And I think that Conan actually summed up a lot of what I was going to say.
Yeah, I think your point is well made that there is a certain amount of pushback that they get just simply because it is canonical. Minimic, so you had a listener in the Luplug join and talk
about his full Flatpak lifestyle, where he went all in on Flatpaks, and there is a bit of a
disadvantage. There he is indeed. So it was like two or three weeks ago, I don't even remember. All of a sudden, he was talking about the size of his system, only the system not talking
about his private data. And his system grew to over 30 gigabytes. And I was like, what? I never
had a system like that. And then he told us that he was a heavy Flatpak user. So his system grew
and grew and grew. So I'm not really a fan to replace the normal package system by that
because these flat packs or snaps or two,
they come with a lot of data
and you don't really need it.
If you have a native package manager,
you don't need all these flat packs, I think.
You really notice that when you're setting things up
just as I was playing with 34.
I did set up, say, SnapD,
and I was like, oh yeah, right,
I got to install the whole SnapBase world.
Yeah, Flathub is getting really nice, too.
Not that the SnapCraft tools aren't nice on their website,
but Flathub has some clear momentum of packaging applications
that are appealing to users, much like Snaps did early on.
Now that seems to have transitioned over there,
and going back to Fedora 34, one of the things they're going to be doing potentially, users, much like Snaps did early on. Now that seems to have transitioned over there. And going
back to Fedora 34, one of the things they're going to be doing potentially, and I think it is going
to happen, is they're going to add Flathub as a third-party repository if you enable that
as an option. Sort of like, it reminds me of like, it's almost like another RPM Fusion now.
It's just the next generation, yeah.
Yeah, and it's looking really good. But okay, so let's get back to what's coming. So also one of the things you're going to see land in 34,
which will eventually impact a lot of distributions,
but this one's going to trickle out a little slower,
is GNOME Shell 40.
Yeah, of course, with the kind of big revamp
of the GNOME 3 user interface.
This was a collaborative effort
between a lot of the GNOME 3 stakeholders,
with Alan Day representing Red Hat. But it was
also an effort by the GNOME design community to really up their game. And interestingly,
as part of the development process this time around, the GNOME Foundation paid a professional
company to do user testing on the proposed changes and some of the alternatives, which is why we've
been talking about it, which feels like already forever, right? And it hasn't even been released yet.
The thing is, is this because I think in part the team was kind of clever
calling it 40 because what I am seeing,
and we're going to have lots of links in the show notes,
is this almost ecosystem effect that because the GNome Shell project is going with this big number,
all of these other projects are sort of stepping up, and we'll cover some of them,
they're stepping up to get included in this release because it's kind of a major milestone,
and that turns out to be a pretty significant motivator for some free software developers.
And one of the advantages we're having with Fedora,
and that's why we're using the lens of Fedora for this episode,
is they just don't do a lot of tweaking to the GNOME user interface,
which means what you get in 34 is essentially what the main new GNOME experience is.
And that's what we wanted to get hands-on with.
Yeah, just a nice upstream snapshot.
Yeah.
And, you know, there was some discussion, like Wes said earlier on the show,
specifically around the multi-monitor stuff, but I think we made some fair points there.
And Christian actually says that some early versions did lead to long-term fans of how
multi-monitor support worked in GNOME 3 to be concerned. Carl, I think he just called you old
there. That is definitely a reference to the conversation we had on the show. But he said,
be assured that multi-monitor is a critical use case, in our opinion, and something we've been
looking at and will keep improving. Another area that's coming that's going to matter a lot is
input is going into its own thread now in GNOME 40. And that means that you're going to get a
smoother input experience with your mouse and your keyboard when the system is under load.
So you're not going to get mouse stall, which I have complained about before on Wayland.
That's been cleaned up as well.
That stuff will land for all of you eventually.
But this rollout of 40 has pushed these app developers and even library developers forward.
You're seeing projects like LibHandy get a big release for 40.
Mutter has gotten major improvements for 40.
Epiphany has a whole new really, really beautiful tab system
that I think should go everywhere in GNOME Shell that they're rolling out.
And a lot more than I can list are just getting things ready for GNOME 40.
So even if your distro won't ship the shell itself, the GTK ecosystem is
getting a nice improvement here. A lot of these apps are getting ready for GTK 4 as well. And
a lot of them in their blog posts, well, not a lot, but some of them in their blog posts are
even committing to GTK 4 and GNOME 41. I mean, there seems to be a lot of momentum there right now. And I will have links to one, two, three, four, five,
six different examples of projects
that are shoring things up for GNOME 40,
including, I'm happy to report,
OBS Studio on Wayland using Pipewire
packaged up as a flat pack,
which I tried out this morning.
The future is here.
Yeah, it works.
It does only full screen capture right now. So you can't un-Wayland capture a specific window.
But if you had like a second monitor, whatever you put on that second monitor, you could then
capture with OBS. It works though, using pipe wire. Yes. And it's, I mean, like think about all the
plumbing, same thing with a lot of these
improvements, right? Like, like moving the mouse stuff to a separate thread. Okay. That sounds like
how is this just happening? Same with capturing, you know, full screen capture here, but there's
been a lot of internals that had to get reworked, thought out, designed, carefully constructed and
integrated together to, to make that happen. That is for sure, Mr. Payne. And it's really
cool to see it all coming together. So what we decided to do, though, is instead of just read about it, we wanted to get hands-on with it.
We wanted to try some of this stuff and walk away with some notes for you and give you some hands-on experience and where things are at.
And we'll do all of that in just a moment.
Linode.com slash unplugged.
Go there to get $100 for 60 days on a new account.
And, of course, you support the show.
But $100 means you can really try out all the stuff we talk about.
Whenever you hear us have any kind of, like, project that we've set up on the show for, like, a segment or to have the chat room pound on,
we always deploy it on Linode because we know it's going to handle the traffic.
And there's nothing like a load of putting several hundred people on a system all at
once.
But personally, I know it's going to hold up because we've done it over and over again.
Linode's infrastructure is legit.
They've been around forever, so they know how to do it really well.
And I have confidence because they're in this for the love of Linux.
And I don't mean that as just like a cheesy thing to say. That's why they do this. That's why they started in 2003. You know, there's
other companies out there that do this, but they do it because they've been VC funded and they've
identified a good market to go after and they have a solid go-to-market strategy. And that's fine.
Leno did it because they love Linux, which is the same reason I'm sitting behind this microphone.
And it gives me a solid trust in my infrastructure running on Linode servers.
And then I see it in subtle ways when I use their cloud manager
or when I interact with anyone at Linode.
That has been a fun experience just personally.
But I also see it just through the service itself.
And I love that they have all the different distributions that I might want to play with
because part of why I like Linode is I do experiment with stuff.
It's a good learning platform.
It's a good experimentation platform.
It's a good testing platform.
And obviously, you know, I think it's a good production platform.
But I love that they have Alpine.
They have Arch.
They have CentOS. They have Debian. They have Alpine, they have Arch, they have CentOS,
they have Debian, they have Fedora,
they have OpenSUSE, they have the SUSEs,
they have the Ubuntus.
They have all of that stuff there.
And they'll even kind of walk you through
custom loading an image onto a box,
which I've actually done.
I've taken essentially a virtual machine image
and uploaded it there and got it working.
And, you know, it's a few steps,
but they walk you through it all.
It's incredible they even let you do that. And, you know, it's a few steps, but they walk you through it all. It's incredible they even let you do that.
And, you know, they're independently owned too,
and I like that as well because so is Jupyter Broadcasting.
We share that in common.
We've been going now for a long time.
We've really kind of honed in on what we do,
and that's what we just really focus on,
and we try to do the hell out of it.
And we started because we love Linux.
And that is, you know what they call that?
They call that synergy.
And I think a lot of you listening can identify with a lot of those key points too.
So that $100 kind of just takes it over, right?
It makes it just kind of perfect.
Because then you can really try and experiment with this stuff that I've been talking about
for a while.
And I think you'll learn that it's great for any use case, testing, learning, and production.
And they have rigs to match
at every single price level.
They're 30 to 50% cheaper
than any of the major
cloud providers.
It's fantastic.
So go check them out
and see what I've been saying
and support the show
all in one go.
Linode.com
slash unplugged.
And a big thank you to Linode
for sponsoring the Unplugged program.
Linode.com
slash unplugged.
So we decided to go hands-on with all this stuff,
and Wes, you and I went off to our separate spaces,
didn't share any notes beforehand,
and I think maybe both of us ran into a couple of gotchas,
but curious to hear what your thoughts were.
As usual, we should probably mention, like,
this is still in beta, things are still getting ironed out, you might run into some
issues if you go off into the weeds. But I chose to replace the machine I have been using mostly
just sort of a, it's like a separate second workstation away from my work stuff. That's just
for like gaming, hanging out playing around with Linux. And I had been running Pop! OS 2004, so not, you know, not cutting edge, but not old.
I've been enjoying Pop! Shell on there.
It's been a pretty nice GNOME experience.
But wow, I was just kind of,
I was blown away when I put 34 on there
because it just, it really felt like a different machine.
It was so much faster,
and I don't know how much of it was really just like real speed,
but the perception, the changes in how the animations happened,
the interactivity of the system.
Well, you're going from X to Wayland in that transition.
Yeah, that's kind of why I wanted to do it,
because I have Wayland on other machines around here,
but that one had been just sort of reserved
as the last bastion of X in my house anyway.
Yeah, it is way faster. That is something that I want to talk more about. But I think
you had success with gestures, and my gestures didn't work at all.
Is that right? Okay, yeah. So gestures may be controversial. Not something I've really
traditionally used, but I felt like I needed to give it a try because that's one of the
highlights of the work that's been going on. And this is just on a sort of beefy
laptop, but nothing special, not a brilliant trackpad or anything fancy. They were really
nice. I think I'm going to keep using them. I mean, any system that's running Gnome, you know,
Gnome 40 or above, super handy. You can just swipe up or down to sort of go out into the expanded view or
not go get a quick overview of everything. Or if you want to swipe to go easily switch applications,
that's nice. And then you've got swiping left to right to go between your workspaces, which is
super handy. I don't have to lift my hands up, go find control alt and the arrow key.
It was just, it was really smooth to you know, like on a kind of crummy trackpad on Linux,
my expectations were honestly low, definitely low. I sort of figured it'd be kind of stuttery
or laggy, but no, and I could just swipe back and forth and it felt like using a fancy tablet.
That's nice. Yeah. So I'm curious now you got, so you're coming from a curated GNOME experience with Pop.
You've obviously got a Plasma install.
And now you're on GNOME Shell 40 with this new overview layout with the gesture support.
Which one are you preferring the most?
Okay, well, on 34 beta, you know, I'd mostly just been playing around with things.
I hadn't got it totally configured yet.
So it was, it felt a little Spartan compared to the curated
pop experience, but that's okay.
You know, with like a little theming, a little bit of
love, installing a couple plugins
maybe, I think it's going to
get there. I do still like
a lot of what the pop shell
and the tiling integrations, and I think
long term on a production machine
I might want to add that back.
But I like the changes in 40.
I think it's good.
It felt like a very friendly, easy-to-use desktop.
I liked, I mean, even just without thinking about it,
you know, I've read through the articles.
I've played with it before in a VM.
But I didn't have to worry about that.
I didn't have to walk myself through like,
oh, yeah, right, this is what changed.
I just sat down and used it, and it felt good.
Yeah, in my experience, on a laptop,
this horizontal layout that they have now,
and with gestures when you have them,
it's really, really efficient.
Because the gestures, your hands,
obviously you can invoke them with the keyboard
if your hands are on the keyboard.
But it's nice to have an option if your hand is on the mouse.
And on a trackpad, it's sort of just this effortless swipe motion.
It almost feels like you're casting the windows on your screen with the swipe to begin with.
It's natural.
Yes, it's very physical.
Yeah, and it's nice.
And then you can fly through that interface really fast and rearrange windows super quick.
My concerns still about having multiple screens and vertical screens still remain, but on the laptop experience, boy, is it nice. It is really, really great. You know,
so I did my deployment on my X1 Carbon. Felt good to be back on Fedora on the X1 Carbon.
You've been previously running Arch on there, right?
Yes, with Plasma.
So it's all still all recent software.
on there, right?
Yes.
With Plasma.
So it's all still all recent software.
Right.
Man, is it tight.
It is.
I don't really consider
that a fast machine,
but yeah.
But it's really
the whole package.
You know,
Pipewire comes in.
It's seamless.
It's transparent.
They've nailed it.
I think the community
is going to be comfortable
adopting this.
And what I have used
in production,
like I said earlier,
I like it a lot.
Firefox 86 is a part of this mix.
86 looks great.
It's super smooth and fast.
The Fedora 34 version runs under Wayland,
and it's great.
It renders even nicer and smoother.
I mean, the bottom line here,
what Wes and I are saying
is this new technology stuff is coming together,
and it's fast. All these improvements are equaling speed. We've just gotten a bunch of
nice new things and it's making stuff faster and more secure. Wayland and all of the hard work
that went into making everything work great on it, which has been a Herculean task, is paying off now in major ways.
It's at a stage now, and this is going to be a different benchmark for each of us,
but for me, it's at a stage now where I want to run it.
I prefer to use Wayland.
It's not just your sort of incentive to try all the hot, new, shiny software,
regardless of if it works, but you want it because of the features.
Right. It's part of now how I set up my machine to have the best, smoothest experience to make
it feel like the investment in my X1 Carbon was worth it. It's not being forced on me.
I am electing now to use Wayland and I really don't have stability issues either.
It's a different bar for each of us. I know some of you NVIDIA users are sitting there going,
nice to be you, Chris, but it'll get there for you too. It's going to maybe be until the summer, but it's going to get
there. But my bar has been reached and I'm all in on Wayland now. I have no compelling reason not to
use it on my personal systems between as long as I stick with AMD graphics and Intel graphics.
But all of that, that whole stack coming together makes my x1 carbon feel like a super fast machine
34 is just a solid release of fedora so far wayland has really gotten somewhere and all the
work that went into it all of the performance improvements that have gone into gnome 40
and you know we should acknowledge there's a lot of great desktops out there plasma 521 is also
looking fantastic but today we're talking about this stack.
It's really nice.
It's professional grade.
And what really put it over the top is I finally got around to figuring out where it's hidden in the user management UI to enable fingerprint login to the Gnome Shell desktop.
And my ThinkPad X1 Carbon has a fingerprint reader on it.
Super simple to set up,
and to my absolute delight,
they even lapped Apple,
and it can be used for pseudo-privileges in the terminal.
Now that is fancy, dang.
Yeah, so I can fingerprint sensor from,
I just, this thing feels so pro.
It is lean, mean, fast now in like a perceivable UI way.
And this fingerprint integration into the GNOME experience,
where I can even use it for pseudo permissions at the terminal.
I just feel like all of this combined makes this one of the most professional grade setups I have ever used. It's funny how there's all these little tiny pieces of polish.
And before, on the flip side of all these changes, those were the little tiny pieces of polish that
might keep you on, say, like a Mac desktop just because you're making that comparison. You know,
like, I'm trying to get work done. I need a professional workstation that just gets out of
my way. I know it'll work. It's rock solid. We're slowly getting there. I mean, maybe you're already there on
Plasma, et cetera, but it's coming together, like you say, and that's just neat to see. And it's
neat to see these tiny backend changes over months and years actually have a perceptible difference
day to day on the desktop. It's so cool to see it all coming together. Like a lot of hard work has gone in for many years,
but specifically in 2020,
that's just kind of all popping in together now.
And like you were saying, Wes,
to kind of expand on that,
I kind of feel like,
and we have this happen from time to time,
we hear from like a disillusioned back user,
they get annoyed with,
we were just talking with Ben before the show,
he gets annoyed with something that Apple's doing or the direction Big Sur is going or
they want to stay on the x86 platform or, you know, all of these list of reasons or
they just burn out and they want something that's more fun.
They'll look at Linux and you try to figure out, well, maybe we should recommend elementary
OS, maybe, you know, Ubuntu because, you know, if you're coming from the Mac, you want something
that's widely supported.
I don't know, Ubuntu, because, you know, if you're coming from the Mac, you want something that's widely supported. I don't know, man. This setup, I think, is what I'm going to advise. If somebody's coming with, like, the low-end MacBook Pro to MacBook, high-end MacBook Air range, and
they want a Linux laptop, the X1 Carbon with Fedora 34, when that whole package comes together,
is going to be an easy, safe recommendation. But the best part is all of that stuff that's making that recommendation great
is coming to a distribution and computer near you.
It's not just exclusive to this X1 Carbon or the ThinkPad lineup
because this isn't the Apple model.
This is going to be available to System76.
This is going to be available to Dell.
And everybody is going to have this stuff
that makes these systems faster
and perform better.
And it's free for those vendors.
It's remarkable.
Now, you can get,
depending on what avenue you take
in the Linux space,
you can get access to it today
if you're willing to run beta software.
But I think I'm going to stick on it, Wes.
I don't think I'm going to go back
to a stable release.
I'm just going to stick with this and roll with it.
You're just going to see what happens.
And that means you're also moving away from Arch, huh?
Back over in the Fedora world.
Yeah, at least on that system for a bit.
So there's a, I really like Arch, but Arch is a DIY kit.
And sometimes I know exactly, exactly what I want.
And I just want to go build that, and I just want to go build that and I just
want it to work and I want access to as much software as possible and that is probably a
maybe even maybe the most common use case for me but there's also you just have to acknowledge
Fedora is positioned for multiple reasons in a space where these things sort of land first curated
i already have wayland and pipewire on my arch box upstairs of course you do but it doesn't really
it's not all coming together all in this package like it does with 34 where you get you get 40
you get pipewire you get wayland you get butter fwire, you get Wayland, you get ButterFS,
like this whole curated package that is kind of like cutting-edge Linux
in a thoughtfully designed way.
It's an idea, it's a concept that I find extremely compelling
that Arch doesn't necessarily compel me in that way.
Right, here you're kind of in on the zeitgeist,
the place where the action's happening versus
an arch.
You're off on your own pulling together all this software by yourself.
And both can be useful use cases.
That's the beautiful thing about Linux, right?
And many others that aren't even defined by those two.
But I think the nice thing is to see all of it, to see the different elements.
Like the team's also spent the last couple of years working on a new logo, and that's
going to land with 34, which is going to land with 40.
And it all really comes together as sort of a symphony of open source software development
in this particular release.
And so it is fun to be running it.
And we didn't even get into Toolbox, which you know Christian loves to talk about.
But legitimately, Toolbox is a great way to have quick little pet containers.
And now they're making it possible where you can run the RHEL universal base image.
So you could just fire up a Toolbox instance that's RHEL-based on your Fedora 34 workstation.
And so you can have a development environment that's totally RHEL production while having a cutting-edge desktop experience.
Like that, man, it's a sweet combination combination and you can really see it all coming together.
And I love I love that there is space to talk about this because it's not just this one thing that's going to have all these features.
And that's what you get in the Apple world is this one thing.
And they have these these big bursts like a WWDC where they announce all the new things that this one siloed place is going to have.
And here, it's everyone gets it.
It's just so cool.
Yeah, you can take the pieces you want.
You get the updated apps.
You don't have to run any or all of it if you don't want to.
Stay on X if you want, but still play with pipe wire.
It's all possible.
Let's do just a spot of cleaning around here and mention a little housekeeping items.
We are getting close to episode 400.
If you haven't been to a live show in a while, it might be worth putting on your calendar.
It's just a few weeks out and come hang out with us and celebrate our 400th episode.
And of course, our live time, you can get that at jupiterbroadcasting.com slash calendar.
It's noon Pacific.
You know, it is actually, it's pretty easy.
The Telegram group's going as well.
Join us at jupiterbroadcasting.com slash Telegram.
And then the LUP plug every Sunday at noon Pacific.
Again, that's on our calendar.
And that just happens in our mumble room,
right there in the lobby.
People just hang out talking Linux.
It's pretty nice.
It's pretty cool.
And you can hang out and do it too.
And then you're all set up for the show
when it comes time for you to join,
maybe on episode 400 and hang out with us.
We'd like to see you.
Yeah, that'd be pretty great.
So check out the LUP blog and get your Mumble information,
all of that at linuxunplugged.com.
And last but not least, I'll just mention
we have the all shows feed that I'd love you to take advantage of. That way you just get all the shows, all the shows, because there's a lot more
going on. Like we have Linux Action News every Sunday with Wes and I. We try to break down the
biggest news items that you need to know about, kind of with the mindset that if you're trying
to stay current on the industry, these are the trends we think you should be watching. And we
do that in Linux Action News at linuxactionnews.com.
So go check that out.
And that, my friends, is the housekeeping.
What do you say we do a couple of picks before we go?
Oh, have you got something special for us this week?
Well, you know, we have like a run of different types of top apps.
And that's fun.
I think every single possible one, yeah.
As far as I know.
But, you know, we've never had a kernel top app until now.
Like, if you could call it that, I guess.
It's called Kmon.
It's the Linux kernel manager and activity monitor,
and it's kind of neat, Wes,
to kind of explore what your kernel is doing.
Yeah, it is just a handy little command line app.
You can go download it on GitHub.
And by default, you get just a nice little terminal interface
where it lists out all your modules.
You can scroll through.
It's got interaction with your keyboard input or also the mouse, it looks like.
And it's got a handy log of all the stuff your kernel's been up to.
Yeah.
Even better than that, Chris, it's written in Rust.
Oh, no way!
You didn't say anything.
You waited to tell me that.
I know how you like to be surprised.
All right, well, I'm going to submit a Linux application
that is a Mac favorite, but with a much cooler Linux twist.
When we do it, we do it right.
It's called eBPF Snitch.
If you're familiar with Little Snitch on the Mac platform,
it would monitor outbound traffic and snitch on an application
that is trying to connect to a
server without your permission. And you could discover some interesting metrics being collected
by using an app like this. Well, eBPF snitch is a Linux application level firewall that's based on
eBPF, which we've talked about, and NFQ. Of course, it's inspired by OpenSnitch, which is also,
we've mentioned before on the show,
but it uses more modern kernel abstractions
without the need of a kernel module,
which is great.
The daemon is implemented in C++20,
and the interface to manage it all
is Python 3 with Qt 5 bindings for the UI.
I mean, it works.
It's not the prettiest UI,
but I don't know what you want for something like this.
Yeah, what are you expecting?
Yeah, yeah, right?
You got to get the features in first to make it actually work.
And we'll pretty it up later.
Yeah.
And yeah, I think that this uses eBPF is super exciting.
You know, there's been some issues, I know, in recent Mac releases around Little Snitch
and, you know, having to add modules on the Mac side or similar techniques here.
Anytime you're directly messing with the kernel, well, maybe you get a little nervous
or it's a reason not to install it.
But if you have a modern kernel,
you have eBPF support,
this seems like a no-brainer.
Although, disclaimer,
the security of this application
has not been audited by a third party
or even myself, writes the developer.
So, hey, there you go.
Wes Payne cannot guarantee the security,
nor can the developer.
Don't blame me.
Blame Chris.
Don't you know, it's blame Alan Jude.
It's always blame Alan Jude.
All right, well, hey, Wes.
How about a little bit of feedback before we go?
We had somebody write in on the Docker socket security thing
that we talked about in a recent episode.
Frank the Tank writes in again.
I'm writing in regards to episode 395
and the misconfiguration Neil had used to take over the system.
As far as I remember, it was the ability to access the Docker socket.
Now, I run Debian 10 on my machine,
and that isn't possible as a regular user,
although I didn't configure anything in those regards,
and Docker, or AppArm, or anything.
So how come it
works on your Debian 9 system? Did the default change from Stretch to Buster? I'm afraid my
machine also has this vulnerability without me knowing it. Can you please explain a little bit
more about how to avoid it? Thanks a lot, Frank. Good question, Frank. Thank you for writing that
in. So did we tinker with it beyond any defaults?
I remember we had several discussions around it,
but I can't remember what we ended up ultimately doing.
Yeah, so in our case, it was just that
that user shouldn't have had access to the Docker socket.
So whether that was misconfiguration of the user permissions,
adding it to a group, say,
or that was misconfigurations of permissions on the socket itself,
either way, the result was the same.
But by default, hopefully your distro doesn't have that,
and that any users that don't need access will make sure they don't have it.
Yeah, it was really to demonstrate how risky that is.
But I recall the other thing, Frank, I think to keep in mind that we did
to just make it achievable in the time span that we had
is we enabled the backup account to have shell access
and then that password got leaked so that the reason why we did that is because with the
exception of the leaking as far as i know i actually have seen that in production that that
configuration that we uh we went with and so it is very common um or at least possible. But it does require at least having, in our case, the backup user in the Docker group.
That's right.
That was kind of the concession we made.
But I think it also demonstrates just the risk you do take by having that Docker daemon run as root.
Yeah, exactly.
Think carefully about what you're giving access, what accounts, what users,
and, hey, maybe consider something like Podman.
Or at least don't let Neil on your system.
So, yeah, there's that.
We're going to do it again, though.
I think we'll give it some time, and then we're going to do another one.
So stay tuned, Frank.
Alex writes in, I asked about exiting big picture mode
because I was playing with that Steam Link application
that was recently released by Valve and Collabra that just is essentially a thin client streaming app to connect to another PC running Steam, Windows, or Linux.
And you get in big picture mode.
And every now and then I had confused it.
And I could tell there must have been a way to get to the desktop.
I actually got a couple of tips.
But I liked Alex's just because it was so simple.
He says it's really easy when you're in big picture mode. Just go to the gear icon
in the top right and hit close big picture mode. Then you're just in a regular remote
desktop session. I do it all the time and it works well. Thanks for the show, Alex.
How about that? That sounds really simple. Just exit it.
I like how you're giving tips about replacing jack and pulse with pipe wire. And then the audience is giving you tips about how to exit your app to the desktop.
I guess so. Hey, you know what? That's fine by me, linuxunplugged.com slash contact. If you want
to suggest an app pick or respond to something we've talked about on the show or share your
thoughts about the future direction of the Linux desktop and why it's more interesting than ever,
because there's many reasons we didn't even touch on in this episode
and you could give voice to some of them
at linuxunplugged.com slash contact.
Hey, Wes, did you know they could get more of you
at linuxactionnews.com?
Yes, they can.
That's true.
There's more stuff going on
than what we managed to cover in this episode.
And so we package it all up
in an easy to digest format
at linuxactionnews.com.
If you do the Twitter thing,
you can follow this show at Linux Unplugged.
I'm at Chris Lass.
What about you, Wes?
I'm at Wes Payne.
Hey, that's easy.
And today I was even teasing what we're talking about and getting the conversation rolling
there.
And the entire Jupyter Broadcasting Network of fantastic shows, well, you can find that
at jupyterbroadcasting.com.
There's more shows.
Did you know that? Just check that out. I mean, why not? jupiterbroadcasting.com. Why not?
And while you're there, head to slash calendar to find out when we'll next be live. Sure,
it's usually the same bad time, but you never know. See you next week. Same bad time,
same bad station. As far as we know, it will be, but you never know. See you next week. Same bat time, same bat station. As far as we know, it will be,
but you never know. Things could change. Things could change. I've been, I've been tinkering
with an idea in my head. So it is worth checking that from time to time. Otherwise, join us at 12
PM Pacific, 3 PM Eastern on a Tuesday. Links to everything we talked about are at linuxunplugged.com,
like how to contact us, mumble info, matrix info, subscription links for the show.
It's all over there.
It's all over there, man, at LinuxUnplugged.com.
So go check it out.
Thanks so much for joining us on this week's episode
of Your Unplugged Program.
And with all that said, future and all,
we'll see you right back here next Tuesday! Okay, jbtitles.com.
Let's go pick our title.
And then also, I just wanted to mention, because I know a lot of us in the community are Telegram users,
it looks like Telegram is in a tough spot.
Show me the money!
They're looking to basically raise like a billion in debt funds.
The messaging service has about $700 million due
at the end of April to creditors.
And of course, at the same time, as we've all seen,
Telegram's usage is exploding right now.
And so the expenses for bandwidth and storage
are described as rapidly growing.
Are you saying I should stop uploading giant MP4s
just to send to myself via Telegram?
Dang it.
Yeah, Telegram is going to have to start raising money.
So expect to see ads soon
because if they're going to go raise money
and get a bunch of funds in,
they're going to have to promise these investors
a return on that money.
And the way they're going to do that
is probably through some sort of ad system
or subscription or I don't know.
But would you pay? Would you subscribe? I think I would. You know, I was thinking about it.
And Telegram so far, I think we all still remain slightly suspicious of their own crypto that
they've decided to implement for secret chats. Yeah. Yeah. But relatively speaking, it has been
unbelievably solid for years now.
And it handles crazy scale groups because I got in some of those Wall Street bet groups for fun and they were crazy sized.
It handles low bandwidth situations really well.
And also, the desktop client is really reasonable when you look at the other chat desktop clients out there for chat services.
Yes.
I think Telegram's like one of the best.
Yeah, they've just kind of continued to be a good chat client.
That's always what keeps me there is it's like, okay, you're fast, you're easy,
you support me sending all the different, you know, GIFs or images or attachments.
I mean, I've had my family on there and they haven't complained,
so that's got to be a test too, right?
Yeah, I have my family on there and they haven't complained, so that's got to be a test too, right? Yeah, I have my family on there.
It all works for them.
And I haven't really noticed the Telegram desktop client for Linux
lagging far behind the commercial platforms versions.
And I still really appreciate the fact that they have certain accessibility tools
like Zoom and Scale that I like,
and they integrate natively with my desktop notifications.
I mean, all in all, as far as features go for a desktop chat application that also has a great mobile app,
that also has a web client available, that has a lot of features, including voice calling and
video calling and group chats and channels and private messages and secret chats and
self-destructing chats and, you know, on and on and on, right? It's pretty good. I'd hate to see it go away. And I would much rather pay $10 a month, I guess,
than have ads in my chats.
That I don't really want.
Or maybe ads in the Jupiter Broadcasting Channel, right?
Yeah.
Yeah, I don't like that.
How would you say that Telegram stacks up against Matrix?
Well, it's way more accessible by regular folks.
You know, I can have a family member get on
telegram in 15 minutes just to do a chat session with them i couldn't have like my aunt or my uncle
who who i'm thinking of in this scenario they wouldn't be able to set up matrix it'd be beyond
them for sure uh even element you know it's just it's too complicated i think telegram is a different
use case as well because with matrix i feel like it's more like the Discord use where you have you have a server for a community and then you can have a bunch of rooms on that server for more focused discussions.
It's also continuous engagement, right?
Telegram is very ephemeral in a sense because it goes by.
Yeah. And it's also like very one on one like there's.
Oh, yeah.
You can tell because like how poor the experience is for group chats relative to the one-on-one chats.
Exactly.
It's definitely came as a direct person-to-person messenger first with group chat features later where Matrix was built with group chat in mind.
So it just depends what goal.
So for me, like if I'm just communicating something quickly with people, I think Telegram may be the better solution if it's just one-on-one chats.
But if I'm already in Matrix, you know, then just use Element. Anyways, I just think it's a tricky spot
they're in to have $700 million due by the end of April. They kind of went all in on hoping a coin
would be their path to revenue and then got shut down by the regulators. And now they're kind of
having to figure out a plan B and it doesn't seem like it's super solid yet. And so, I mean, I'm grateful for options like Matrix Kernel because we have
a pretty solid plan B. And there's obviously other platforms out there like Signal and Wire.
And I know a lot of people use WhatsApp and others. Telegram has just sort of been the one
that I've landed on and a lot of my family and friends and community have landed on.
So who do you think is going to buy them?
That's the question, isn't it? I don't know. Leave your prediction below.
Maybe it'll be Tesla Jet.