Scott James Remnant

A common mistake of user interface design is to come up with a clever solution to a common user problem, when you should work out a way to remove that problem in the first place.

My example here is the password entry dialog, in particular the GNOME Screensaver one.

The common user problem is that their password is rejected, even when typed perfectly, because the Caps Lock key is on.

The clever solution was to display in the dialog that the Caps Lock key was on, and thus hinting to the user why it might have been rejected.

The better solution would be to ignore the state of Caps Lock in all password entry dialogs, so it doesn’t matter whether it’s on or off.

Like any sensible software developer, I have a close relationship with revision control systems. In my previous job, I was an SCM Engineer (see Software configuration management) which meant I had an even closer relationship than most, since we were running the CVS servers and actively using them to track changes and deployments.

We all know, deep down, that revision control systems shouldn’t exist. This kind of thing should be inherent in the design of the operating system, through standard file and filesystem formats. The OLPC interface is making some headway towards that, but for the rest of us, it means using a revision control tool throughout the development process.

Unfortunately, even though the tool is expected to be the most-used command on your system, very few of them are particularly easy to use. Thus there’s a large learning curve, and people become religious about their choice since they have invested significant time in using it.

Just to spice the mix up, not only will people religiously defend their choice of revision control system, but they’ll do so while actively hating it.

In the beginning there was CVS and we all thought that it was pretty good. It was based on the simpler RCS and shared a file-format with it, but introduced control of directory trees and remote operation.

Actually, in reality, CVS wasn’t that good. Its command set could be a little strange and inconsistent (e.g. it’s not possible to diff between two dates on a branch); the support for branching assumed that all branches would be merged into the mainline, and only once; and nobody ever really knew how to create a new project in a repository (tip. cvs import is wrong).

But we all used it anyway, and we muddled through. It did have some good features; it was simple, fast and pretty reliable–when it did break, you could usually fix the repository yourself. And most importantly of all, we understood how to drive it.

And so it was for many years, until Subversion (SVN) came along. Subversion intended to be “a better CVS”, perhaps this goal should have made us suspicious at the time since CVS was already being a pretty good CVS by itself; unfortunately we hated CVS so much we flocked to the new system in hope.

In hindsight, Subversion didn’t really improve on CVS much at all. In fact, arguably, the only real improvement was the addition of atomic commits (in CVS, each commit is per-file, so it’s manual labour to work out which change was made to two files at the same time).

(Its support for branching, tagging, copying, renaming, etc. were no better than CVS’s when done in the repository by hand.)

The cost of this single new feature was a much more complicated interface (with two separate commands), a backend that tended to break down weekly and a lethargic slowness to its operation.

Most people I know now justify their use of Subversion instead of CVS by “Subversion is maintained, CVS isn’t” which is a somewhat self-fulfilling justification.

While the mass conversion to Subversion, and ensuing disappointment and frustration, was going on; something new appeared on the horizon: Arch.

Arch was different, it broke one of the core assumptions of revision control, that of the repository as a cathedral. In CVS, and Subversion like it, if somebody wants to modify your code (even if on a branch) you need to give them access to your own repository. In some cases (especially with CVS), vast access control and permission structures would be in place to ensure proper behaviour.

With Arch, you don’t; all you need to give to anyone is read access. Anybody can make their own branch by copying yours and committing to their own copy.

This model also necessitated fixing a long standing problem that CVS had; Arch has repeatable (smart) merging. If you merge from a branch, you can merge again later, and again, and again.

Arch made this possible through each commit (changeset) having a globally unique identifier; made from the branch’s own globally unique identifier and the changeset number in the branch.

Unfortunately while this was a massive step in a new direction, Arch had an absolutely terrible user interface. Its command list was terrifying with over 100 commands, many of which had multiple word names (tla set-tree-version). It exposed too many of its own innards, and expected you to learn them. It also forced baroque file naming semantics on its users and strange policy (though shalt not commit without first running “make clean”).

Efforts were made to improve Arch’s user interface through projects such as baz, but they were always to be doomed from the start.

We’ve since seen an explosion of new revision control systems; Monotone, Darcs, Git and Bazaar.

What’s especially interesting is the commonality between these systems. They are all “distributed” like Arch, though they also all discard the strange “unique branch identifier” convention and instead simply assign a unique identifier to each file or commit.

This means that they all support personal branches, and by necessity all support repeatable (smart) merging.

So how do they differ, what are their killer features and killer problems?

Monotone is all about repository integrity, ensuring that every commit is both authorised and intact. It pays for this with a severe lack of speed.

Darcs is based around a “theory of patches”, a branch is not made up of its history but by the collection of patches in it. Unfortunately this often breaks down, and darcs frequently gets stuck calculating even trial and commonplace branch models.

Git is very strange to me; its killer feature appears to be the speed at which it can handle very large trees, but the interface is as insane as Arch’s was. It is heavily optimised for the “I only apply patches” development model, at the expense of ordinary development models (it shares an issue with Arch where calculating annotations on an individual file is an expensive operation).

What about Bazaar? Its killer feature is that it is designed to work the way you do. The command set is relatively small, and each of them works in the most obvious manner. It also supports plugins so that you can always implement your own workflow.

Of all the revision control systems, it’s the only one (that I’m aware of) that supports both distributed and centralised workflows (and lets you go distributed when you need to, e.g. when you’re on a plane).

Here’s a few examples of how Bazaar’s command set works the way you do. To start managing some code in bzr:

$ cd myproject
$ bzr init

To add the files, copy in your usual .bzrignore file and just add everything:

$ cp ~/bzrignore .bzrignore
$ bzr add
added foo.c
added bar.c

Check the output for mistakenly added files, adjust .bzrignore and remove the file with bzr rm.

A common operation is realising that the commit you’re about to make should really go on a new branch for now:

$ cd ..
$ cp -a myproject myproject-foo
$ cd myproject-foo
$ bzr commit

A copy of a Bazaar branch is a different branch, you can commit to it separately. There’s a bzr branch command for it too (which deals with issues such as bound branches, checkouts, etc.) but it’s nice to demonstrate that Bazaar does what you’d expect even when you don’t use its own commands.

Pulling changes from another branch (where you haven’t made any modifications yet) is easy:

$ bzr pull ../myproject

As is merging (when your branches have diverged):

$ bzr merge ../myproject

One particularly nice feature is that after a merge, you see the merge as a single commit and it can be treated as such; but it also has the set of merged commits indented under it–you can examine these as individual commits as well!

What’s the downside of Bazaar? Well, it’s not the fastest system (but by no means the slowest), for small to medium sized projects this is never an issue but may be for extremely large projects–fortunately the developers are improving its performance all the time!

But that doesn’t matter; it is, honestly, the first revision control system that I don’t hate.

I think I’ve just invented a new sport…

Everyone knows the game of Googling your own name, and finding out all sorts of fascinating things that you have forgotten or didn’t realise had made it onto the Interwobble.

Here’s a new twist, use the Internet Archive Wayback Machine instead and read through things like old versions of your homepage.

I’m honestly shocked at just how much incriminating material I’ve found, both from my own website and segfault.org

This comment on my site from Leonard Richardson and my reply especially amused:

What percentage of the time are you drunk? This is to settle a bet.

Okay, well on an average week I guess I go out for 3 nights. Friday night starts at 5:30 and ends 12 hours later, the other two days would be probably from 9:30 to 2:30am, so 5 hours. So we can say I spend 22 hours innebriated. Just under a day, or 13% of the week. Some weeks that might be as much as 25% to 30% I guess tho.

Who was the bet with, and more importantly, who won?

This explains a lot …

Continuing my mission to put together a kick-ass team to develop the Ubuntu Desktop, the following position is now up on the website:

Posting Date & ID: September 2007 UDD
Job Location: Your home with broadband. Some international travel will be required.
Job Summary: To adapt and develop the GNOME desktop to improve the Ubuntu user experience.

Key responsibilities and accountabilities:

• Use open source development methods to create, select and adapt software to produce innovative user experiences and address the common problems of desktop computing
• Extend the desktop platform as necessary to support development
• Work with designers, artists and other developers to develop ideas and complete the project
• Involve the community of development projects, teams and Ubuntu supporters to incorporate a range of perspectives and ideas
• Take ownership of many aspects of the desktop user experience (”look and feel”) in Ubuntu
• Follow projects and trends in user interface design in the open source world, integrate the best technologies into Ubuntu and ensure their quality
• Analyse, triage and respond to bug reports

Requirements skills and experience:

• A keen and insightful eye for user interaction
• A passion for intuitive, usable and visually appealing interfaces
• A strong desire to produce distinctive ideas that stand Ubuntu out from the crowd
• Experience with the GNOME development platform and desktop environment and technologies such as GTK+
• Some experience with mainstream graphics technologies such as OpenGL and Cairo in the C programming language
• Ability to be productive in a globally distributed team through self-discipline and self-motivation, delivering according to a schedule
• Familiarity with open source development tools and methodology, especially those in common use for Ubuntu and Debian package maintenance

How to apply

Please send a cover letter and CV with references to hr@canonical.com. Please indicate in your submission the role for which you are applying. We prefer to receive applications and CVs/Resumes in either PDF or plain text format.

Havoc’s keynote at GUADEC was extremely interesting, especially for how it polarised the people present.

Several people seemed very upset with the notion that f-spot should be replaced by flickr, but I think that was a problem with the way that Havoc presented the message, and not the underlying idea.

Instead consider f-spot and flickr as sharing the same collection of data, and being two different ways to view and manage it; with changes from one appearing in the other. The mechanism isn’t important.

Consider the following:

• While out and about, I take a picture with my camera phone.
• On coming home, the phone is within bluetooth range of my laptop (with both enabled).
• The laptop sees the new picture, so announces the availability of the new picture.
• f-spot is subscribed to those announcements, and causes the picture to be copied into my local f-spot library, with the meta-data adjusted to indicate the local cache (as well as the origin).
• flickr is also subscribed, so the picture is automatically uploaded to my flickr account.
• At some point in the past, a friend on Facebook changed their mobile number; this was detected and the change announced.
• e-d-s was subscribed, so automatically adjusted my contacts.
• And my phone sync service is subscribed, so now my phone is in range, its contact list is updated too.

Now, isn’t that cool?

A few people commented on my last post asking for details about how I configured exim and dovecot to have the fake scott+canonical account and separate Maildir tree.

exim4 router configuration

The first key part of the configuration is to configure exim4 to split the local part into a user name and a suffix. This allows a local part such as “scott+canonical” to be split into the user name “scott” and the suffix “+canonical”.

This is configured by adding the following two options to the appropriate routers in your exim4.conf:

local_part_suffix = +*
local_part_suffix_optional

The first option defines the suffix; normal practice appears to be to use both “+” and “-”, but since I’d previously used “-” with qmail I opted to use “+” only so that I didn’t confuse myself during the transition.

The second option allows the suffix to be optional, so that mail to “scott” is still delivered normally.

Now mail to “scott+canonical” will be delivered to the “scott” user.

Forwarding configuration

The next task is to ensure that mail is actually forwarded to this address; for me this was a configuration performed by the Canonical sysadmins to ensure that my work e-mail is actually delivered to scott+canonical on my own mail server.

Filtering configuration

Since both personal and work e-mail are now both being delivered to the same user account on my home mail server, I need to filter the mail into separate folders.

This can be done by checking the $localpartsuffix variable in Exim filter .forward files, e.g.:

# Exim filter

if $local_part_suffix is "+canonical"
then
    save Maildir/Canonical/
endif

Now incoming work e-mail is filtered into a different mail folder, while personal mail is delivered into the primary one.

I’ve used similar filter instructions for mailing lists, mailman messages, Launchpad mails, etc. to filter into appropriate folders.

Where the mail is personal, it is filtered into (e.g.) Maildir/.Lists/upstart-devel/

Where the mail is for work, I add /Canonical/ to the path, (e.g.) Maildir/Canonical/.Lists/linux-hotplug-devel/

This means that the Maildir/ directory is my personal INBOX, with sub-folders immediately under that and beginning with a period; and the Maildir/Canonical/ directory is my work INBOX, with sub-folders immediately under that and beginning with a period.

This defines two trees in a manner compatible with dovecot. There’s no particular reason that Maildir/Canonical/ has to be under Maildir/, it could have been Maildir-Canonical/ and this would still work. I simply wanted them in one place to ease backups.

Dovecot configuration

Now we need to configure dovecot to permit login by a fake (”virtual”) user, with a different Maildir tree, so that I can configure them as two separate accounts.

The first set of changes is to dovecot.conf to add an additional authentication source. Modify the “auth default” block to add a new “passwd-file” passdb in addition to the “pam” passdb (or whatever your system is using).

passdb passwd-file {
  args = /etc/dovecot/passwd
}

This lets us authenticate virtual users, but we also want to set their attributes, so we can use the same file as a userdb in the same “auth” block.

userdb passwd-file {
  args = /etc/dovecot/passwd
}

Dovecot will now check both PAM and this file for user information.

We now simply need to add a line to this file to specify the virtual user and set up the alternate Maildir tree.

scott+canonical:PASSWORD:1000:1000::/home/scott::userdb_mail=maildir:/home/scott/Maildir/Canonical

The format is that of an ordinary passwd file; the first two parts give the passdb authentication credentials and the rest give the userdb information.

I’ve set this user to have the same uid, gid and home directory as my real “scott” user.

The final part changes the mail environment for this virtual user, instead rooting it at Maildir/Canonical/

Client configuration

The mail client will need two accounts adding; one for “scott” and the other for “scott+canonical”. It will see two separate folder trees for each account.

An unexpected bonus is that the reply account is now automatically set for me, since I’m replying from the specific account rather than from a single general one.

Like most geeks, I run my own mail server. The burden of administering it is much less than the increased flexibility in filtering incoming mail, let alone dealing with SPAM.

My mail server configuration has remained pretty static the entire time, and controversially, I’ve always used qmail.

The reason for this dates back to my first sysadmin job in the mid-to-late nineties, and the decision in those days did tend to be sendmail or qmail; with the security conscious choosing the latter.

qmail’s delivery system is a little odd, everything on the left hand side up to the first “-” is considered a user, and everything after can be used for filtering.

The default local delivery component takes this into account, so e-mail to scott-foo can be filtered by the /home/scott/.qmail-foo file.

This gives a pretty natural way to deal with mailing lists; you subscribe with a unique address for that list, and all the mail goes into the right folder automatically.

This has served me reasonably well over the years, with heavy patching across the daemon to add features such as LDAP integration, and SPAM filtering that I wanted.

Unfortunately it’s been getting to burdensome to maintain. Since it’s not true open source software, and is effectively abandoned upstream, it’s not as up to date as I’d like.

SPAM filtering tends to take place in the local delivery loop, rather than at SMTP time; and due to the strange delivery system, it’s unreasonably hard to perform any kind of sender verification or greylisting.

Since every special address is filtered differently, it’s quite hard to add common filtering unless it’s pre-planned and you use addresses with a common prefix.

The clincher has been dealing with super-sites like Launchpad which send huge amounts of different e-mails to a single address, and no facility to separate that from your published contact address.

I needed a better mail server.

So I’ve now moved to exim.

I was surprised by how quickly I was able to pick it up, I did the migration in two day outages. The first to simply migrate delivery and stash the mail in one big folder, and the second to customise the delivery and filtering to my liking.

I’ve also re-subscribed to mailing lists with single addresses again, so now I have a single filter rule which happily can filter Launchpad mails around as well.

Happily I’ve been able to make a change I’ve wanted to for a while, home and work e-mail is separated into different Maildir/ trees; and mailing list subscriptions made with the most appropriate address.

The magic of dovecot lets me create a fake scott+canonical user that uses the alternate Maildir tree, while still retaining my user permissions, etc.

Overall I’m pleased with the new setup, and how the migration went. SpamAssassin needs some tuning as a little SPAM is still getting through, but otherwise it seems to be working well.

According to the current issue (#93) of Linux Format, Ubuntu 7.04 (”Feisty Fawn”) is “…a dull release for Ubuntu, leaving Fedora to storm ahead…” (p. 23) whilst “shaping up to be one of the most innovative Linux distro releases of the year.” (p. 38)

Especially amusing for myself is that, with Upstart, they “seldom notice any difference in boot speed” (p. 42), yet “Ubuntu 7.04 boots up in record time, leaving other Linux distros in the dust.” (p. 22)

(As anyone who’s ever read anything about Upstart will know, Ubuntu still uses the SysV-rc scripts so there should be no difference in speed at this point. Funnily enough, they identified the reason Ubuntu boots fast in the same issue; “Changing the /bin/sh symlink to point to Dash instead of Bash can significantly shorten boot times” (p. 33) — unfortunately they simultaneously claim that Dash is only “almost POSIX compliant”, without explaining why they think it isn’t.)

In this modern world, the lack of any editorial direction or basic research into what’s being printed is quite refreshing.

I was really starting to worry that I wouldn’t be able to find another Cherry G80-3000 keyboard; even Cherry’s website didn’t list it anymore, instead only showing the vastly less clicky G81 range.

Happily I’ve found a stockist.

http://www.cherrykeyboardsrus.co.uk/

One of my pet dislikes are those people that pay lip-service to a particular problem, such as Accessibility, Internationalisation or Usability, without actually thinking about them.

My favourite example can be found at the Trafford Centre in Manchester, England.

Somebody there has clearly realised that accessibility is a problem, and ensured that every single sign has Braille added to it so that partially-sighted or blind people are able to read what they say.

They’ve only been paying lip-service to the problem though, and not thinking about it.

The evidence? The following sign, mounted directly on a door, with Braille on it:

Do not stand directly in front of this door.