GNOME Usability Hackfest

Back in the Dublin office today after last week's GNOME Usability Hackfest in London, during which I didn't blog nearly enough.

My main goal for the week was to help figure out a plan to revise the GNOME Human Interface Guidelines, which I originally helped to write almost a decade ago, but which really haven't kept pace with the changes in either hardware or software technology over the past 5 years.

The notes from all the discussions we had aren't all that impressive to look at, but I think the key thing is the general agreement to have less monolithic text, and switch to more of a pattern library approach. This should allow us to react much more quickly to changing trends in GNOME UI design, maintain related patterns for different types of devices such as desktop, touchscreen and stylus devices, and even allow individual distros to customize the library with their own unique, in-house patterns if they so desire. (Which hopefully won't be too much, but it's clear that, for example, the GNOME-based Moblin UI is a different beast from the vanilla GNOME desktop, so the Moblin team will likely want to maintain some patterns of their own.)

I've already started to draft up a template for what a GNOME UI pattern might look like, and hope to flesh things out a bit more over the next couple of weeks.

Of course, many other things were discussed at the hackfest as well. Nautilus and gnome-shell were hot topics, as was the old chestnut of a GNOME control centre redesign--on that front, I ended up moderating a couple of card sorting sessions during the week where we had users categorize 100 settings into groups of their choice. Charlene from Canonical presented an Empathy usability report, partly to discuss the findings, but mostly to discuss how best to present such reports to GNOME developers. And of course, Seth's vision of a future GNOME desktop hit the headlines, making it to Ars Technica almost immediately!

On the community front, some ideas for improving the tools we use to analyse and report usability data were also discussed. And there was a strong presence from the accessibility community, to keep us all honest when coming up with anything new.

Many thanks, of course, to Google and Canonical for sponsoring the event, and particularly to the latter for hosting us in a 27th floor office so we didn't need to waste money on the London Eye :)

Comments:

One of the most challenging things about the GNOME interface from a system administrator's standpoint has been the lack of an intuitive way to build a safe, slim, and high-performance user environment.

We have an kiosk type of environment where we have 100 desktops running on a single server with an H-A server running another 100 desktops... each desktop running over a WAN connection. We would like to start adding more virtual desktops per server, as well.

- We don't want more than 256 colors (8 bit instead of 24 or 32 bit virtual frame buffers take up A LOT LESS memory & WAN bandwidth.) Is there a way to make GNOME consume fewer colors on a policy basis on the entire machine to make the user experience snappier for remote users?

- We don't want people to have shell or terminal window access, it violates the security policy. Is there a way to take away the ability to run executables from a command line prompt on a per user or per UNIX group policy basis to secure GNOME?

- We want users to have access to some printers and some applications that we want to install into the basic "start" like menu, as well as the root menu. It there a way to take away all application and add them back in on a per user or per UNIX group policy basis?

- We want users to have access to a web browser, but we want to be able to limit the URL's that they are allowed to view, like some kind of reasonable black list that can be applied to a user or UNIX group policy?

- We don't want the user to be able to explore using a file browser outside of their home directory or around the network... only resources we want to share with them. Any way to isolate file manager GNOME on a per user or per UNIX group policy basis to a select set of directories?

- There are various options for sound and such which are just not needed in a virtual desktop environment. Any way to shut those features off in GNOME on a per user or per UNIX group policy basis?

With the different file browsers that can leverage URL's, web browsers that can leverage file URL's, multiple places to run UNIX command, and large numbers of applications that just are completely useless around virtual frame buffers - getting control of GNOME to make it both secure & usable is just unreasonable.

Are these types of issues going to be addressed so we can build a snappy, secure, and usable environment for our virtual users?

The olwm and olvwm were two really great environments which were very easy to configure for all of the users or even individual users (by creating a symbolic link to a common background menu across multiple users.) These were simple to configure and policies could be built very effectively for very scaled back user environments so they could get their work done.

Hoping to hear some good news regarding GNOME client usability enhancements!

Posted by DavidHalko on March 04, 2010 at 09:51 AM GMT+00:00 #

One of the most challenging things about the GNOME interface from a system administrator's standpoint has been the lack of an intuitive way to build a safe, slim, and high-performance user environment.

Posted by ed hardy swimwear on March 05, 2010 at 07:15 PM GMT+00:00 #

We don't want the user to be able to explore using a file browser outside of their home directory or around the network... only resources we want to share with them. Any way to isolate file manager GNOME on a per user or per UNIX group policy basis to a select set of directories?

Posted by Abercrombie on March 05, 2010 at 07:41 PM GMT+00:00 #

GNOME itself does allow you to lock down many aspects of its interface, including the prevention of terminal access if desired. This is done via gconf, and as such can be mandated to as few or as many users as required. See http://docs.sun.com/app/docs/doc/817-7306/lockdown-0 for more details.

The GNOME community offers a couple of applications, Pessulus and Sabayon, that provide a friendlier front-end for this lockdown functionality. Sun doesn't currently ship those, so they are largely untested on Solaris, but you're welcome to build and try them yourself:

http://live.gnome.org/Pessulus
http://live.gnome.org/Sabayon

There's also ongoing work around 'parental controls' for GNOME, which amongst other things, has URL filtering for web browsing. (Clearly this has applications outside parenting, so a project name change is probably in order!) This work is new and not yet part of the core GNOME desktop, but again, the code is out there and ready to try: http://projects.gnome.org/nanny.

Sun have provided a couple of solutions of their own to such issues over the years. One was APOC (aka JDS Configuration Manager), which allows a system administrator to centrally lock down many aspects of the GNOME desktop for different groups of user. This product was open sourced a couple of years ago (http://apoc.freedesktop.org), but unfortunately hasn't seen a great deal of active maintenance since. As such, it should still work fine with Solaris 10 (and contemporary Linux distros), but probably isn't much use on OpenSolaris. However, the code is all out there if anyone wants to bring it up to date, or just modify it to work with their environment.

At the other end of the spectrum is Solaris Trusted Extensions, which allows organisations to define and implement complete security policies that are rigourously enforced by the desktop environment: http://docs.sun.com/app/docs/doc/819-0868/ugintro-10. Trusted Extensions are available for Solaris 10 and OpenSolaris.

Posted by Calum Benson on March 06, 2010 at 03:24 AM GMT+00:00 #

Post a Comment:
Comments are closed for this entry.
About


I am an Interaction Designer in the Systems Experience Design team, arriving at Oracle via Sun where I've worked since 2000. I currently work on sysadmin user experience projects for Solaris. Formerly I worked on open source Solaris desktop projects such as GNOME, NWAM and IPS.

Search

Archives
« April 2014
MonTueWedThuFriSatSun
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
    
       
Today