At one point Ubuntu changed the EOL tables on their Wiki from 5 years to 10 with no explanation about applicability/ESM - just calling it LTS.
It is among the longest pages on our website.
They also publish an oval xml for use with openscap tools to get a list of unpatched CVEs. The issue is not enough people know about those tools. https://security-metadata.canonical.com/oval/
I rather not have them push an ad to my face when I open the settings.
I had to install Ubuntu on an embedded board last week and the "Ubuntu Pro" ad is like a greyed out tab in the settings widget if I remember correctly. Worse than the Amazon ad they had some decade ago.
To my knowledge, only some comments hidden in /etc/apt/sources.list mention this, but the more honest approach would be to warn all users when they try to `apt install foo` some package from universe/multiverse. Or do it like RHEL with their EPEL repo and disable it by default.
But I guess they would have never gotten this popular if people saw that Ubuntu is only a few thousand packages compared to Debian's tens of thousands.
Unless you intend to pay for support, I see no reason to not prefer Debian in 2024.
We were paying for Ubuntu Pro through an AWS subscription on 2k EC2 instances, and could not get Canonical to update a package with a CVSS 7.8 in the 18.04 LTS.
We've moved off Ubuntu Pro as a result. Blogged it at https://blog.thinkst.com/2024/07/unobtrusively-upgrading-ubu...
Thankfully I'm not personally looking for this at the moment, I'm more than happy being my own sysadmin and running anything from Arch to Fedora CoreOS to OpenSUSE on my machines.
Otherwise you're building on an operating system which rebuilds a commercial upstream while explicitly refusing to follow that upstream's rules. IBM has lots of experienced lawyers, as I've heard.
It's also slower at releasing updates, including security updates.
------
Sorry SSLy, I can't reply to you directly because I'm rate limited, it's very late here, and I'm not waiting for the rate limit to expire. So here's my reply:
I think previous decisions made by IBM have shown that they're fine at burning some community goodwill for short-term profit. People were called paranoid for worrying about the future of CentOS when it was taken up by Red Hat for "improved maintenance", and look where we are now.
Maybe you're right, but I personally wouldn't want to build anything serious on top of that "maybe". If something happens, lateral migration should theoretically work, of course..
Curious if this would actually be a solution. They state that fixes in Debian are down-streamed regardless of support, so if this fix wasn't down-streamed, then why would it be in Debian ?
As for why it isn't in Ubuntu 22.04 - perhaps because the Ubuntu release schedule does not match debian's. Debian buster was released in september 2022 - Ubuntu's April tagging is probably based off of the prior debian release which only gets critical updates.
Wouldn't have to create it to consolidate platforms if they stopped making them so often!
They have three concurrent LTS releases when they need one. Maybe two. 18.04 is the python2 of distributions. Let it go.
Having worked in several places that relied on it... ESM is being the bad kind of enabler.
Fedora handles "The Snap Problem" -- many target distributions -- with 'fedpkg' and 'mock'. Software and machines on the build side. Not by degrading the end user experience. They do participate with Flatpak... but that's peer pressure more than anything.
Flatpak is more well-rounded IMO. Probably from being the broader answer. Maybe this all doesn't make an argument. Just a bunch of statements. I don't know.
Back on topic: I wonder what all of this Canonical stuff in particular is for/leads to. New software isn't scary; 'just' plan/test. It becomes scary when you get lazy here... so accept your involvement.
> Having worked in several places that relied on it... ESM is being the bad kind of enabler.
The business proposition is 10 years of support with minimal package changes. Are you asking them to just stop selling that product?
Fewer LTS releases wouldn't change that core question, since if they never had a 2018 LTS release those users would be on the 2016 release instead.
I don't know if that necessarily means stop selling the product... but tighten up the terms, I guess? Anyone choosing to stay on something that old has chosen those gremlins.
The build of systemd and firewalld on 18.04 are both categorically broken. I don't know whatever people are solving with that old release (and Canonical in support)... but it's less than what those two things do for me when working properly.
The illusion of support for something so decrepit creates more problems than it solves in my experience. Either bite the bullet and modernize/upgrade... or keep playing with the unsupported sands of time
