See the future of Ubuntu ... plus an editorial on Debian
Canonical just announced the release of Ubuntu 8.04.1 LTS, the first "point release" after April's initial release of the GNU/Linux distribution's latest long-term-support edition.
If you already have Ubuntu 8.04 installed, you get everything in the point-release just by updating your box. But if you're doing a new installation, the point-releases mean that the new disc images will enable you to do the install from the CD and then need many fewer updates after the system is set up.
As you can see in Mark Shuttleworth's blog post on the very same topic, the first point-release came out three months after the initial 8.04 release, and following 8.04.1, there will be a new point-release every six months until the next LTS edition of Ubuntu is itself released. And if Ubuntu follows its schedule — and we have no reason to believe it won't — that next LTS will come out two years after the previous one, meaning we will have Ubuntu 10.04 LTS right when the version number says we will (10 for 2010, 04 for April).
As has been the case since Ubuntu's first LTS release (6.06), the long-term support means three years on the desktop and five years on the server, so if you're not the type who wants to roll the dice every six months on a new Linux distribution, and if Ubuntu's LTS release works well with the hardware you have (as it does for my Gateway Solo 1450), I know that I can leave 8.04 on my system for three years but have a new LTS in two years. Or I could track the regular Ubuntu release schedule and upgrade every six months.
It all depends on how you want to run your system. And choice is very good.
As a point of order, Ubuntu is based on Debian, and while Debian doesn't have a pre-set release schedule, it does have the very orderly process of having packages start in the Experimental branch before moving to Unstable, Testing and finally Stable. The current Stable release of Debian, named Etch, was released in April 2007, and the current Testing branch of Debian, named Lenny, is tentatively set to achieve Stable status in September of this year.
Now stay with me ... Once Debian "promotes" a Testing release to Stable, the Stable release it is replacing goes into "Old Stable" status and is maintained, as far as security updates go, for one year. That means the current "Old Stable," aka Debian Sarge, became Old Stable in April 2007 and was updated through April 2008.
Keep following ... And if Lenny goes Stable in September, then Etch will become Old Stable at that point and receive security updates through September 2009.
So if you only began using Etch when it achieved Stable status, you will have received two years, five months worth of updates from the Debian Project. Of course many jump on the Testing release before it becomes Stable.
I've been using Lenny (currently Testing) for months now because it runs so much better on the Gateway and is very stable despite still being a "Testing" release.
In summary: I know that Debian does its thing the Debian way, but I'd like to at least see a definite period of support for the project's releases. That means I don't care when they come out; it doesn't have to be every six months or even every year. But I'd like to see the project pledge to support Etch for five years, regardless of when the next Debian release achieves Stable status.
In other words, I'd like to see Debian treat itself a little more like the "enterprise" Linux releases from Red Hat and Novell — and like Ubuntu — by taking the guesswork out of how long distributions will receive support.
3 Comments
Leave a comment
About this blog
New ways to sign in to comment: I just added the ability for prospective commenters on this blog to sign in using their AOL, Yahoo! and Wordpress.com accounts (for the past 200 posts anyway ... more than that will take an extensive, middle-of-the-night rebuild). That's in addition to the other sign-in choices, which include starting a Movable Type account on this blog, Typekey, OpenID, Live Journal and Vox. If you have trouble getting your Movable Type account verified, or any of the other sign-in options are not working properly, please e-mail me. With these added ways of signing in, there's more reason than ever for you to make a comment (or several!).
Steven Rosenberg aims to learn what he does not know. He writes about it here.
Steven Rosenberg aims to learn what he does not know. He writes about it here.
Hello,
Unfortunately, Debian Project currently does not have the human resources to maintain such longer periods for security updates for 18K+ packages (Etch) or 24K+ packages (Lenny).
You should be warned that Canonical guarantees only the "main" repositories of LTS versions, something around a few hundred packages (I guess around 800, lts server has even less). And these already consumes an amount of funding.
As time passes, security patches become harder and harder to backport.
At canonical universe and multiverse repositories, backporting security fixes are issued as a "best effort" desire. And desire seems to vanish after about 1 year for most packages.
As an example, Mozilla Firefox becomes upstream unsupported in a relatively short period. Much less than the Debian Stable lifecycle. (Actually, this was one of the reasons of the infamous IceWeasel turmoil). Other upstream projects simply refuse to maintain security of older versions, issuing security fixes at new versions.
As new versions deviate from previous versions, backporting becomes harder to the point of a complete reimplementation of a security fix.
This is far from trivial.
Multiply by 24K+ packages instead of 800.
Maybe, in the future, when enough human resources become available, this responsibility could be taken.
Or a different mode of releasing at Debian Project.
Regards.
Andre Felipe
Hello,
I found from http://people.ubuntu.com/~ubuntu-archive/seeds/ubuntu.dapper/supported
and from
http://people.ubuntu.com/~ubuntu-archive/seeds/ubuntu-server.dapper/server
linked reached from
https://help.ubuntu.com/community/ServerFaq
That Canonical supports at Ubuntu Dapper Desktop LTS 741 packages.
The Ubuntu Dapper Server LTS is supported at 206 packages.
Compare with Debian Project Etch 18733 packages and Lenny 24K+ supported packages at Stable and Testing repositories to realize the amount of work involved.
And the responsibility.
Regards.
Andre Felipe Machado
Andre, those are very good points, indeed.
It seems to be quite an effort to support any release for many years. You have many people who always want the latest of everything and others who would rather never update ...
I wonder how end-of-life for Sarge affected updates for Ubuntu Dapper ... couldn't have helped.