This article is more than 1 year old
Welcome to life in the Fossa lane: Ubuntu 20.04 let out of cage and Shuttleworth claims Canonical now 'commercially self sustaining'
WireGuard VPN, more Snap, and hints about a GUI for WSL
Canonical has unleashed Ubuntu 20.04, the first LTS (Long term support) release since 18.04, Bionic Beaver, two years ago, and its CEO and Ubuntu desktop chief have spoken a bit about what's under the lid.
Ubuntu 20.04 will be supported until April 2025, for the Desktop, Server and Ubuntu Core editions, and other flavours for three years. Businesses can also get Extended Security Maintenance for 10 years of support. It is built on Linux 5.4, which is also a long-term support release.
In a press briefing attended by The Reg, Canonical founder and CEO Mark Shuttleworth stated that: “This has been a very big year for Ubuntu and for Canonical, it is the year where Ubuntu became commercially self-sustaining.”
He also added in response to a question: “We’re well past the point where Ubuntu itself and all the supporting systems and infrastructure are dependent on me. If I were to meet my maker tomorrow, Ubuntu continues in the very capable hands of the team in Canonical, and the community.”
Does Canonical still plan to become a public company? “That continues to be our plan of record,” said Shuttleworth. “We are taking a cautious posture this year, because it’s difficult to predict the impact [of COVID-19] on all our customers. I will say that our strength is in public cloud, and the public clouds have seen tremendous demand over the last few months.” He also stated that during the crisis, Canonical is “able to continue and to have no disruption in the delivery of Ubuntu.”
Integration and security
Linux is unlike proprietary operating systems in that a release is composed of multiple independent open source projects. “We integrate thousands of pieces of software from across the open source spectrum,” said Shuttleworth. He said it is a matter of focus, highlighting work supporting AMD’s Secure Encrypted Virtualization (SEV) and on mainframes, IBM’s z15 Secure Execution for Linux.
IBM’s system is the most secure, he opined. “Even if you have complete physical access to the mainframe, you will not be able to get into the virtual machines that are run in this way.”
He also mentioned integration with public cloud security features like AWS Security Hub and CloudTrail, and Azure Security Center and Azure Monitor. Shuttleworth also said that there is increasing demand for Ceph software-defined storage, mentioning that the Cambridge-based Sanger Institute, which he described as “one of the largest users of storage for informatics purposes in the world,” is migrating its storage to Ceph.
The WireGuard VPN protocol is another key feature. “It is built into Ubuntu [20.04] at the kernel level,” he said, “but we will also be back-porting WireGuard to 18.04 and possibly other earlier releases. There is a network effect of security if we can enable WireGuard across existing machines.”
Why WireGuard? “It limits you to much newer and more secure cryptographic protocols, and because it’s implemented in the kernel it has a lower footprint and better performance.” The backport of WireGuard will be done by updating the 18.04 kernel to Linux 5.4.
Shuttleworth also talked up the Snap package management system and store. The Snap Store is now the default tool for finding and installing packages. A Snap is a container-like technology designed to be a more secure and reliable means of installing applications, at the expense of larger package size. “There are now more than 6000 applications available and almost all of them benefit from system security capabilities that are wrapped around all Snap applications,” he said.
Canonical is attempting to reassure enterprise customers about the security of open source software by extending its Extended Security Maintenance commitment with the inclusion of packages in its Universe repository as well as Main. It’s a commitment to “a full 10 years of coverage for all packages in Ubuntu and to cover the remaining 30,000 packages that we never previously covered with security updates,” he said.
There is an issue, though, with Snaps and security updates. “The approach we take with Snaps is, let’s hide the box that the application runs in, but delegate responsibility for the application itself to the upstream vendor. So we in many cases can’t fix the application inside the Snap. We can remove malicious applications, both from the Snap store and from any affected devices. But we can’t patch that application unless we have a prior arrangement with the Snap, which in some cases we do.” This problem sounds like work in progress.
Year of Linux on the desktop?
On the desktop side, Martin Wimpress, director of engineering for desktop and WSL (Windows Subsystem for Linux) said that Dell, HP and Lenovo will have certified hardware for Ubuntu and that “device-specific enablement” will be automatically installed on certified devices. He also said that enterprise support will now be extended to Ubuntu running on Windows 10 via WSL. WSL offers a choice of distros, but according to Wimpress, “Ubuntu is overwhelmingly the number one choice for WSL.”
Snap in WSL? “That is something we’re actively collaborating with Microsoft on,” said Wimpress. Ubuntu 20.04 will go live on WSL today, according to Canonical developer advocate Hayden Barnes on Twitter.
What about running GUI desktop application on WSL? “This is an area of growing customer demand and something we are keen to collaborate with Microsoft on delivering,” Wimpress told us.
He also said that “we're working with Microsoft to drive the WSL roadmap and exciting new features will be unveiled at Microsoft Build,” which begins on May 19th.
Might that include GUI support? Nobody will say, but such a development would be interesting as it would extend the reach of Linux desktop application and allow users an easy comparison between Linux and Windows applications.
Shuttleworth is also keen on WSL, especially since the new 2.0 incarnation which includes a full Linux kernel. “The interesting story is how do use things like Snaps to provide services to the Windows desktop and server environment as if they were Windows processes … to make them feel local to the Windows system,” he said. “We want to make sure that people are able to get access to everything that Ubuntu gives them in the WSL environment. I don’t think any of us know quite where it will go.”
The year of Linux on the desktop? It is not panning out in the way the first users of that phrase expected, back in the 1990s, but if you count WSL 2, it must be 2020.®