Today, Canonical announced the general availability of Legacy Support, an Ubuntu Pro add-on that expands security and support coverage for Ubuntu LTS releases to 12 years. The add-on will be available for Ubuntu 14.04 LTS onwards.
Long term supported Ubuntu releases get five years of standard security maintenance on the main Ubuntu repository. Ubuntu Pro expands that commitment to 10 years on both the main and universe repositories, providing enterprises and end users alike access to a vast secure open source software library. The subscription also comes with a phone and ticket support tier. Ubuntu Pro paying customers can purchase an extra two years of security maintenance and support with the new Legacy Support add-on.
↫ Canonical blog
Assuming all of this respects the open source licenses of the countless software packages that make up Ubuntu, this seems like a reasonable way to offer quite a long support lifecycle for those that really need it. Such support doesn’t come free, and it I think it’s entirely reasonable to try and get compensated for the work required in maintaining that level of support for 10 or 12 years.
If you want this kind of longevity from your Linux installation without paying for it, you’ll have to maintain it yourself. Seems reasonable to me.
Being open-source, i’m sure all the bits to maintain an Ubuntu 14.04 install will be available publicly. If you’re competent, you can use all the bits to keep your own legacy install going for that 10-12 year patch window.
The paid bit comes with technical support though. Keeping root certs valid, making sure hardware is 100% supported before applying patches, potentially prioritised custom bug fixes/patches. There’s a lot that comes with maintaining an OS that doesn’t just consist of applying security patches.
Source packages do not need to be publicly available, it is sufficient to make them available to paying customers. This was the case at the beginning of the ESM service for version 12.04 before ESM was made available gratis for versions 14.04 and later. Nevertheless, it is technically possible today to obtain a complete set of the ESM 12.04 repository using authorization from 14.04, it only requires some gymnastics with the parameters of the debmirror script and modification of the script itself. It is publicly described and can be found.
niebuszewo,
That is true, but it does make me wonder if ubuntu intend to follow IBM/redhat in adding further downstream redistribution restrictions in defiance of the GPL’s language.
To be clear, I haven’t seen any indication they would, but if this trend spreads and it is found that corporations are effectively able to add their own redistribution restrictions to GPL software. It might completely upend the open source model as we’ve known it for decades. We may end up in a scenario where corporations are taking open source work developed by 3rd parties, selling it as part of a new open source work (which is permitted), and then take punitive actions against others who re-sharing the open source code under the terms expressly granted to them in the GPL.
It’s admittedly a complex issue, and I’ve always conceded the challenges of getting paid. However I don’t want to see FOSS turn into a minefield with end user rights breaking down with new conflicting restrictions. Large FOSS companies like Ubuntu and RH are dominant in the market and could enforce their downstream restrictions much more forcefully than the little guys. It’s the little FOSS projects who are going to get screwed as the big corporations take their work but won’t share back. I hope this doesn’t become the end game for FOSS.
Rocky Linux has 10 years of support for free.