Ubuntu might well be doing the unthinkable─making its Linux distribution even more secure. That is pure, unadulterated crazy talk. How on earth does Canonical plan on making the platform that’s known to be one of the most secure on the planet even more secure?
By dumping .deb packages.
Canonical has a plan, and it involves Snappy. What is Snappy? At the moment, Snappy comes in one flavor─Snappy Core─a transactionally updated Ubuntu core that’s used to serve up virtual environments. With the release of Ubuntu 15.10, Canonical is considering a new technology, Snappy Personal. What this means is that the new images (for 15.10) will be based on the Snappy technology and won’t rely on images built with .deb packages.
If you’re confused, fear not, because you’re in good company. Snappy Personal is slotted to take the place of Desktop Next. If you’ve been following Ubuntu, you know that Next is the iteration of Ubuntu that will feature Unity 8 and Mir, which will power desktops, phones, and tablets. Snappy Personal will be the desktop image that will install Ubuntu 15.10 (if it arrives in time for that release) that’s built with said Unity 8 and Mir.
The difference between this upcoming release and previous releases is that the image will be built with Debian .deb files and then packaged in such a way to isolate the Snappy packages from all others. In fact, Canonical is considering a sort of sandbox approach to the platform, such that applications installed after the operating system will be separate from the applications that make up Snappy Personal. This will have some very important effects on the platform:
- Should you install a package that might break a core dependency, the OS will not be affected
- OS upgrade success will be guaranteed
- Increase the security of the platform
- Snappy packages can more easily be rolled back if something goes wrong
- No need for PPAs to get latest releases of software
- “Snaps” (Snappy packages) will be universal for both desktop and phones
This is big, especially considering the frequency of Ubuntu upgrades. Imagine being able to upgrade to the latest release every six months, knowing the upgrade will succeed. Of course, this doesn’t mean all post-os-install applications will always be held in isolation. Canonical will give developers plenty of time and opportunity to port their apps into Snappy Personal. According to the Ubuntu developers, it’s actually easier to create a Snappy package than a Debian package. That, of course, is yet to be seen, as none of this has become a reality. And like Ubuntu Next, Snappy Personal could easily wind up getting pushed back to later releases.
As for security? You’ll be looking at an official, vetted image of Ubuntu that works with confined packages that non-Snappy packages can’t touch.
Changes for users?
What does this mean for users of Ubuntu? Thankfully, Canonical is doing everything it can to ensure end users are not confused or displeased with the new direction. Canonical plans on releasing both a traditional .deb-based image alongside the Snappy-based image. That means you can stick to the traditional ISO or opt for the more reliable, secure Snappy image.
Another change for the user is that, with Ubuntu migrating to Snappy, it could offer more up-to-date versions of packages more quickly. Instead of having to add PPAs to a system to get the latest release of LibreOffice, Gimp, etc., the Snappy updates will contain those latest and greatest packages. In fact, with Snappy Personal, PPAs will be a thing of the past.
The big question, at least for me, is how does Ubuntu plan on indicating Snappy vs. non-Snappy apps in the Ubuntu Software Center (USC)? Will this double up on the amount of software packages, will Ubuntu create a Snappy Center within the USC, or will only Snappy packages be available for a Snappy-based image and non-Snappy packages be available for the traditional releases? This, of course, is all transitional, as Canonical plans on eventually jettisoning the non-Snappy packaging all together and only issuing Snappy-based images. Although images will be built with Debian’s .deb system, once Ubuntu is released, it will be all Snappy packages, all the time.
As Ubuntu drifts into unfamiliar territory with this massive change in package management, will users remain, or will this be the straw that broke the camel’s back? From my perspective, the pros of Snappy Personal far outweigh the cons.
What about you? Will you stick with Ubuntu once the platform has switched to Snappy, or will you seek out a new Linux distribution to meet your needs? Let us know your thoughts in the discussion thread below.