Linux software developer Canonical Ltd. has announced a major update to the Ubuntu operating system that runs in thousands of data center servers and on millions of personal computers around the world.
Today’s update beefs up Ubuntu’s security and introduces a refreshed App Store, among other new capabilities. Ubuntu is one of the most widely used versions of Linux and is especially popular with large enterprises, which use the software to power all kinds of public cloud environments and business applications.
With the release of Ubuntu 23.10, codenamed “Mantic Minotaur,” Canonical says, it’s raising the bar in terms of what “secure by default” means for the operating system, with improved security features across the entire stack. One of the new updates includes preview support for hardware-backed full-disk encryption, where the encryption keys are stored within a Trusted Platform Module and automatically recovered by authenticated boot software. The update is designed to achieve a better balance between device security and manageability, Canonical said.
Besides TPM-backed full-disk encryption, Canonical has also introduced a change to the Ubuntu kernel to address a common exploit path involving unprivileged user namespaces. They’re normally used by applications such as browsers to create secure sandboxes, but can sometimes expose kernel interfaces that are normally restricted to processes with root privileges. This is a big security flaw, and to resolve this, Ubuntu’s kernel now requires applications to use an AppArmor profile to use unprivileged user namespaces, reducing the potential attack surface.
On the app discovery side, Canonical has revamped Ubuntu’s App Center with a more intuitive user interface that supports both snap and deb package formats, making it easier to discover new applications. “All applications published on the Snap Store go through strict security reviews to ensure that only necessary permissions are enabled by default,” the company explained. “A robust signature verification process also ensures that the Snaps cannot be modified by anyone but the publisher.”
Another big change is the addition of support for Raspberry Pi 5 and SiFive Inc.’s HiFive Pro P550, expanding the number of platforms that can run the operating system. Raspberry Pi 5 is the latest version of the popular, credit card-size computer that’s used for educational purposes. Meanwhile, HiFive Pro P550 is the latest version of SiFive’s RISC-V development platform, used by developers to build and test applications geared toward the alternative RISC-V processor architecture.
To deliver a more seamless networking experience for Ubuntu PC deployments, Canonical said the operating system now supports Netplan, which is a declarative network configuration tool that runs on Ubuntu Server. Meanwhile, for admins who manage combined Windows and Ubuntu desktop fleets, ADsys, the Active Directory Group Policy client for Ubuntu, now supports machine certificate auto-enrollment from Microsoft Corp.’s Active Directory Certificate Services.
Also on the fleet management side, Canonical said the Ubuntu Pro client now comes with a simplified Landscape enrollment wizard that provides additional guidance for bulk registrations, streamlining deployments at scale.
Finally, Canonical said Ubuntu 23.10 comes with the latest version of Docker, 24.0.5, together with the popular docker-buildx and docker-compose-v2 plugins, helping to ease the maintenance of development environments built on Ubuntu.
Canonical said Ubuntu 23.10 is available to download and install globally starting today from its website.
Your vote of support is important to us and it helps us keep the content FREE.
One-click below supports our mission to provide free, deep and relevant content.
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.