Ubuntu has too many problems for me to want to run it. However, it has occurred to me that there aren’t a lot of distros that are like the Ubuntu LTS.

Basic requirements for a LTS:

  • at least 2 years of support
  • semi recent versions of applications like Chrome and Firefox (might consider flatpak)
  • a stable experience that isn’t buggy
  • fast security updates

Distros considered:

  • Debian (stable)
  • Rocky Linux
  • openSUSE
  • Cent OS stream
  • Fedora

As far as I can tell none of the options listed are quite suitable. They are either to unstable or way to out of date. I like Rocky Linux but it doesn’t seem to be desktop focused as far as I can tell. I would use Debian but Debian doesn’t have the greatest security defaults. (No selinux profiles out of the box)

  • barbara@lemmy.ml
    link
    fedilink
    arrow-up
    47
    arrow-down
    2
    ·
    8 months ago

    Tbo, that’s a little bit to little research you provided considering you want to use it for work.

    E.g. why do you need more than 2 years of support for a workstation?

    Stating that debian isn’t secure enough really confuses me as it is one of the most solid distros out there.

    • Coolcoder360@lemmy.world
      link
      fedilink
      arrow-up
      14
      arrow-down
      1
      ·
      8 months ago

      Agree, also confused because Debian seemed to get security updates rather frequently when I’ve used it.

      That’s like their whole thing, stable and security updates. I would be curious if there are examples of exploits that weren’t patched quickly on Debian stable.

    • JWBananas@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      1
      ·
      8 months ago

      E.g. why do you need more than 2 years of support for a workstation?

      Enterprise isn’t rolling out the new release on release day.

      Enterprise is waiting until the “.1” release so that the most glaring bugs can be identified and resolved. And enterprise is doing gradual rollouts after that, with validation, training, hardware refreshes, etc.

      For a release with only two years of security updates, it would not be surprising for a given enterprise to only have the chance to take advantage of, at most, one year of them.

      A two-year LTS release cadence with a five-year tail of support and security updates is much more practical. That leaves enough overlap in support for enterprises to maintain their own two-year refresh cadence without having to go through periods without security updates and support.

      Stating that debian isn’t secure enough really confuses me as it is one of the most solid distros out there.

      Where is the toggle to enable NIST-certified FIPS compliance in Debian? On Ubuntu you just enable it using the pro client and reboot.

    • Possibly linux@lemmy.zipOP
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      3
      ·
      8 months ago

      Debian makes it a little tricky to meet security standards. It isn’t insecure from lack of updates but it doesn’t ship with selinux out of the box.

  • Bitrot@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    24
    arrow-down
    1
    ·
    8 months ago

    Mint is built on Ubuntu LTS but removes some of the problematic bits, it has a recent Firefox and Chrome is of course available, Fletpak support is also integrated.

    I’ve run Alma and RHEL as a desktop and it was fine, my main use case was “like Fedora but stable” (more than a year of support). However the repositories are very limited, even with EPEL and third parties, so it eventually irked me enough to switch away. Also no btrfs support without replacing the kernel and adding support from third party places.

      • embed_me@programming.dev
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        8 months ago

        Not officially, you can install it separately but you’ll probably have to tie up some loose ends (haven’t tried)

        You can look into Fedora if you want a good gnome experience or Debian if you prefer. The latter will have an old gnome version.

    • jakepi@beehaw.org
      link
      fedilink
      arrow-up
      4
      ·
      8 months ago

      Debian Testing + flatpak

      Testing is shockingly stable, kind of up to date, and rolling. Since you will use Flatpak for all your apps it really removes a lot of risk that dependencies will break an app.

      I use this combo as my daily driver for my work PC, knock on wood it’s been super solid!

      • dino@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        1
        ·
        8 months ago

        I also use Debian Testing as a work computer. But I am used to more bleeding edge distros. So if somebody strives for rock solidness, I think default debian stable is even a better choice.

  • fogzot@lemmy.ml
    link
    fedilink
    arrow-up
    13
    ·
    8 months ago

    For a desktop I’d use Debian + Gnome (you won’t get cutting edge on stable but it is not that important) and flatpack for most of the apps. Sincerely I don’t see why selinux is so important on a workstation.

    • lemmyvore@feddit.nl
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      8 months ago

      I find it interesting that people think things like selinux aren’t important, but at the same time appreciate(?) the isolation in flatpak or wayland.

      • ReversalHatchery@beehaw.org
        link
        fedilink
        English
        arrow-up
        1
        ·
        8 months ago

        The reason I don’t like selinux is that it’s quite complicated.
        I don’t like flatpak, prefer wayland, but also apparmor, even if I haven’t used that much yet.

  • exanime@lemmy.today
    link
    fedilink
    arrow-up
    13
    arrow-down
    1
    ·
    edit-2
    8 months ago

    As far as I can tell none of the options listed are quite suitable. They are either to unstable or way to out of date. I like Rocky Linux but it doesn’t seem to be desktop focused as far as I can tell. I would use Debian but Debian doesn’t have the greatest security defaults. (No selinux profiles out of the box)

    Check your requirements … I get that you may need 2 year support and you cannot control that, but are you really going to dismiss one of the greatest Linux distros of all time because the “defaults” are not to your liking? You know you can configure it however you want after the installation right?

    If you are going to value stability and nice wallpaper with the same importance, you’ll never find a “quite suitable” match

  • KISSmyOSFeddit@lemmy.world
    link
    fedilink
    arrow-up
    12
    ·
    edit-2
    8 months ago

    If you want to run Linux on enterprise workstations and expect enterprise level release cycles and support durations, you’re not shopping for one of the free (as in beer) distros.
    SUSE Linux Enterprise Desktop is the best offering. It comes with 7 years of standard support and another 3 years of extended support.

  • PanaX@lemmy.ml
    link
    fedilink
    arrow-up
    11
    ·
    8 months ago

    I’ve found a nice home with Mint Debian edition. It has the right balance between stable and current that I prefer.

  • breadsmasher@lemmy.world
    link
    fedilink
    English
    arrow-up
    11
    ·
    8 months ago

    Enterprise environment in what sense, desktop or server deployment?

    I ask because I wouldn’t want a “semi recent … Chrome or Firefox” installed on a production server

  • Mactan@lemmy.ml
    link
    fedilink
    arrow-up
    10
    arrow-down
    1
    ·
    8 months ago

    what is the actual use case of LTS on regular desktop non-workstation anyway?

      • Presi300@lemmy.world
        link
        fedilink
        English
        arrow-up
        11
        arrow-down
        7
        ·
        edit-2
        8 months ago

        Except, that older versions of desktop environments tend to be less stable…

        • Shareni@programming.dev
          link
          fedilink
          arrow-up
          10
          ·
          8 months ago

          Stable in the Linux world means that it doesn’t change often, not that it never has anything wrong with it. That means that if you come across a bug, it’s most likely well researched and has solutions. When you use a bleeding edge distro you’re left to your own troubleshooting skills or begging for help.

            • DefederateLemmyMl@feddit.nl
              link
              fedilink
              English
              arrow-up
              13
              arrow-down
              1
              ·
              edit-2
              8 months ago

              That’s a you problem. Your interpretation is wrong.

              Quoting from the Debian Manual:

              This is what Debian’s Stable name means: that, once released, the operating system remains relatively unchanging over time.

            • LeFantome@programming.dev
              link
              fedilink
              arrow-up
              2
              ·
              edit-2
              8 months ago

              I am not going to say that you are wrong. Make your own choices.

              For words to be useful though, they have to mean the same thing for the person sharing them and the person receiving them. Definitions matter.

              In the Linux community, “stable” means not changing. It is not a statement about quality or reliability. The others words you used, “buggy” and “broken”, are better quality references.

              Again, you do you. But expect “the community” to reinforce their definitions because common understanding is essential if something like Lemmy is going to work.

        • Tattorack@lemmy.world
          link
          fedilink
          arrow-up
          5
          ·
          8 months ago

          Cutting edge versions aren’t stable either. You’re essentially a beta tester for new features that may end up in an LTS release.

          I’d rather have an LTS release where things have generally been tested well enough to warrant an LTS release.

          • azvasKvklenko@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            2
            ·
            8 months ago

            I’d say it depends and it’s mostly just a theory that applies in some cases (like with kernel, critical infrastructure, server software) but usually desktop stack in LTS is just stinky old, which doesn’t make it any more stable, in some cases less stable.

            Usually desktop environments are locked to some old versions and in theory fixes should get applied by the distro maintainers. In practice, actual developers behind desktops long moved on and don’t support it, bugs can only be fixed by huge code rework and it can’t be easily applied on top of old version (or can introduce new bugs and require testing). You end up with bugs that were fixed in upstream like 2 years ago and you will only get it improved upon new LTS upgrade cycle.

            For example, LTS absolutely sucks for Plasma, because for last few years, each version is less and less buggy. On Debian/Ubuntu you won’t even get current version as they release the new OS, let alone recent inprovement

    • Shareni@programming.dev
      link
      fedilink
      arrow-up
      7
      arrow-down
      2
      ·
      8 months ago

      Is the system working after the install? If yes, it’ll work for years until the next version and you don’t need to worry about it. With rolling release every update can mess up your system.

      • Mactan@lemmy.ml
        link
        fedilink
        arrow-up
        1
        ·
        8 months ago

        it’s software, every update can mess up your system. your only guaranteed good media is the install ISO, after that it’s only as good as the packager, even for LTS

        • Shareni@programming.dev
          link
          fedilink
          arrow-up
          2
          ·
          8 months ago

          If you’re going to be pedantic, not even an ISO is guaranteed to work perfectly. The point is that a security patch is far less likely to cause issues than some random release. And that’s even before going into broken releases like GRUB on arch.

          • Mactan@lemmy.ml
            link
            fedilink
            arrow-up
            1
            ·
            8 months ago

            LTS ISO aren’t guaranteed to work? isn’t that the point, install once and run forever?

            • Shareni@programming.dev
              link
              fedilink
              arrow-up
              1
              ·
              8 months ago

              That’s why I started my first comment with:

              Is the system working after the install?

              Linux devs aren’t magic men who can test an absurd number of hardware combinations. Also, they depend on package maintainers to release a non-security fix before they start freezing packages and testing them.

              The point is that if there’s an issue, it’s well researched and you can usually easily find a solution as people have been having that same issue for the last few years.

  • LeFantome@programming.dev
    link
    fedilink
    arrow-up
    8
    ·
    edit-2
    8 months ago

    As suggested elsewhere, I think your requirements map quite well to Linux Mint. I prefer the Debian Edition but it has a shorter support window ( not LTS ).

    If you want / need selinux then you may prefer the RHEL camp. Others have proposed Rocky. I would do Alma ( especially given your security focus ). Either way, the desktop software is going to be ancient and package selection limited. One solution is Flatpak. Another is distrobox.

    An Alma desktop with applications coming from an Arch install via Distrobox would be the best of both worlds. The desktop and overall environment would be rock stable, secure, and boring. Yet the library of applications would be huge and, once installed, they would stay very up-to-date.”

    SELinux is available on Debian though: https://reintech.io/blog/securing-debian-12-with-selinux

  • pathief@lemmy.world
    link
    fedilink
    arrow-up
    8
    arrow-down
    1
    ·
    8 months ago

    What problems do you have on Ubuntu? What software is too out of date? Why do you need LTS for a workstation?

  • Shareni@programming.dev
    link
    fedilink
    arrow-up
    7
    ·
    edit-2
    8 months ago

    They are either to unstable or way to out of date.

    Just use flatpak/appimage/distrobox/nix. Half of my packages are Debian stable (MX), the other half are nix unstable.

    Debian doesn’t have the greatest security defaults. (No selinux profiles out of the box)

    It does have apparmor though. If you need selinux specifically, then that’s going to limit your choices to like RH and Suse distros.