Free ubuntu pro plan

UPDATE:

I think I got it now :

I disabled livepatch thus:

sudo canonical-livepatch disable
Successfully disabled device. Removed machine-token: [long machine token]

Afterwards I checked the status of the ubuntu pro plan:

sudo ua status
SERVICE          ENTITLED  STATUS    DESCRIPTION
esm-infra        yes       enabled   Expanded Security Maintenance for Infrastructure
fips             yes       disabled  NIST-certified core packages
fips-updates     yes       disabled  NIST-certified core packages with priority security updates
livepatch        yes       disabled  Canonical Livepatch service
usg              yes       disabled  Security compliance and audit tools

Enable services with: pro enable <service>

Account: [my account]
Subscription: Ubuntu Pro - free personal subscription

… which leaves esm-infra (Expanded Security Maintenance for Infrastructure) enabled.
I guess that´s what I wanted to achieve in the first place (10 years support of security updates).

canonical-livepatch remains being installed as snap though.
Well, it´s only disabled after all.

Many greetings to all of you.
Rosika

Hi again,

now that I have enabled the ubuntu pro plan I thought I´d take a look at the security status to see if there are any changes:

ubuntu-security-status
2794 packages installed, of which:
1797 receive package updates with LTS until 4/2025
   2 packages are from third parties
   2 packages are no longer available for download

Packages from third parties are not provided by the official Ubuntu
archive, for example packages from Personal Package Archives in
Launchpad.
For more information on the packages, run 'ubuntu-security-status
--thirdparty'.

Packages that are not available for download may be left over from a
previous release of Ubuntu, may have been installed directly from a
.deb file, or are from a source which has been disabled.
For more information on the packages, run 'ubuntu-security-status
--unavailable'.

Oh, I would´ve thought the changes I´ve applied would be reflected here.

It seems not.
The LTS updates are still listed with “4/2025” as axpiration date.

So I looked at the ua status once again, just to be sure:

sudo ua status
SERVICE          ENTITLED  STATUS    DESCRIPTION
esm-infra        yes       enabled   Expanded Security Maintenance for Infrastructure
[...]

So the 10 years support is enabled.

Not sure what to make of it. I guess I´ll have to believe what security status tells me.

Many greetings
Rosika

Hi all,

in the meantime I also posted the topic in the Lubuntu forum ( Question regarding free ubuntu pro plan - Lubuntu Support - Lubuntu Discourse)
in order to gain even more info regarding Lubuntu in particular.

Member apt-ghetto in fact did shed a lot of light on how things work in the background.
So, for anyone interested I´d like to post the most important findigs here:

The Ubuntu Pro plan covers only security patches. Whether a fix is related to security is not always clear.

That Canonical is delivering security patches for LTS releases for 10 years is

1. surprising
2. unclear which packages of “universe” are part of this initiative?

What does it mean to deliver security patches for several LTS versions for 10 years?
It means Canonical has a lot of (paid and unpaid) packagers, which are able to create patches, that only contain the security fix. Then there are a lot of testers, which are testing and reviewing the patches. And Canonical must also have a lot of security experts (they cost a lot and they are hard to find on the market [but if Canonical has a lot of them, then it is clear, why all the other companies have problems to find security experts]).

For Canonical as a company it makes sense to deliver 10 years of security patches to paying customers. But only for enterprise customers that are using wide-spread server applications (e.g. mariadb). It does not make sense for “private users” which are using the desktop version at home.

What does it mean for Lubuntu?
Lubuntu is a small project who is delivering the LXQt packages to the Ubuntu world. Because it is a small team, Lubuntu supports the delivered packages for 3 years for LTS versions.

The upstream LXQt project is unfortunately not a good upstream for stable releases (some of the LXQt project members do not seem to know what “stable release” means). They are sporadically releasing a new release. And when a new LXQt upstream release is there, the previous release is now “old” and unmaintained. If you have a problem in your “old” release, they sometimes help you to find the problem, sometimes they don’t. But they never release a fixed “old” release. That makes the life of Lubuntu a lot harder.

Let’s assume LXQt is releasing (fictive) version 3.5.6.1 with “a critical security fix in libfm-qt” in the year 2026, written for (let’s say) Qt7. Let’s further assume one of the Canonical “Ubuntu Pro” employees hears about that. It would then require, that one or more employees of Canonical are reviewing the fixed version to understand the security problem and how it is fixed (and in reality security experts would further inspect the code to better understand, whether the error was really fixed or more “workarounded”).
If everything looks correct and worth to deliver a security patch for libfm-qt, the real fun starts:
Canonical has to extract the security fix. Then Canonical has to check the code of libfm-qt in version 0.14.1 with the used Qt5 version. And the patches need to be tested…

I have some doubts, that LXQt patches are part of the “Ubuntu Pro” plan.

Many greetings from Rosika

UPDATE:

Hi all,

as Lubuntu Member ArrayBolt3 pointed out here :

esm-infra is only the Main packages.
You have to enable esm-apps as well if you want updates in Universe packages.
You enable those by running sudo pro enable esm-apps --beta.

(bold by me)

I now added that as well.

Now I get the following output:

sudo ua status
SERVICE          ENTITLED  STATUS    DESCRIPTION
esm-apps         yes       enabled   Expanded Security Maintenance for Applications
esm-infra        yes       enabled   Expanded Security Maintenance for Infrastructure
fips             yes       disabled  NIST-certified core packages
fips-updates     yes       disabled  NIST-certified core packages with priority security updates
livepatch        yes       disabled  Canonical Livepatch service
usg              yes       disabled  Security compliance and audit tools

Enable services with: pro enable <service>

     Account: abelschreck@gmx.de
Subscription: Ubuntu Pro - free personal subscription

That looks better now.
And ubuntu-security-status also looks very much better:

ubuntu-security-status
2799 packages installed, of which:
1802 receive package updates with LTS until 4/2025
 993 are receiving security updates with ESM Apps until 4/2030
   2 packages are from third parties
   2 packages are no longer available for download

Packages from third parties are not provided by the official Ubuntu
archive, for example packages from Personal Package Archives in
Launchpad.
For more information on the packages, run 'ubuntu-security-status
--thirdparty'.

Packages that are not available for download may be left over from a
previous release of Ubuntu, may have been installed directly from a
.deb file, or are from a source which has been disabled.
For more information on the packages, run 'ubuntu-security-status
--unavailable'.

So I added up:

bc -l
bc 1.07.1
Copyright 1991-1994, 1997, 1998, 2000, 2004, 2006, 2008, 2012-2017 Free Software Foundation, Inc.
This is free software with ABSOLUTELY NO WARRANTY.
For details type `warranty'. 
993+1802
2795

… which means 2795 packages out of 2799 installed ones would receive security updates till at least 4/2025 … if I´m not completely mistaken.

It seems even if I don´t do a fresh Lubuntu install next April my system (hopefully) won´t be exposed to security-related dangers …

Many greetings to all of you.
Rosika

Hi all,

for anyone interested …

in the meantime I attached a 2nd machine to the ubuntu pro plan: my BodhiLinux VM.
This one is:

lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Bodhi Linux 5
Release:        18.04
Codename:       bionic

and it´s still a 32 bit OS.
But here everything works as well.

sudo pro status
WARNING:root:failed to process /proc/version_signature.
SERVICE          ENTITLED  STATUS    DESCRIPTION
esm-apps         yes       enabled   Expanded Security Maintenance for Applications
esm-infra        yes       enabled   Expanded Security Maintenance for Infrastructure

Enable services with: pro enable <service>

     Account: [my account]
Subscription: Ubuntu Pro - free personal subscription

The command ubuntu-support-status however still shows next April as support end for main packages :

ubuntu-support-status
Support status summary of 'rosika2-Standard-PC-i440FX-PIIX-1996':

You have 1263 packages (70.4%) supported until April 2023 (Canonical - 5y)

You have 1 packages (0.1%) that can not/no-longer be downloaded
You have 531 packages (29.6%) that are unsupported


Run with --show-unsupported, --show-supported or --show-all to see more details

Looking a bit around I found the explanation on Understanding the output of ubuntu-security-status - Ask Ubuntu

In contrast to my main system Lubuntu 20.04, which uses the command ubuntu-security-status, Bodhi 18.04 doesn´t know this command but uses ubuntu-support-status.
They don´t behave exactly the same.

On the askubuntu-page it says:

ubuntu-security-status is not ESM aware. It is referring to regular updates and not security patches.

The main thing seems to be:

If ESM is enabled, you can check status with sudo ua status, and a new feature on ua

So I did the following:

sudo ua security-status --format yaml
WARNING:root:failed to process /proc/version_signature.
_schema_version: '0.1'
livepatch:
  fixed_cves: []
packages: []
summary:
  num_esm_apps_packages: 20
  num_esm_apps_updates: 0
  num_esm_infra_packages: 0
  num_esm_infra_updates: 0
  num_installed_packages: 1795
  num_main_packages: 1266
  num_multiverse_packages: 5
  num_restricted_packages: 0
  num_standard_security_updates: 0
  num_third_party_packages: 52
  num_universe_packages: 451
  num_unknown_packages: 1
  ua:
    attached: true
    enabled_services:
    - esm-apps
    - esm-infra
    entitled_services:
    - esm-apps
    - esm-infra

Well, I guess it looks good so far…

Many greetings from Rosika

Hi Rosika,
I am somewhat amazed that you have to endure all this complication, just to get support that should be there in the first place. I suppose it is a fact of life these days… everything needs support because nothing is perfect.
Regards
Neville

Hi Neville,

thanks for your kind comment.

Well, using Lubuntu (which is an official derivative of Ubuntu) I get the support I need - hopefully - for 3 years.
That´s in contrast to Ubuntu itself which covers 5 years.

I activated the ubuntu pro plan just an experiment.

As nice as it looks I very much fear it´s not all sunshine for me as the comments from Member apt-ghetto of the lubuntu-forum (see my post #23) point out, the gist of it being:

Oh well, at any rate I guess being part of the ubuntu pro plan is better than nothing.
At least it seems it won´t do any harm if I do a fresh install some time after April next…
PLus: it´s certainly a benefit for my BodhiLinux vm.

Many greetings from Rosika

I want to use Ubuntu for a free trial for my music website. Does anyone guide me on this?

Hi @trendsza ,
Ubuntu is free.
The easiest way to trial it is to use a live Ubuntu system on a DVD or an USB flash drive.

Regards
Neville

Hi, i read your post about ubuntu pro on Bodhi 18.04 32 bit, and have same problem with root:failed to process /proc/version_signature. and can’t open my Bodhi for a few days,

Have a solution about this ?

Hi @adriana,

welcome to the community.

Hmm, that seems a bit odd …

Normally the message regarding

wouldn´t have anything to do with Bodhi not booting or “opening” as you put it. To me it seems not to be an error message but just a warning.

As far as your problem is concerned: do you run Bodhi Linux as a virtual machine or is it installed as your productive system?

Many greetings

Rosika