Uhh what? Isn't it's largest target cloud/server distro deployment?
> Ubuntu's root certificate store is constantly outdated
Uhh for me cacerts updates what twice a year? Certainly it's a lot easier for me to keep it updated on ubuntu than rhel/centos.
>Their apparmor configuration lags behind, ... whatever is good they usually inherit from Debian.
Apparmor and SELinux are objective failures for the most part. The entire point of snap/flatpaks is to hide away the nonsense configuration in favor of an actual permission model. I would say snaps are actually enabling apparmor to be used and enforced unlike the generic apparmor profiles generated.
>Jason Donenfeld, the creator of Wireguard said about Ubuntu on the latest¹ SCW podcast:
What specific aspects is he referring to here? Wireguard has been baked into the kernel. I can understand packaging updates being a mess, and updating universe/lts but that is problematic for every Linux OS out there.
This is precisely why snaps were introduced. You now have apparmor/seccompf enforced permission model and an easy way for developers to directly push to multiple Ubuntu versions without having to worry about OS compatibility.
