Ubuntu 23.10 released with new Ubuntu App Center and security improvements
Canonical released Ubuntu 23.10, codename Mantic Minotaur, to the public. The new release of the Linux distribution introduces a large number of changes, including an upgrade to Linux kernel 6.5, a new Ubuntu App Center, support for TMP-backed full-disk encryption, a standalone firmware updater, support for new hardware, including Raspberry Pi 6, and more.
Desktop users find the new version listed on the official download page on the Ubuntu website already. Only the legacy ISO is available at the time, as the maintainers address a last-minute issue in the official Ubuntu Desktop 23.10 and Ubuntu Budgie 23.10 releases.
Upgrading to Ubuntu 23.10
Existing Ubuntu desktop users may receive prompts when the upgrade is available. These prompts should be displayed a few days after the official release announcement. Users may speed this up by checking for updates manually.
It is recommended to run the following commands to make sure that software is up to date before proceeding with the installation of the new Ubuntu version. On a terminal window, run the following commands:
- sudo apt update
- sudo apt upgrade
Once done, run the Software Updater, which you find in the application menu. Note that you may make a change in the application's configuration in order to get interim release (those ending with *.10) upgrade prompts.
Select the Updates tab in the preferences and switch "notify me of a new Ubuntu version" to "for any new version".
Ubuntu 23.10 will be supported until July 2024.
Ubuntu 23.10: major changes
The new version of Ubuntu ships with Linux kernel 6.5. The new kernel includes a number of important changes, such as ACPI support on RISC-V, support for Intel's Topology Aware Register and PM Capsule Interface, which promises better power-management, and special memory permissions on ARM64.
AppArmor Profile
Ubuntu 23.10 includes a number of security improvements. Support for AppArmor profile is introduced in this version to "use unprivileged user namespaces". The feature is disabled by default. Once enabled, it affects all applications on the system that are unprivileged and unconfined.
Ubuntu users who want to enable this security feature may test it temporarily:
To test the functionality for the session: echo 1 | sudo tee /proc/sys/kernel/apparmor_restrict_unprivileged_userns
Those who want to use it permanently need to create a new file /etc/sysctl.d/60-apparmor-namespace.conf and add the line kernel.apparmor_restrict_unprivileged_userns=1 to it. A reboot is required to complete the process.
The release notes list a few troubleshooting options for users who run into issues after enabling the security feature.
TPM-backed full disk encryption is also supported in Ubuntu 23.10. It is introduced as an experimental feature and its effect is that the passphrase does not need to be entered manually anymore on boot to boot the system. The TPM chip handles this and "offers additional layers of security" according to Canonical.
Ubuntu users who prefer to continue entering the passphrase may do so. Additional information about this change is available on the Ubuntu blog.
Other Ubuntu 23.10 changes
Here is a list of important changes in the new release:
- Ubuntu App Center replaces Snap Store.
- Standalone Firmware Updater application is now included.
- The Network Manager uses Netplan as the default settings-storage backend.
- The default installation type for Ubuntu Desktop installations is minimal.
- Reintroduced support for ZFS guided installations.
- ADSys Active Directory Certificates auto-enrollment to "streamline connecting to corporate Wi-Fi and VPN networks".
- GNOME update to incorporate GNOME 45 features and fixes.
- Included apps, Firefox, LibreOffice and Thunderbird, updated.
- fonts-ubuntu-classic package may be installed to use fonts used in earlier Ubuntu versions.
You can check out the full release notes here.
I was using 23.04 and was nearly perfect but 23.10 failed to install twice and the in the third I think the minotaur got tired and the network manager lost its way in the labirint…
So here I am in a good ol/new Mint 21.2 Edge with kernel 6.2 and works like a charm…
Install Chrome in 23.10 is also a bad joke… I think Ubuntu lost completely its way and no wonder the guys at Mint are already trying Debian.
Not the legacy ISO, which remains available as it is not affected.
Canonical has removed 23.10
https://discourse.ubuntu.com/t/announcement-ubuntu-desktop-23-10-release-image-is-being-updated-to-resolve-a-malicious-translation-incident/39365
For me, App Armour sounds a bit onerous to enable.
Don’t understand the “why” deploy if users are go to face issues? “The release notes list a few troubleshooting options for users who run into issues after enabling the security feature.”
Enable and run in to problems? Great, sounds like MS.
Is it even worth it? The notes indicate that enabling “it does not mitigate against kernel exploits that abuse the unprivileged user-namespaces feature.”
Following in the footsteps of MS; let’s place this alpha feature on the table for others to figure out; we couldn’t. And the feature doesn’t do any good, so . . . no harm done.
Someone can explain it to me, thank you.
“To test the functionality for the session:
echo 1 | sudo tee /proc/sys/kernel/apparmor_restrict_unprivileged_userns
Those who want to use it permanently need to create a new file /etc/sysctl.d/60-apparmor-namespace.conf and add the line kernel.apparmor_restrict_unprivileged_userns=1 to it.
A reboot is required to complete the process.”
Linux and its ethernal need to write commands everywhere.