Ubuntu's 'Mantic Minotaur' peeks out of the labyrinth

Ubuntu’s ‘Mantic Minotaur’ peeks out of the labyrinth

As outline becomes visible, including the return of ZFS, kernel 6.4 glides across the Styx into eternity

The next release of Ubuntu will appear in mid-October, and the latest daily builds reveal some of the features of the forthcoming interim release.

Ubuntu 23.10 is codenamed Mantic Minotaur; the adjective means relating to prophecy or divination of the future, and we’re sure you know what minotaurs are meant to be. The wallpapers have a suitably labyrinthine theme. Mantic hasn’t gone into beta yet – that’s scheduled for next week. However, some of what will be in the new release is becoming clear.

The original Ubuntu release schedule, back in 2004, was intended to synchronize with the GNOME project’s semiannual releases, so we knew that the default desktop would be the imminent GNOME 45, whose beta we examined in August as well as the changes to its extensions system earlier this month.

One change that should have little to no visible impact is switching the default Firefox browser snap to use Wayland by default. In the event of problems, the above post details how to revert to the X11 version of Firefox, but it looks tricky for non-technical users.

Linux benchmarking and testing site Phoronix reports that the latest daily builds use kernel version 6.5, which came out at the end of August. That’s also as expected: when he announced kernel 6.4.16, maintainer Greg Kroah-Hartman said that it is the last release of the 6.4 series, which is now end-of-life.

A welcome change in this release is that, according to an Ubuntu bug report, support for installing Mantic with its root filesystem on ZFS is returning. Ubuntu ZFS-on-root support first appeared in 2019 but has been missing from the last couple of releases, due to the new “Subiquity” installer. ZFS support in Mantic will in turn require OpenZFS 2.2, which we reported last month is not quite ready for release yet – but very close.

Although this is a welcome return, it does have some limitations. The incoming OpenZFS support won’t include support for full-disk encryption, and it will still use GRUB as the bootloader, rather than the ZFSBootMenu tool we described in the last story.

Canonical has its own plans for full-disk encryption, which it outlined in a recent blog post. We have asked the company for more information on this, and we hope to return to examine this in more depth soon. For now, the gist seems to be that the company wishes to offer self-unlocking fully-encrypted drives, using keys held in the system firmware by a TPM chip.

This would seem to overlap with the plans of Microsoft’s Lennart Poettering for Unified Kernel Images, support for which continued to mature in systemd 253 early this year. At the time of writing, the current version is still 254, which we expect Mantic to use.

Ubuntu’s approach uses technology it developed for its Ubuntu Core OS, which targets embedded computers and IoT devices. We looked at Core 22 last year. Although a future desktop release is in the planning stages, for now Ubuntu expects Core to be used for things like smart signboards – which means that the devices have no keyboard and no interactive user. That means there’s nobody to enter a disk-unlock password when they boot up, which the current LUKS full-disk encryption system requires.

The way that full-disk encryption (FDE) works on Linux today is that when the machine boots up, first the user must enter a password to unlock the drive, then, a short time later, another password to log in. In contrast, Windows’ built-in Bitlocker retrieves the FDE key from the firmware and starts the OS without user intervention. That’s what you need for a server or other unattended device, and so that is what Red Hat, Canonical and SUSE are all independently working towards. The third preview release of SUSE ALP, “Piz Bernina,” includes SUSE’s own implementation.

At first glance, a self-unlocking encrypted drive seems to be a step backwards in security, but the idea is that the disk remains unreadable if you boot the machine from a different drive or OS, such as a USB key, as well as if you remove the drive and attach it to a different computer and attempt to read its contents.

One thing that Mantic will not do is offer only Ubuntu’s minimal “streamlined install” option: a browser, and almost no other local apps. This was suggested on the company’s Discourse, and hinted at in a rather vague blog post from Oliver Smith, Canonical’s product manager for the desktop edition. The community’s reaction has been strongly negative – a good example is this incendiary response on OMG Ubuntu – and Canonical has backed down.

Smith confirmed to The Reg that it won’t happen – for now. But the default type of installation is changing, from the full installation to the minimal one:

There is further work we want to do on this out-of-the-box setup experience that will not land in the upcoming release, and we have ultimately decided that it’s premature to streamline the install process without the full experience being available. For that reason we’re actually going to keep both the full and ‘minimal’ install options in the installer for 23.10. However, the default selection will be switched to the streamlined install, so that we can gather more data (from those that opt into sharing it) on how many users prefer the full install to inform future decision making.

We can’t help but wonder if this is one step in the direction of a more ChromeOS-like future Ubuntu.

1 point