I run all my applications in VirtualBox VMs. That has the advantages, that I can separate stuff based on security risks. I run my finances in an Ubuntu 16.04 ESM VM, that is used exclusively for that purpose. VBox has encrypted the VDI file and I type in a long key, each time I boot the VM, while I skip entering the user password for login. Of course the firewall is closed for inbound traffic.
I already tried out my successor for Ubuntu 16.04 ESM, the Ubuntu Core Desktop 24, the immutable snap version of Ubuntu. I installed it from an October 2024 ISO file in a VBox VM. I kept the snaps up to data using the App Center. It works fine up to now, but I still miss the snaps for Conky and VBox Guest Additions The other issue is the the snapd update always fails, so I reverted the update twice and I still run the original snapd
BTW: what problem are you having when updating snapd? Maybe are you trying to update it to the upstream version? (I ask because, currently, Core Desktop needs a snapd fork; can’t work with the stable upstream snapd).
I use the App Center to update the snaps. I did check the app center again and noticed that snapd has been updated 4 weeks ago from the “latest/edge/ubuntu-core-desktop -----”, while the oldest snaps are from 2 month ago (the installation). I noticed it before, sometimes the snap has been updated, but at the end it still gives an error message.
I’m tempted to use it as a read-only shadow operation for Ubuntu 16.04 ESM, since it seems more reliable than Ubuntu 25.04.
Well, Ubuntu 25.04 is still in development too, so it makes sense But, anyway, Core Desktop is still in development, so it is strongly discouraged its use in production.
It was intended as positive remark for the core desktop, because I expect that snap based systems will be more reliable than deb based systems, due to a better separation of responsibilities.
Hey, any of you had solved the problem to install 24.04.1 or 2 with TPM?
I’m trying to install in some Dell Latitude models (such 3410, 3420 and 5420) and I see that the older models I can run normally the install with full criptography with TPM, but the newer BIOS version have some new options (including Absolute) and even disabling it dont give me the expected result, I stuck in the first reboot giving me the request to the key password.
I am also having issues with FDE. All of a sudden, TPM decryption doesn’t work anymore, and I am asked to input the whole recovery key at boot (which is not ideal, as you may imagine).
I tried to reset the TPM on the BIOS. Then I recovered the encryption passkey from the recovery key which is shown by snap recovery --show-keys, using this script. I then added a new LUKS key, which will be needed for the last step.
Starting from today, we had all our laptops not loading kernel modules via libkms. The snap pc-kernel rev 2352 is not loading some modules, especially the e1000e for Intel Network. We had to revert to rev 2247. Anyone here having the same trouble?
Given this was originally posted as feedback in the TPM based disk encryption thread, this is rather normal behavior, the implementation of the TPM based full disk encryption uses a kernel snap, snaps are read only and GPG signed (and highly compressed so they take less disk space than any unsnapped software), there is no way to modify them or inject any modules into them.
There is work being done to ship Nvidia drivers as snaps that integrate with the kernel snap AFAIK but the people in the original thread would have been better able to answer this…