I’m curious about “Microsoft supporting different types of Linux for a long time…”
Recently, I met one of my customer and during discussion they brought up one interesting point, “I am intrigued by Microsoft’s statement concerning extended support for Linux derivatives designed for enterprise and long-term use. Will Microsoft’s future approach encompass providing assistance for all Linux derivatives available, rather than just specific kernel versions? Alternatively, will they concentrate their efforts on supporting the Enterprise and LTS versions in the medium and long run, exclusively focusing on kernel versions within that scope? This statement carries significance for us, as it influences our business decisions, potentially influencing our selection of a derivative.”
After listening their concern, it made me brainstorm and I started reaching out to different teams and Tech-Specialist to get more understanding on this.
My initial finding was:
- Is the question specifically about MDE(Linux) supporting non-LTS versions of Ubuntu distro?
- Currently there were no committed plan from Microsoft to expand MDE(Linux) supported distro matrix (beyond just staying in sync with the evolution of already supported distros).
- MDE(Linux) supported distro matrix can be viewed here: Microsoft Defender for Endpoint on Linux | Microsoft Docs . Only distros (distro versions) that are explicitly called out are supported. Distros and versions that are not explicitly listed are unsupported (even if they are derived from the officially supported distros).
- For majority of supported distro versions, Microsoft might be supporting default kernel versions. I do not recall custom kernel versions are supported.
- For RHEL6 and CentOS 6 (still in preview) I remember Microsoft did call out supported kernels explicitly due to the implementation specifics on these older platforms.
Even after this finding’s, when I checked, If Microsoft does not support non-LTS versions, then why do they have package for 23.04 non-LTS in their repository?
And, when I tried installing MDE on this version but failed with an expected error (as mde-netfilter is missing from repo):
# apt install mde-netfilter
Reading package lists… Done
Building dependency tree… Done
Reading state information… Done
Package mde-netfilter is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or is only available from another source
E: Package 'mde-netfilter' has no installation candidate"
The mde-netfilter package is also not available on https://packages.microsoft.com/
After a long search, I came to this conclusion:
- Microsoft do not support non-LTS releases.
- Not that many of customers uses Non-LTS.
- Microsoft also have automation where-in some of the non-LTS versions which are published are not massively different (So, customers can use this for testing etc..).
- Customers can ignore the bits on the non LTS folder if they’d like or use it for testing if they need to.