Group: Software/FSDG distributions/UnmaintainedDistroVersions
Introduction
Sometimes it might be useful to use older unmaintained versions of fully free distributions, for instance to run old software that hasn't been ported yet to work on more recent distributions.
A good example is Replicant 6.0 or older which requires old distributions to be built because it depends on software that isn't maintained anymore that is was packaged in these older distributions.
Caveats
The most problematic issue you can run into is if a freedom issue is found: it is unclear if it can be fixed or not. A way to find out would be to work on a fix and contact the distribution maintainers for pushing the fix.
This is also why the free system distributions guidelines requires distributions to be actively maintained: it is meant to be able to fix freedom issues in the distribution. The guidelines however do not have any requirements to fix security issues or other type of issues.[1]
So it would be perfectly possible to continue fixing only freedom issues in older versions of distributions and, on the distribution website, call these version unmaintained as they do not get any other type of maintenance that users typically expect (like security issues, and so on).
In any case if the distribution is listed as free, it has maintainers (at least for the newer versions), so they can be contacted to see with them if it's possible or not to fix freedom issues on older versions of the distritibution that is officially unmaintained.
If for some reasons you have more information about that (for instance you know about a freedom bug that was or was not fixed), it would be very useful to update this article with the information.
Apart from the freedom issues (which is the most important one), you also have the usual issues with unmaintained software.
For instance since the distribution doesn't have any security updates, you need to limit the attack surface as much as possible to limit the risks of compromise of the distribution.
You might also run into other issues such as compatibility issues with more modern software. Common issues are not working TLS certificates, incompatibility some newer virtualization/container software, etc. You might also run into bugs that you cannot easily fix due to the lack of maintainer/community.
Running distributions in a virtual execution environments
Distributions (that are not maintained anymore) | ||||
---|---|---|---|---|
Trisquel 8.0 (Flidas) | Trisquel 9.0 (etiona) | |||
Runtimes | libvirt's LXC | No[2] | Yes | |
Qemu / Qemu KVM / Bare metal | Yes | Yes | ||
Docker[3] | ? | yes, with configuration, Requires debuerreotype with recent Trisquel 9 or 10 to create the docker container.[4] |
- ↑ At the time of writing, the page with the list of Free GNU/Linux distributions describes Dyne:bolic as follows: "Dyne:bolic, a GNU/Linux distribution with special emphasis on audio and video editing. This is a “static” distro, normally run from a live CD. Since it will not receive security updates, it should be used offline."
- ↑ At the time of writing (May 2021) Trisquel 8 doesn't work anymore in LXC through libvirt in Parabola: Failed to create symlink /sys/fs/cgroup/net_cls: Operation not permitted Freezing execution. This is due to a cgroup API change. However Trisquel 9 works fine in this context and Trisquel 8 is not supported anymore by Trisquel since April 2021.
- ↑ This references if it's possible to create docker images for a given distribution. For (the lack of) FSDG compliant docker registries and possible workarounds, see the ExternalRepositories page.
- ↑ Trisquel 9 and Trisquel 10 have a package for debuerreotype, the software used to create the semi-official Debian images on docker.com. It uses debootstrap so it can create Trisquel images. However the package documentation mention Ubuntu or Debian examples, so someone needs to bugreport and/or fix it. The debuerreotype-init --non-debian rootfs nabia http://archive.trisquel.info/trisquel command can be used to create a Trisquel 10 rootfs on Trisquel 10.