Ah, they advertised non-profit at one point, but I see that's changed. That may have been "we seek no profit" not "non-profit entity". Thanks for the info on this point.

Back to LTS:

Debian LTS is not handled by the Debian Security and Release teams, but by a separate group of volunteers and companies interested in making it a success.

To the point, Freexian is 100% not Debian, not "part" of Debian, it merely uses Debian's infra gratis for LTS. This does not detract from the good work they do, but we must also not confuse a private company, and its goals, with Debian and its goals.

LTS tries its best, but only supports what it can. Not its fault. Thus they do give preference to packages which are more widely used, and which they have received donations for.

So wildly popular things such as apache2, mariadb, and so on are very much going to be handled. Some rare package which has 400 users worldwide? Not so much.

LTS will very much take patches and any help, but that still ties in to the number of users. If a packages has 400 users worldwide, and most have moved on to the next release? Well, I hope you see my point.

(I've moved customers off of LTS for using rare packages, whilst reassuring them that LAMP servers are very much supported due to this. Popularity counts here, due to efforts of volunteers and externals.)

--

ELTS only supports a further subset of packages. It's not "full" support. I think one would be exceptionally unwise to use it, for say a desktop. That is, unless they were paying for support and had obtained a list of all packages supported.

--

https://www.freexian.com/lts/extended/docs/debian-10-support...

"Note that when you request a quote, we send you back a list of packages that are not supported or that have limitations in their support so that you can take an informed decision."

Yes, I know that page has a git repo and so on for some support information.

But my points are; not the full distro is supported, you have to track this yourself, you need to be diligent, and even so you need to be sure you're not running rarer packages.

Once again, I do want to reiterate, these are both excellent programs. They do a good job, they're dedicated, but we must be aware of the limitations here.

An example being the differences between security support for main, non-free, contrib in stable Debian:

https://www.debian.org/security/faq#contrib

As you can see, there is no actual guaranteed security support for contrib and non-free. The reasons are logical, however, users need to be aware of the nuance here.

Just as they need to be aware of the nuance of LTS and ELTS.

For example, all of my server installs have non-free, non-free-firmware and contrib blocked via pinning in preferences.d, with only specific absolutely required packages then allowed back in.

(For example I may allow command line apps, but not anything network connected, and only with a once over of functionality and SUID bits and other such things)

--

Really, I see LTS as a crutch that normal users should never use. I suggest we collectively not encourage Desktop users (for example) to use LTS.