Canonical with Jon Seager

4 snips

Nov 27, 2025

Join Jon Seager, VP of Engineering for Ubuntu at Canonical, as he discusses the ambitious effort to rewrite critical components of Ubuntu in Rust. With a focus on modernizing foundational elements like sudo for better security, Jon explains the challenges of replacing decades-old code while ensuring reliability for millions of users. The conversation delves into Rust’s advantages, strategies for risk management, and the vibrant community feedback that shapes this transformation. Discover how Canonical is pioneering the use of Rust in system-level programming!

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

Rust To Reduce Memory-Safety Risk

Canonical is replacing foundational GNU tools with Rust rewrites to reduce memory-safety vulnerabilities and improve long-term maintainability.
Jon Seager argues Rust's adoption increases security probability across billions of daily invocations of core utilities.

ADVICE

Ship With One-Command Rollback

Provide an easy rollback path when shipping risky changes to critical system components so users can revert if needed.
Jon Seager had apt changes that make switching back to GNU tools one command to minimize disruption.

ANECDOTE

Monthly Snapshots For Safer Rollout

Canonical used monthly snapshot releases to gradually expose users to Rust packages before making them default.
Jon Seager says ISOs with Rust tools were out for months which increased testing and bug reports.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

What does it take to rewrite the foundational components of one of the world's most popular Linux distributions? Ubuntu serves over 12 million daily desktop users alone, and the systems that power it, from sudo to core utilities, have been running for decades with what Jon Seager, VP of Engineering for Ubuntu at Canonical, calls "shaky underpinnings."

In this episode, we talk to Jon about the bold decision to "oxidize" Ubuntu's foundation. We explore why they're rewriting critical components like sudo in Rust, how they're managing the immense risk of changing software that millions depend on daily, and what it means to modernize a 20-year-old operating system without breaking the internet.

About Canonical

Canonical is the company behind Ubuntu, one of the most widely-used Linux distributions in the world. From personal desktops to cloud infrastructure, Ubuntu powers millions of systems globally. Canonical's mission is to make open source software available to people everywhere, and they're now pioneering the adoption of Rust in foundational system components to improve security and reliability for the next generation of computing.

About Jon Seager

Jon Seager is VP Engineering for Ubuntu at Canonical, where he oversees the Ubuntu Desktop, Server, and Foundations teams. Appointed to this role in January 2025, Jon is driving Ubuntu's modernization strategy with a focus on Communication, Automation, Process, and Modernisation. His vision includes adopting memory-safe languages like Rust for critical infrastructure components. Before this role, Jon spent three years as VP Engineering building Juju and Canonical's catalog of charms. He's passionate about making Ubuntu ready for the next 20 years of computing.

Links From The Episode

Juju - Jon's previous focus, a cloud orchestration tool
GNU coretuils - The widest used implementation of commands like ls, rm, cp, and more
uutils coreutils - coreutils implementation in Rust
sudo-rs - For your Rust based sandwiches needs
LTS - Long Term Support, a release model popularized by Ubuntu
coreutils-from-uutils - List of symbolic links used for coreutils on Ubuntu, some still point to the GNU implementation
man: sudo -E - Example of a feature that sudo-rs does not support
SIMD - Single instruction, multiple data
rust-coreutils - The Ubuntu package with all it's supported CPU platforms listed
fastcat - Matthias' blogpost about his faster version of cat
systemd-run0 - Alternative approach to sudo from the systemd project
AppArmor - The Linux Security Module used in Ubuntu
PAM - The Pluggable Authentication Modules, which handles all system authentication in Linux
SSSD - Enables LDAP user profiles on Linux machines
ntpd-rs - Timesynchronization daemon written in Rust which may land in Ubuntu 26.04
Trifecta Tech Foundation - Foundation supporting sudo-rs development
Sequioa PGP - OpenPGP tools written in Rust
Mir - Canonicals wayland compositor library, uses some Rust
Anbox Cloud - Canonical's Android streaming platform, includes Rust components
Simon Fels - Original creator of Anbox and Anbox Cloud team lead at Canonical
LXD - Container and VM hypervisor
dqlite - SQLite with a replication layer for distributed use cases, potentially being rewritten in Rust
Rust for Linux - Project to add Rust support to the Linux kernel
Nova GPU Driver - New Linux OSS driver for NVIDIA GPUs written in Rust
Ubuntu Asahi - Community project for Ubuntu on Apple Silicon
debian-devel: Hard Rust requirements from May onward - Parts of apt are being rewritten in Rust (announced a month after the recording of this episode)
Go Standard Library - Providing things like network protocols, cryptographic algorithms, and even tools to handle image formats
Python Standard Library - The origin of "batteries included"
The Rust Standard Library - Basic types, collections, filesystem access, threads, processes, synchronisation, and not much more
clap - Superstar library for CLI option parsing
serde - Famous high-level serilization and deserialization interface crate

Official Links

Canonical
Ubuntu
Jon Seager's Website
Jon's Blog: Engineering Ubuntu For The Next 20 Years
Canonical Blog
Ubuntu Blog
Canonical Careers: Engineering - Apply your Rust skills in the Linux ecosystem