enterprise license

F

Felipe Aleixo

New Member
Proxmox Subscriber
Feb 3, 2026
4
0
1
Hello everyone,

I work for a company that has several Proxmox servers installed.

However, the company does not want to purchase the enterprise license, and another technician wants to perform Proxmox updates using the no-subscription repository instead.

I recommended buying the official license, but there is always someone who wants to go against that recommendation.

My main question is: is updating Proxmox through the no-subscription repository considered safe for production environments? Could this approach cause problems or instability in the future?

I would appreciate hearing from people with real experience using this method in production environments.

Captura de tela 2026-05-10 183508.png
 
It's not a license (which is a legally very different thing) but a (support) subscription. The no-subscription repository is a little less time-tested and gets features and bugfixes sooner and more often. If there is a problem then it's usually fixed quickly compared to being on the enterprise repository. It's what most people run at home, which they call "production" as it runs their "critical" infrastructure like home automation and network routing. I use no-subscription mostly but did get a subscription to support Proxmox.
 
  • Like
Reactions: gfngfn256, cheiss, Felipe Aleixo and 2 others
Felipe Aleixo said:
is updating Proxmox through the no-subscription repository considered safe for production environments?
Click to expand...
As so often: it depends.

If I run a company and I my services infrastructure is used in my office to make money and I want that to be possible with ~99.9 percent reliability (that's one workday per year) then I use the better tested subscription repository.

For my homelab that is not the case...
 
  • Like
Reactions: leesteken and Johannes S
Felipe Aleixo said:
is updating Proxmox through the no-subscription repository considered safe for production environments?
Click to expand...

If your company wants to be a release candidate tester for the enterprise repository users and is fine with services being down when a "problematic" package, despite alpha (internal) and beta (test repository) testing (which can be assumed, is a relatively small audience), made its way into the no-subscription repository...
 
  • Like
Reactions: Johannes S
I also agree with what others have already said about the benefits of a subscription.
I would like to add one practical example that may help persuade people who are opposed to purchasing a subscription.

Recently, there was the following vulnerability/security advisory.

ProxmoxSecurityAdvisory

Post in thread 'Proxmox Virtual Environment - Security Advisories'

Subject: PSA-2026-00018-1: "copy.fail" local privilege escalation via AF_ALG socket​


Advisory date: 2026-04-30

Packages: proxmox-kernel-6.8, proxmox-kernel-6.14, proxmox-kernel-6.17

Details:

An issue published under the name "copy.fail" was found in the Linux kernel's handling of AF_ALG socket messages. An unprivileged local user could abuse this issue to write 4 controlled bytes into the page cache of any readable file on a Linux system, and use that to gain root and potentially escape sandboxing mechanisms such as containers.

Mitigations:

Fixed kernel...

At the time this security advisory was published, the no-subscription repository already contained the proxmox-kernel-7.0.0-*-pve kernel.
When users updated their systems to address this security advisory, those using the no-subscription repository could end up being moved to proxmox-kernel-7.0.0-*-pve as part of that process.
You can pin the kernel with `proxmox-boot-tool`, but that assumes a certain level of engineering knowledge, and there is also the risk that people forget they pinned the kernel and continue using it that way for too long.

By contrast, the enterprise repository provided the vulnerability-fixed proxmox-kernel-6.17.13-*-pve kernel without bringing in proxmox-kernel-7.0.0-*-pve, so the impact was minimal and it was possible to respond quickly.

That alone is already a meaningful advantage of the enterprise repository.
In addition, with the Basic plan or above, you can also receive ticket-based support.
 
leesteken said:
It's not a license (which is a legally very different thing) but a (support) subscription.
Click to expand...

Presumption makes a fool of you and me.

In the UK, you might want to call it a subscription, but it is a legal license to use intellectual property with restrictions, which also comes with varying levels of access to support. Consequently, to me (a resident of the United Kingdom), it is factually correct to call it a license because that is exactly what it is. I suspect that, from a legal perspective, it is technically a mixture of a license and access to support in most legal jurisdictions. When your siblings are lawyers and judges, you constantly get disabused of this sort of legal misunderstanding.
 
  • Like
Reactions: Johannes S
jabuzzard said:
In the UK, you might want to call it a subscription, but it is a legal license to use intellectual property with restrictions, which also comes with varying levels of access to support.
Click to expand...
The Proxmox VE software is open-source under the free AGLP3.0 license [UK: licence] (which does not come with varying level of support) and comes with all features enabled. The support subscription (with zero or more yearly support tickets) is optional and sold separately. Please note that I'm not a lawyer and not from the UK, but this distinction between the free license to run and use the software (for an unlimited amount of time) and a paid support plan (by Proxmox or another company) is usually quite relevant (for other people and businesses).

EDIT: Maybe I took the definition of license too small by assuming it would be mandatory and for permission to run the software. I see now that you could call a permission to claim support (which has been paid for) also a license. And such a support-license could be fully optional and does not need to come from Proxmox at all.
 
Last edited:
  • Like
Reactions: Johannes S and Felipe Aleixo
leesteken said:
The Proxmox VE software is open-source under the free AGLP3.0 license (which does not come with varying level of support) and comes with all features enabled. The support subscription (with zero or more yearly support tickets) is optional and sold separately. Please note that I'm not a lawyer and not from the UK, but this distinction between the free license to run and use the software (for an unlimited amount of time) and a paid support plan (by Proxmox or another company) is usually quite relevant (for other people and businesses).
Click to expand...

That is the point, you are not a lawyer, and while I am not a lawyer either, I keep getting disabused of notions like that by my siblings who are lawyers/judges, including on this very specific topic. Effectively, there are two licenses: one for the source code and another for access to the curated and tested binaries derived from it. You may call the second a "subscription", legally in the UK, it is a license.

Don't assume the legal situation where you live is the same as that where someone else lives, and consequently, don't "correct" them for potentially using correct English.
 
  • Like
Reactions: leesteken
From the Proxmox VE Subscription Agreement:
Important note:
(Re-)Distributing Software packages received under this Subscription Agreement to a third party or using
any of the subscription services for the benefit of a third party is a material breach of the agreement, even
if the open-source license applicable to individual software packages may give you the right to distribute
those packages (this limitation is not intended to interfere with your rights under those individual
licenses).
Click to expand...

I believe, from a legal stand-point, jabuzzard appears to be correct, based on the highlighted text above.
 
  • Like
Reactions: leesteken
gfngfn256 said:
I believe, from a legal stand-point, jabuzzard appears to be correct, based on the highlighted text above.
Click to expand...
The same binaries are also available on the no-subscription repository (if I'm not mistaken). Would sharing a (partial) list of (the older) versions, by version number and not the actual package, that are in the enterprise repository (at a time in between ISO releases) also be a beach of the agreement?
EDIT: I guess it could be considered to violate the spirit of it when someone using the enterprise repository shares the output of pveversion -v , which is sometimes asked during troubleshooting on this forum.
 
Last edited:
leesteken said:
The same binaries are also available on the no-subscription repository (if I'm not mistaken). Would sharing a (partial) list of (the older) versions, by version number and not the actual package, that are in the enterprise repository (at a time in between ISO releases) also be a beach of the agreement?
Click to expand...
If an identical file is legally & readily available elsewhere, it is possible & likely that the above agreement would not be able to prohibit that distribution.
However that agreement is still legally a license, since it will limit to usage only & non-distribution of any non-available file.
 
gfngfn256 said:
However that agreement is still legally a license, since it will limit to usage only & non-distribution of any non-available file.
Click to expand...
That clear, and I'm not contesting that (anymore) and have updated my previous posts. I was just wondering how a list of versions relates to that contract.
 
You must log in or register to reply here.
Top Bottom
Back