For a desktop I’d use Debian + Gnome (you won’t get cutting edge on stable but it is not that important) and flatpack for most of the apps. Sincerely I don’t see why selinux is so important on a workstation.

Tbo, that’s a little bit to little research you provided considering you want to use it for work.

E.g. why do you need more than 2 years of support for a workstation?

Stating that debian isn’t secure enough really confuses me as it is one of the most solid distros out there.

As far as I can tell none of the options listed are quite suitable. They are either to unstable or way to out of date. I like Rocky Linux but it doesn’t seem to be desktop focused as far as I can tell. I would use Debian but Debian doesn’t have the greatest security defaults. (No selinux profiles out of the box)

Check your requirements … I get that you may need 2 year support and you cannot control that, but are you really going to dismiss one of the greatest Linux distros of all time because the “defaults” are not to your liking? You know you can configure it however you want after the installation right?

If you are going to value stability and nice wallpaper with the same importance, you’ll never find a “quite suitable” match

Enterprise environment in what sense, desktop or server deployment?

I ask because I wouldn’t want a “semi recent … Chrome or Firefox” installed on a production server

What issues does Ubuntu LTS have that you need to overcome?

What use case ? - desktops for office work, music production, a student lab?

FWIW. Kubuntu is my favorite, generally used for research and reading, light web mail.

Rocky linux is definitely for desktop too. It was designed as a successor of Centos, which was widely used in medium and big companies. We currently use Rocky 8 where I work. It works fine.

Debian.

Debian stable + Flatpak

My wife’s laptop absolutely has to work. For some mad reason I decided on Arch for it. Actually a rolling distro is not so mad. You get the latest stuff and in general issues are fixed as quickly as a LTS jobbie or you get a work around in the forums or you dig out the source and a compiler. It’s no accident that the Arch wiki is an oft cited resource. Its not for everyone!

I’ve been looking at a similar thing for my company and Kubuntu so far is my choice and I’ve already ditched the LTS bit. I need to run AV and the usual corporate bollocks to pass silly tick box exercises, so my options are rather limited.

There is no perfect one size fits all distro, that’s what we have rather a lot of them to choose from - they rise and fall according to natural selection and not artifice. Imagine if all computers were sold with a free/libre OS or none at all and Windows or Apples were a paid for add on. Monolithic OSs are completely deluded about being able to cater for all, without some dreadful contortions.

Anyway, back to the job in hand! If you want a LTS then you must accept older software or you use an LTS as a base and add newer stuff yourself. Most Linux distros allow you to run your own add-ons formally or informally. Gentoo has a rather nifty user patching mechanism for distro ebuilds and you can have your own ebuilds take over entirely. RPM and pkg distros can handle user packages and Ubuntu has PPAs too. I could go on. Also you can go off piste and put stuff into /opt and/or /usr/local!

Please reconsider your use of the term “unstable”. I suggest you write down a list of your requirements and score them according to importance. Then grab a list of OSs and distros - all of them, don’t preclude Windows and Apples: they have their uses. Then score the OSs/distros against your requirements. The scoring might be in the form of a matrix (table). I suggest keeping it simple with a score of -1 to 1 for each item (-1=dislike, 0=neutral/whatevs, +1=like)

Do a pilot project and see how that goes. Take your time. If it is for personal use then run your tests in a VM. Most modern hardware can easily run a VM or two. Virtualbox or VMware Worskstation or KVM (libvirt is a good effort)

The choice is yours. Note that word “choice” - its very important.

Honestly, we (a large Fortune 500 company hosting sites serving between 250m and 500m unique monthly visitors) have standardized on Ubuntu LTS and Rocky Linux. Both have been rock solid. Kubernetes and other things that need regular updates and patches (aka things that directly power forward facing apis/sites) tend to be Ubuntu and the rest Rocky. We do NOT however run any ui’s or browsers or the like on them. I highly recommend against doing so on any server.

If you mean desktop, we tend to not use Linux for desktop apps, instead going with MacOS and Windows with group policies and forced updates. Definitely prefer the stability of MacOS over Windows, but both have their place in the enterprise. When I was running a Linux desktop there, it was Fedora Silverblue. Snaps are not my friend.

Mint is built on Ubuntu LTS but removes some of the problematic bits, it has a recent Firefox and Chrome is of course available, Fletpak support is also integrated.

I’ve run Alma and RHEL as a desktop and it was fine, my main use case was “like Fedora but stable” (more than a year of support). However the repositories are very limited, even with EPEL and third parties, so it eventually irked me enough to switch away. Also no btrfs support without replacing the kernel and adding support from third party places.

Debian or Alma

I’ve found a nice home with Mint Debian edition. It has the right balance between stable and current that I prefer.

If I didn’t use Ubuntu LTS, I’d be using Debian.

What problems do you have on Ubuntu? What software is too out of date? Why do you need LTS for a workstation?