Is ubuntu-software going to be remove for snap:snap-store?

Of course it’s a good point, for a lot of users that do not care about this forum or Ubuntu’s dev in general – e.g. my wife ! :slight_smile: – to have auto updates.

BUT :

  • I sometimes use a hot spot with slow wifi rate and I don’t want to wait some dozens of minutes that snapd updates all his children ;
  • it may be a good point to know what apps are updated (because bugs happen in new versions too – aren’t they ? – and it could be smart to advertise updates) ;
  • the underground question is whether snap apps do propose two versions LTS-security-stability or not, like Firefox ESR does e.g. ;
  • @popey : I can imagine it’s possible to have a block-updates-by-session switch, which turns ON again when a new session is started, avoiding ever-blocked updates.

I haven’t followed the full discussion. But if what I quoted is true, please, no. I am using Ubuntu because auto update broke Windows 10 on this machine. Please do make auto update off by default. No matter core OS or software installed.

I want them, but let me choose. A list as we have now, tick or untick them individually before going for install.

… in your opinion. The vast majority of people do not believe this.

You’re conflating things. GNOME Calculator was put on the ISO as a snap to help us test the whole “seeding snaps” process, not because it was a fast-moving, CVE-prone applications. Chromium, Firefox and LibreOffice fall more into that category. They are updated often, and sometimes have security issues which need delivering to users quickly.

3 Likes

As previously mentioned, by default snapd detects when users are on slow or metered connections. if it doesn’t, you can force snapd to think it is, by setting this (bottom) tickbox in Network Manager.

Screenshot%20from%202020-03-08%2016-55-38

For some users, yes, and again, not all users think like this. It really is beneficial to get your brain outside your own head and consider how other people think sometimes. Most “Normal” users do not care what was updated, what version number something is, which libraries are used. They just want the latest version of the software, which works. If something breaks, they expect the developer to fix it and a new update to come along. They’re not remotely interested in these details because the computer is a black box which they use to do a job. Version numbers are meaningless to them, and only people like us care about them.

There are way more of them than there are of us.

It is possible for a developer to publish two versions of a snap in the store. See for example the Skype snap. It has both a stable and an ‘insiders’ build available. Users can switch between them. Many other snaps do the same thing. Firefox could do the same with ESR.

You can certainly imagine all kinds of things. Indeed it is possible to defer updates to later, if you want, for example this will defer until tomorrow.

sudo snap set system refresh.hold="$(date --date=tomorrow +%Y-%m-%dT%H:%M:%S%:z)"

Currently we don’t have a GUI to present that in a friendly way, but that could be made, I think.

6 Likes

Most of them don’t use Linux at all, they don’t even know it does exist. :stuck_out_tongue_closed_eyes:
Let’s consider, outside of my brain, Android. You would agree that it’s not geek-designed but does tell users if some apps have to / were updated. No need to display the changelogs… A simple GNOME notification is not a problem for them : they just don’t care about that, the notification disappears and end of the story.

I’m talking about the them who do, who are running Linux already, not the great pile of potential Linux users.

So do we. GNOME Software pops up a dialog to suggest the user should do their updates.

1 Like

Ah ok, sorry I didn’t understand that snaps will be included in current updates notifications, I believed snaps will do silent updates in Focal.

Actually both. If you happen to see it, then you’ll be able press the button to update. But if you miss it, you’d get automatically updated by default. See also my previous comments about deferring updates. If you choose to defer updates for 60 days for example, you’ll keep getting the notifications in GNOME Software, and can pick when to install them, but the default is indeed auto update.

2 Likes

Will the deb packages be auto-updated too ? I know I can choose to auto-update security updates (I did that for my wife who belongs to them, I don’t remember if it’s default) but I do not have any option to do the same for regular updates. If i was one of them, I won’t understand why some are and some aren’t updated automatically.

We have been auto-updating debs for years now via unattended-upgrades for at least security updates.

3 Likes

I switched to Focal yesterday and still have GNOME software as the default. Should that have switched to the Snap Store automatically (the update-manager installed the focal debs and then froze while starting fiddling with the snaps) or is the transition yet to be done?

Chromium, Firefox and LibreOffice are self contained apps by themselves and can be placed anywhere, and not at all in the root. They also can be updated by replacing the contents of the relevant chromium, firefox or libreoffice folder, that is, if the user wants that and when. (The user here is the standard Linux user, not the click-and-shoot one.)

I understand that, you are considering as user, someone like those who use Android, Windows – the click and shoot. But, even the standard Windows users, don’t want auto-upgrades.

Encouraging users to download random zips/tarballs, and unpack and run the contents is not a good security story.

  • Why would you have to wait? Snap work in background, if the internet is not good enough or you disconnect before it’s done then it will continue later and during this time your system/snaps are normally usable

  • Having a way to know what applications got updated/when and what change the update include would be nice. That’s a valid improvement request.
    @mpt do we have some design around how snaps updates should be communicated to users? https://wiki.ubuntu.com/SoftwareUpdates doesn’t seem to mention snaps at all

    That’s a different than the snap-store as a deb though, the discussion should be moved to a new topic and/or launchpad.

  • channels can be used for that, firefox does exactly that, see https://snapcraft.io/firefox which has a ‘stable/esr’ channel

1 Like

If these “random zips/tarballs” are from their well known original developers such as Chromium, Firefox or LibreOffice? If they produce the app, they must be trustworthy, don’t you think so? And, these (self-contained) apps work in every known Linux distro without fail, after all.

A typical Linux user is someone, who explore and experiment.

Again, misunderstanding my point. It’s not that Chromium, Firefox or LibreOffice are untrustworthy. It’s cementing the idea in people’s heads that it’s okay to go and download random binaries. “We’ll I did it for Firefox, so it must be okay” as a pattern. So no, just because one application may be considered trustworthy by some, does not make all applications available trustworthy.

For example a random binaries downloaded from the web have no sandboxing. The application may exfiltrate the users ssh keys, gpg keys or other important security information. This is not a path we want users to be sent down.

Some might, but I wouldn’t generalise in that way. Many have been given Linux on their desktop by their organisation IT function. As such they would not be charaterised as ‘exploring and experiment’ but just a simple user.

Stop falling into the trap of “I do this, therefore everyone does this”. It’s clearly not the case.

6 Likes

That’s exactly what I am trying to say. Automatic updates are good enough for click and shoot guys, while check and update is good for those, who have some interest in the system they use. A typical Linux user is someone, who explore and experiment. Otherwise, s/he is not.

1 Like

As previously mentioned, we have the capability for users to defer updates, and take control over when their applications update - or “check and update” as you call them. That’s possible.

That’s excellent. But, the user should be encouraged to explore and experiment, even make mistakes, otherwise the interest in Linux would die away. There are enough click-and-shoot OSs around.

1 Like

Those discussions are quite off topic from the original question, would be best to stop there…

6 Likes