GNU bug report logs - #36659
There should be an unattended upgrades service

Previous Next

Package: guix;

Reported by: "pelzflorian (Florian Pelz)" <pelzflorian <at> pelzflorian.de>

Date: Mon, 15 Jul 2019 10:18:02 UTC

Severity: normal

Done: Tobias Geerinckx-Rice <me <at> tobias.gr>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 36659 in the body.
You can then email your comments to 36659 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to bug-guix <at> gnu.org:
bug#36659; Package guix. (Mon, 15 Jul 2019 10:18:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to "pelzflorian (Florian Pelz)" <pelzflorian <at> pelzflorian.de>:
New bug report received and forwarded. Copy sent to bug-guix <at> gnu.org. (Mon, 15 Jul 2019 10:18:02 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: "pelzflorian (Florian Pelz)" <pelzflorian <at> pelzflorian.de>
To: bug-guix <at> gnu.org
Subject: There should be an unattended upgrades service
Date: Mon, 15 Jul 2019 12:17:11 +0200
Some users (want to) forget about regularly upgrading Guix System.
There should be an unattended upgrades service.  Some requirements
come to mind for its configuration:

1) Some users may want their unattended upgrades service to take care
just of reconfiguring from a recent checkout and some may want it to
take care of updating users’ ~/.config/guix/current and ~/guix-profile
profiles.

2) Maybe there should be libnotify integration for unattended
upgrades if the user uses a desktop environment.

3) Updates may fail if there is no internet connection.  Some users
may *not* want upgrades on metered internet connections.  Some users
may *not* want upgrades over untrusted connections.

This report is a followup to Ludo’s proposal at
<https://issues.guix.gnu.org/issue/36636> to add such a service and
add it to %desktop-services, making it the default setting.  Such a
change in defaults could be a bad surprise for some users and should
not go unnoticed, I think.

Regards,
Florian




Information forwarded to bug-guix <at> gnu.org:
bug#36659; Package guix. (Tue, 16 Jul 2019 07:30:01 GMT) Full text and rfc822 format available.

Message #8 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Matthew Brooks <matthewfbrooks <at> mailbox.org>
To: bug-guix <at> gnu.org
Subject: Re: bug#36659: There should be an unattended upgrades service
Date: Tue, 16 Jul 2019 02:29:07 -0500
If an automatic updater is included by default (which I think would be a rather bad idea), it absolutely needs to be very easy for a user to disable.
GuixSD gives users a hell of a lot more control over the system and software and such than most other operating systems do, and that's a great strength. Leaving all those decisions in the hands of an automatic updating algorithm seems like a great way to discourage users from actually using the full power of the system and instead treat guix as just another generic distribution that decides things for the users instead of letting them decide for themselves. Especially since guix already lets the user know if it's older than about a week or so, which is probably plenty for anything other than the most demanding of security needs.
Further, an automatic upgrade service wouldn't really add anything useful, since cron jobs and scripts can already be used to automate upgrading if one so desires. Additionally, anyone who is able to install the system to begin with would easily be able to set up such a cron job if they wish, since creating the system config file takes more work than making a small bash script with the few commands needed to update everything.




Information forwarded to bug-guix <at> gnu.org:
bug#36659; Package guix. (Tue, 16 Jul 2019 12:48:02 GMT) Full text and rfc822 format available.

Message #11 received at 36659 <at> debbugs.gnu.org (full text, mbox):

From: Ricardo Wurmus <rekado <at> elephly.net>
To: Matthew Brooks <matthewfbrooks <at> mailbox.org>
Cc: 36659 <at> debbugs.gnu.org
Subject: Re: bug#36659: There should be an unattended upgrades service
Date: Tue, 16 Jul 2019 14:46:50 +0200
Hi Matthew,

> If an automatic updater is included by default (which I think would be
> a rather bad idea), it absolutely needs to be very easy for a user to
> disable.

Of course.  It would be as simple as removing a service from the list of
default system services in the operating system configuration.

> Further, an automatic upgrade service wouldn't really add anything
> useful, since cron jobs and scripts can already be used to automate
> upgrading if one so desires.

I disagree.  We provide a whole lot of services that aren’t strictly
necessary in order to satisfy what we think are reasonable user
expectations.  An upgrade service that’s easily removed or configured
seems nicer to me than having to muck about with cron jobs and scripts
by myself.

--
Ricardo





Information forwarded to bug-guix <at> gnu.org:
bug#36659; Package guix. (Tue, 16 Jul 2019 13:24:02 GMT) Full text and rfc822 format available.

Message #14 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Arne Babenhauserheide <arne_bab <at> web.de>
To: bug-guix <at> gnu.org
Cc: 36659 <at> debbugs.gnu.org, Matthew Brooks <matthewfbrooks <at> mailbox.org>
Subject: Re: bug#36659: There should be an unattended upgrades service
Date: Tue, 16 Jul 2019 15:23:35 +0200
[Message part 1 (text/plain, inline)]
Ricardo Wurmus <rekado <at> elephly.net> writes:

>> Further, an automatic upgrade service wouldn't really add anything
>> useful, since cron jobs and scripts can already be used to automate
>> upgrading if one so desires.
>
> I disagree.  We provide a whole lot of services that aren’t strictly
> necessary in order to satisfy what we think are reasonable user
> expectations.  An upgrade service that’s easily removed or configured
> seems nicer to me than having to muck about with cron jobs and scripts
> by myself.

I would most of all like to see a CVE-checking service that tells me
about security updates. Sometimes I’ll ignore updates for a few weeks
because I have a setup that absolutely must keep working, because I
could not even afford half an hour of brokenness, but I must still do
security updates, and I would like Guix to tell me about those.

Also it would be interesting to have an auto-update service that only
updates /run/current-system

That way users would only have to worry about their personal
installations, but not about the underlying base-system. I think there
are many users who would be most happy if they never had to sudo.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein
ohne es zu merken
[signature.asc (application/pgp-signature, inline)]

Information forwarded to bug-guix <at> gnu.org:
bug#36659; Package guix. (Tue, 16 Jul 2019 13:24:02 GMT) Full text and rfc822 format available.

Information forwarded to bug-guix <at> gnu.org:
bug#36659; Package guix. (Tue, 16 Jul 2019 14:05:02 GMT) Full text and rfc822 format available.

Message #20 received at 36659 <at> debbugs.gnu.org (full text, mbox):

From: "pelzflorian (Florian Pelz)" <pelzflorian <at> pelzflorian.de>
To: Matthew Brooks <matthewfbrooks <at> mailbox.org>,
 Arne Babenhauserheide <arne_bab <at> web.de>,
 Ricardo Wurmus <rekado <at> elephly.net>
Cc: 36659 <at> debbugs.gnu.org
Subject: Re: bug#36659: There should be an unattended upgrades service
Date: Tue, 16 Jul 2019 16:04:12 +0200
This is just my opinions/ideas:

On Tue, Jul 16, 2019 at 02:29:07AM -0500, Matthew Brooks wrote:
> If an automatic updater is included by default (which I think would
> be a rather bad idea), it absolutely needs to be very easy for a
> user to disable.

Guix System should target non-power users too.  It is already much
easier to install packages and services than in Debian, especially if
no sudo were ever needed as Arne wrote in his reply.

Perhaps if the unattended upgrades service were not included in
%desktop-services but selectable in the Guix System graphical
installer and selected by default, users would feel more in control
and existing users would not be surprised.

If unattended-upgrades-service-type checked with NetworkManager for
metered connections *and* if substitutes are available *and* the power
user can configure a blacklist/whitelist of trusted connections, the
only downside I see is less internet bandwidth during upgrades and
slightly more battery drain, but security is more important and the
more responsible default.

Maybe make it configurable if upgrades should be performed when on
battery.

Maybe users could stop an upgrade via libnotify notification?

On Tue, Jul 16, 2019 at 03:23:35PM +0200, Arne Babenhauserheide wrote:
> I would most of all like to see a CVE-checking service that tells me
> about security updates. Sometimes I’ll ignore updates for a few weeks
> because I have a setup that absolutely must keep working, because I
> could not even afford half an hour of brokenness, but I must still do
> security updates, and I would like Guix to tell me about those.
>

A CVE notification service would be right for %desktop-services, I
think.

Regards,
Florian




Information forwarded to bug-guix <at> gnu.org:
bug#36659; Package guix. (Wed, 24 Jul 2019 16:36:01 GMT) Full text and rfc822 format available.

Message #23 received at 36659 <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: Arne Babenhauserheide <arne_bab <at> web.de>
Cc: 36659 <at> debbugs.gnu.org
Subject: Re: bug#36659: There should be an unattended upgrades service
Date: Wed, 24 Jul 2019 18:35:47 +0200
Hi,

Arne Babenhauserheide <arne_bab <at> web.de> skribis:

> Also it would be interesting to have an auto-update service that only
> updates /run/current-system

Yes, that’s what we’re talking about here, or at least what I had in
mind.  :-)

Ludo’.




Reply sent to Tobias Geerinckx-Rice <me <at> tobias.gr>:
You have taken responsibility. (Mon, 30 Nov 2020 16:41:02 GMT) Full text and rfc822 format available.

Notification sent to "pelzflorian (Florian Pelz)" <pelzflorian <at> pelzflorian.de>:
bug acknowledged by developer. (Mon, 30 Nov 2020 16:41:02 GMT) Full text and rfc822 format available.

Message #28 received at 36659-done <at> debbugs.gnu.org (full text, mbox):

From: Tobias Geerinckx-Rice <me <at> tobias.gr>
To: 36659-done <at> debbugs.gnu.org
Subject: There should be an unattended upgrades service
Date: Mon, 30 Nov 2020 17:40:44 +0100
[Message part 1 (text/plain, inline)]
One was added by Ludo' in commit 
79501f26ab6d82c0256ff786a5dfb0000b52ccd3.

The unrelated (CVE) or enhancement (NM integration) suggestions 
upthread are separate topics.  Closing!

Kind regards,

T G-R
[signature.asc (application/pgp-signature, inline)]

bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Tue, 29 Dec 2020 12:24:10 GMT) Full text and rfc822 format available.

This bug report was last modified 3 years and 90 days ago.

Previous Next


GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.