[HN Gopher] Snap updates happen without user consent ___________________________________________________________________ Snap updates happen without user consent Author : smallerfish Score : 165 points Date : 2022-12-02 18:58 UTC (4 hours ago) (HTM) web link (smaller.fish) (TXT) w3m dump (smaller.fish) | protoster wrote: | It's a mystery to me how Firefox updates on Ubuntu. Sometimes it | goes through auto updates, but sometimes I'll try to open a new | tab and it tells me that it will NOT allow me to do that until I | restart. This is exceptionally annoying and not something that | happens on Windows. | | What is this related to? | BeefWellington wrote: | IME Firefox does this when the OS updates packages that Firefox | depends on and/or changes FF version. I can't speak to Ubuntu | specifically but I've seen the same behavior on Arch and Fedora | and it's always around OS updates that I've triggered manually. | mlvljr wrote: | pxc wrote: | On Windows, Firefox can't be updated while it's running because | the files that comprise it are locked by the running | application. | | On Linux, you can delete or replace open files, and even | running applications. Instead of updates being handled by | dozens of individual updaters that coordinate closely with each | app so that updates happen between restarts, updates happen in | the background without really coordinating with running apps. | | Sometimes, after Firefox has been updated, there's some kind of | incompatibility between the old running binary and the new | assets (internal JS, CSS, and idk what else). In that case, | Firefox _can 't_ open new tabs because you're still running the | old binary, which doesn't work with the new assets which have | been installed, or which is looking for old assets that it | opens dynamically at runtime that are simply no longer present | on your disk. | duped wrote: | It's explained here pretty well: | https://bugzilla.mozilla.org/show_bug.cgi?id=1492023 | | My reading is that if your package manager updates FF on disk | while it's running, it can no longer guarantee that new tabs | can be created safely, since creating a tab requires spawning a | child process and the parent was created with an executable | that no longer exists/knows anything about the executable it | needs to use when spawning. | | It is super annoying and I feel like there are some obvious | fixes. I'm also not 100% sure why it only happens on Linux (it | updates fine on Windows and MacOS while running right?) | AndrewDucker wrote: | On Windows it downloads the updater in the background and | then executes it when you next restart Firefox. | | (At least, as far as I can tell) | Saris wrote: | On windows it just doesn't do the update until the browser is | closed. It's odd that they don't have the same behavior on | linux. | tinus_hn wrote: | Not an excuse but that wouldn't work on a multi-user system | of course. | | The solution is to version the files and keep the old | versions until the processes are closed. As Windows | enforces because it doesn't allow you to delete files that | are in use. | duped wrote: | On Windows applications control their updates, on Linux | distros the updates can be triggered externally by the | package manager. | | Or at least, you get an error if you try and modify an | executable that is currently being used by a process on | Windows. | hcs wrote: | You can get that behavior if you install Firefox from a tar | [1], Firefox will then manage its own updates the same as | on Windows (though the user running Firefox will need to | have permissions to modify the files, which may be risky). | | But if you install it through apt or some such package | manager, the PM is doing the updates, and it doesn't take | into account that Firefox is running. | | [1] http://archive.mozilla.org/pub/firefox/releases/latest/ | READM... has instructions for getting a release tar. | AnIdiotOnTheNet wrote: | Pretty sure that's exactly how it works in the FlatPak | version. | ilyt wrote: | From what I can see the bug is about _packages_ , not _snaps_ | | Package is multiple files app needs replaced, so you have old | app getting the files replaced under it during upgrade, | that's why restart is needed. | | In case of snap there is layer between, the "snap" is just a | blob that is mounted by a daemon that then runs app off it. | | If you just move/delete old snap the daemon should _just_ be | accessing old one till the app stops | compsciphd wrote: | I'll just reference my rant from a month and a half ago - | | https://news.ycombinator.com/item?id=33275206#33277156 | azornathogron wrote: | The article mentions Snap, AppImage and FlatPak, but there is | also a much older system called 0install (zero install) that was | started in 2003 or so [1]. | | I wonder why that never took off. | | [1] https://zero-install.sourceforge.net/roadmap.html (note this | is the old website; the new website is https://0install.net - | looks like it's still getting releases in October this year) | moffkalast wrote: | Oh snap | exabrial wrote: | This a "feature not a bug". | alkonaut wrote: | Why would Snap _kill_ the running application when the update is | pushed? Any system for self-updating applications needs to | install the new version side by side with the existing one | anyway. So what's the reason for terminating the running | instance? | userbinator wrote: | They've adopted Microsoft's approach of trying to hold users on | a leash and beat them into submission. | alkonaut wrote: | Microsoft's self updating desktop apps (Teams etc) switch | silently on restart. Unsure about their store apps but I | imagine it's the same thing. | | With older windows desktop apps which install to privileged | locations like %programfiles% it's more complex. | | But that's the point: snap is a new system. It should be well | designed because of it, and be on par with "modern" install | systems. It feels strange if they restart for no reason. And | it feels equally strange if they have a design that requires | it. | SQueeeeeL wrote: | This is a very narrow perspective coming from someone who gets | forced to use snap to install very specific packages, but snap | always kind of gives off... I'm not sure how to verbalize this | other than "bad vibes", especially compared to it's package | management competition in aptitude. Is this a common experience | or am I crazy? | ProAm wrote: | I agree. I understand why they are doing it, but I dont feel | good using it. It has me wanting to switch to Fedora for no | other reason beyond it makes me feel like my computer isn't my | computer anymore. | kelnos wrote: | I think the bad vibes come from the fact that Snap is a | proprietary, walled-garden system owned by Canonical. The | server is not open source, so no one else can run their own | Snap Store. | | It's antithetical to pretty much everything about what we think | of as a "Linux distro". | | I would absolutely never run Ubuntu or install Snap because of | this. I'll stick with Debian, thanks. | Darmody wrote: | I think it's not only that. In my opinion is also about how | Canonical handles everything. Everyday they look and act more | like Microsoft. Empty words to sell you something, to | convince you they're better. | | You can't really act like Microsoft with people that are | using your OS because they ran away from Microsoft and expect | them to shut up. | geekbird wrote: | Worse, they lock down and make their standard UI not able | to be customized, and keep "deprecating" standard UI tools | and configs in favor of some junior intern's idea of how | real users "should" work. This sucks, and is why I won't | run Ubuntu on any desktop. If I wanted to be told how to | use a desktop by an OS, I'd get a f'ing Windows box or a | Mac. | | I use Linux because I can configure it to work the way I | want. If they take that away, they are just another | proprietary pile of shit. | account-5 wrote: | And Apple. | matkoniecz wrote: | For example `sudo apt update && sudo apt upgrade` CLI log | now includes an ad | | see https://bugs.launchpad.net/ubuntu/+source/ubuntu- | advantage-t... | | It advertises some Commercial product by Canonical and | /r/linux subreddit. | rpgmaker wrote: | Didn't know it had gotten that bad. I stopped using it | when it was clear the desktop was no longer a priority | for them. Not blaming them since they're a private | company but with so many alternatives there's no need to | use a second class Linux "desktop". Fedora is more than | great imho. | Mikeb85 wrote: | > Snap is a proprietary, walled-garden system owned by | Canonical. | | How do you figure? It's all open source, you can easily see | it on GitHub... I know Ubuntu hosts snaps on their servers, | but every distro does that. What's the proprietary part? | pxc wrote: | The server itself is proprietary and the Snap client is | hardcoded to point to Canonical's servers (repos are not | configurable). | | There have been proof-of-concept server implementations by | third parties, and some of those have been open-source. But | IIRC none of them are maintained or used anywhere. | | It could be worse, but at the end of the day it still just | seems like a controlling, proto-monopolistic design | compared to something like Flatpak, or to any traditional | package management repos on Linux. | Mikeb85 wrote: | > The server itself is proprietary and the Snap client is | hardcoded to point to Canonical's servers (repos are not | configurable). | | So fork it and change the code. This isn't the definition | of "proprietary". There's still nothing stopping people | from having their own snap store except a lil effort. | pxc wrote: | A client/server application where the server is | proprietary isn't really a free software application as | far as I'm concerned, even if the server is easy to | clone. -\\_(tsu)_/- | | I expect better from 'open-source' in my personal | computing life, and competitors seem happy to deliver it. | If that makes me fussy, oh well. | VWWHFSfQ wrote: | snap is the naggiest thing in my computer. it seems like | almost every day it's popping up notifications that snap | store needs to do something and that I have like 4 days left | and then I click on the notification and nothing happens. I | have no idea what to do. why is desktop linux still such a | piece of crap | nequo wrote: | Snaps are annoying. But Ubuntu is not the same as desktop | Linux. Some alternatives: Linux Mint,[1] Fedora[2] or | Silverblue,[3] Pop!_OS.[4] | | [1] https://en.wikipedia.org/wiki/Linux_Mint | | [2] https://en.wikipedia.org/wiki/Fedora_Linux | | [3] https://en.wikipedia.org/wiki/Fedora_Linux#Silverblue | | [4] https://en.wikipedia.org/wiki/Pop!_OS | entropicdrifter wrote: | THIS! I run Mint 21 on my main PC with the Liquorix | kernel (for game performance and desktop responsiveness | under load), and it's everything I want out of a Linux | distro. More stable and easy to maintain than Arch or | Manjaro, more open than Pop!_OS, and just as intuitive as | Ubuntu without any Snaps. | matkoniecz wrote: | > why is desktop linux still such a piece of crap | | Snap infestation is highest in Ubuntu - so I am planning to | switch to some alternative (and due to other Canonical | excesses like ads in CLI system tools). | | My current candidates are Debian and Pop!OS. | rpgmaker wrote: | Try Fedora. I used to be an ubuntu guy, changed to Fedora | KDE years ago and never looked back. | entropicdrifter wrote: | Consider Linux Mint as well. It's about as close to | "Ubuntu without Snaps" as you can get while still having | a separate community and dedicated devs. | barnabee wrote: | Snap was what made me switch back to Debian from Ubuntu. In the | process I discovered that every issue and friction that had got | me to try Ubuntu initially has been more than adequately solved | by Debian now. | | IMO Debian is by far the saner distribution these days and | there's no reason at all to use Ubuntu for most people. | vdfs wrote: | Debian is good if you don't want up to date browsers, the | only shock i had when i tried Debian after this snap fiasco, | ironically that's among things snap is trying to solve (quick | updates) | barnabee wrote: | I have been completely unaware of which Firefox version my | Debian machines are on and have noticed no issues | whatsoever. | | I guess I don't want up to date browsers. | vanous wrote: | >Debian is good if you don't want up to date browsers, the | only shock i had when i tried Debian after this snap | fiasco, ironically that's among things snap is trying to | solve (quick updates) | | You mean Debian stable. But you have a choice, you can | select testing or unstable, which gives you newer software. | yyyk wrote: | Debian Testing has a problem: It doesn't get security | updates directly like stable/backports or unstable, it | waits for a package to be promoted from unstable which | can make it sometimes less up to date then stable... e.g. | you can be stuck on an old firefox-esr with known | vulnerabilities for a good while, especially if firefox- | esr itself had a major version update which it does every | year. | mort96 wrote: | Debian Testing only has Firefox ESR, currently version | 102. Unstable has Firefox 104, which was released in | August and is 3 releases behind... | geekbird wrote: | Not everyone needs bleeding edge. | mort96 wrote: | Sooo... Debian is good if you don't want up to date | browsers. | 2b3a51 wrote: | Debian stable users who _did_ want latest Firefox could | download the binaries from Mozilla. Just unpack and run | from e.g. home directory or perhaps copy to /opt/ | | https://www.mozilla.org/en-GB/firefox/all/#product- | desktop-r... | pxc wrote: | Just install Firefox via Nix or Guix or Flatpak. Not all | ancillary package managers are as terrible as Snap. | geekbird wrote: | Or just get the .deb binaries from Firefox, and install | them with apt/dpkg. | | There is no real need for "ancillary package managers", | and all they do is complicate system maintenance. | pxc wrote: | Running an out-of-date browser is a security concern, is | it not? Does Debian have a policy where they'll just | backport the latest non-ESR from Unstable whenever a new | 0-day is discovered? If they do and they're quick about | it, I guess it's more a matter of personal preference. | | Anyway, using Guix, Nix, or Flatpak is definitely a | better idea than installing standalone debs for a | different version of Debian than you're running, where it | may be built against libraries that aren't part of your | distro. | | If you want to use the Debian package from Sid on | Testing, better to rebuild it from source. openSUSE's | public instance of the Open Build Service is a convenient | way to manage keeping a repo for that up to date. But | that definitely complicates system maintenance, too! | yyyk wrote: | ? Unstable has 107: | | https://packages.debian.org/sid/firefox | macns wrote: | what? can you be more specific? I'm using debian as my | daily desktop and firefox and I've never ever had issues | with anything, especially the web browser. I'm also staying | away from fancy new things like snap. I've always managed | to get everything I wanted either using apt or dpkg. | | Can you please give an example of an application you needed | available only as a snap? | mort96 wrote: | What version of Firefox do you have installed? The up to | date version is 107, released almost half a month ago. If | you're on 106 or earlier, you're not running an up to | date browser. | | Which might be fine! If that's the kind of system that | works for you. | yamtaddle wrote: | Nah. None of the three big similar solutions to this (AppImage, | Flatpack) feel _quite_ like they 're the right way to do this, | but Snap manages to feel distinctly more-wrong than the others, | without any accompanying unique benefits to offset that. | geekbird wrote: | As a sysadmin, I loathe "Snap". | | There are two main packaging systems for Linux that are well | known and usable. You can also use standard config management | software to roll out configs for each package. Snap is a | solution in search for a problem by people who are too lazy to | use standard packaging that has been in existence for decades. | | Listen up kids: "New" is seldom "better" when it comes to | system tools. Put your creativity to applications, not trying | to reinvent the wheel with "new" packaging systems. | | Snap is a bloated mess, and we wish is was not on any system we | administer. | kunwon1 wrote: | I don't think you're crazy. | | My main gripe with Snap the last time I evaluated the system | was that they will not let you disable automatic updates, as a | matter of policy [1] | | I do not know if this is still the policy 5 years later | | [1] https://forum.snapcraft.io/t/disabling-automatic-refresh- | for... | jacquesm wrote: | They do now, see upthread. | wing-_-nuts wrote: | I despise snap. There's a reason why we use apt / yum / pacman | or whatever, and that's because traditional package management | works. | | When I install something through snap or flatpack, invariably | it starts slower, has worse performance, is much more bloated | and is generally a much more janky experience than just getting | it from the apt repo. Snaps are _the_ number one reason why I | use popOS or mint over ubuntu. | geekbird wrote: | IMO Snap is nothing more than bloatware designed as a resume | building project by newby programmers. | stillkicking wrote: | One thing I find funny is the problem of data loss. On macOS, | it's been the norm for years that applications retain their state | when quit and re-opened, including unsaved documents. | | While weird when introduced, in hindsight this is exactly the | right behavior, because it is the most user-friendly and it makes | e.g. software updates a non-issue. Even apps like iTerm can be | updated and restarted in-place, retaining all the sessions. | | It's a testament to how bad Linux UX still is that this sort of | idea is not only utterly alien, but instead some developers | thought it was acceptable to kill running apps outright. | pxc wrote: | > Even apps like iTerm can be updated and restarted in-place, | retaining all the sessions. | | iTerm doesn't retain sessions at all. It just presents a facade | resembling preserved sessions. Close iTerm2 while you have a | tmux session open, or some SSH connections, or any long-running | command. Those sessions and their processes die when you close | iTerm. | | Maybe iTerm can approximate some of those things if iTerm is | actually running the whole show, i.e., iTerm mediates launching | your tmux sessions and your SSH connections. But imo those | features are underwhelming and oversold. | boppo1 wrote: | I use Xubuntu and snap just gets in my way. With Apt everything | is transparent and 'just werks' or at least indicates what to | fix. Snap has been the opposite in my experience and especially | seems to make program interop more difficult. | | It seems like Canonical said "Apple and Microsoft have (painful) | app stores that cater to the non-technical, we need one too!" | noasaservice wrote: | Reminder for you Ubuntu(and XUbuntu and KUbuntu) people: | | Snap is closed source garbage ware, with MS Windows forced | updating and the terribleness of being 10x slower.... | | So here's how to "Snap-Off" your system | https://haydenjames.io/remove-snap-ubuntu-22-04-lts/ | INeedMoreRam wrote: | I desnapped my Kubuntu machine successfully per those | instructions. | psanford wrote: | This is one of the main reasons I've switched from Ubuntu to | NixOS. | wging wrote: | PopOS also doesn't use Snap -- that's one of the reasons I like | it. | gjsman-1000 wrote: | I used Ubuntu since 11.04. I abandoned it for Fedora. | | Everything about Ubuntu now is seemingly defined by a spirit of | defiance from Fedora. They borrow PipeWire and SystemD, but | uglify GNOME, replace Flatpak with Snap, and use *.deb instead of | *.rpm. Otherwise it feels mostly the same. | | I looked at the Fedora ecosystem and... it's basically just like | Ubuntu's point versions, and instead of an LTS every 2 years, you | get one every 5 years and it's called Rocky Linux / AlmaLinux. | Why pick Ubuntu instead of (basically) upstream? I'll pick the | same thing with prettier GNOME and Flatpak instead of the weird | mystery lump Ubuntu is now. | vbezhenar wrote: | Fedora is hardly better. I spent days figuring out how to | install Fedora without Gnome junk, packagekit and other stuff I | don't need. | | Auto updates must die in hell. I must be the only one on my | system who issues `dnf upgrade`. | geekbird wrote: | IMO dnf is ridiculous newfangled garbage too. Why do people | keep reinventing the wheel when it comers to package | managers? Apt for .deb and yum for .rpm work fine, manage | dependencies, and Just. Plain. Work. without f'ing up the | system with autoupdates and bloatware. Seriously, an open | source project is not for junior programmers to push their | resume driven development on the rest of the community. | macksd wrote: | >> Why pick Ubuntu instead of (basically) upstream? | | "Upstream" for Ubuntu is more like Debian, which is the basis | for MANY distros (much like Red Hat - founded around the same | time as Debian - and the .rpm ecosystem is a significant core | component of many systems including current versions of SuSE, | etc.). Ubuntu has traditionally been a slightly more newbie- | friendly / commercial-friendly version of Debian. I don't think | many of the changes you're describing were really trying to | defy Fedora, especially not the choice to use .deb over .rpm. | | That said, I did use Fedora for a while when Ubuntu started | messing with Gnome a lot and I found it very refreshing, easy | and reliable. It's a great distro, but the relationship between | the two is absolutely not "upstream" and "downstream". | pxc wrote: | What they mean is not 'upstream' with respect to distro | tooling, but Fedora's closer relationship to the upstream | components of the stack desktop stack (GNOME, PipeWire, | SystemD, etc.), which are often entirely or in part | maintained by Fedora contributors or Red Hat employees, etc. | | The 'defiance' they're talking about are the projects that | Canonical has developed, often in secret, which are or were | essentially alternatives/competitors to the components of the | Linux free desktop stack which have been developed in the | open, often at Red Hat and developed on Fedora. | | The cases that come to mind are: - Unity vs. | GNOME 3 - Upstart vs. Systemd - Mir vs. Wayland | - Snap vs. Flatpak | | The Canonical entries all appear as sort of NIH latecomers, | whereas their competitors have generally been developed in an | upstream-first, 'release early' kind of way. In each case, | the tech opposite Canonical's has been shipped on Fedora, | before eventually becoming the default in Ubuntu anyway. | (Snap has yet to go.) | cesarb wrote: | > Upstart vs. Systemd | | Upstart is older than systemd. The famous blog post which | originally announced systemd | (https://0pointer.de/blog/projects/systemd.html) explicitly | mentioned upstart as an already existing alternative, and | dedicates several paragraphs to describing the differences | between both. | pxc wrote: | That's a useful thing to remember! Thanks for pointing it | out. | robertelder wrote: | Since we're on the topic of snap updates: | | A couple weeks ago I was working away in the terminal when all of | a sudden, my USB camera turned on and its light started flashing | at me indicating something had just started interacting with my | webcam. I immediately assumed "Oh, that's probably just some | hackers watching me through my web-cam.", so I looked through | /var/log a bit and noticed that it had just re-detected all USB | devices and two new users had just been added to my system: | snapd-range-12345-root:x:12345:12345::/nonexistent:/usr/bin/false | snap_daemon:x:12345:12345::/nonexistent:/usr/bin/false | | Does anyone know what these new users are for, and why they were | added just now instead of at install time? I googled a bit, but | couldn't find any recent news about it. | numeromancer wrote: | It was the hacker known as "Canonical". | danbmil99 wrote: | I struggled mightily with Firefox's tendency (on Ubuntu) to | suddenly and (at least until recently without any notice) tell me | "Firefox must restart right now, and will make a feeble/futile | attempt to restore your pages". Terrible, terrible UX. | | Finally, I just uninstalled the snap version and | downloaded/installed the .deb manually. So far so good -- I guess | some day I might get hit with a security problem or some must- | have feature, but at least I don't randomly have to restart | Firefox every few weeks without prior notification. | asddubs wrote: | you can use this ppa to keep it updated | | https://launchpad.net/~mozillateam/+archive/ubuntu/ppa | FullyFunctional wrote: | Thanks, but personally I don't want a workaround. I want a | distribution that does the right thing. I have used Ubuntu | for decades and use it everywhere. I hate to have to change, | but as always, good things don't last. | 0cf8612b2e1e wrote: | I think you can point a direct line to that behavior and me | installing PopOS. A web browser is my most used application and | Ubuntu thinks they have the right to effectively crash it | unexpectedly. | ilyt wrote: | They took thing people hated in windows update and ported it | to ubuntu lmao | dessant wrote: | It's also alarming that GNOME extensions are updated in the | background without user interaction, and the feature cannot be | disabled. These extensions are not sandboxed, can run arbitrary | commands, and have access to the entire system. Extensions are | practically a backdoor for the entire GNOME user base that can be | accessed by compromising the update server. | | https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/2514 | Barrin92 wrote: | Personally I don't have an issue with the auto-updates and like | them quite a lot. It automates something away that I do by | routine anyway. If the default switched to making holding updates | back explicit that would be a big improvement in my book. In | particular from a security perspective. | matkoniecz wrote: | Snaps also create extreme litter in filesystem, some programs | like Firefox are broken in confusing way by updates (new tabs are | crashing without explanation, part of old tabs crashes), some | programs like Telegram were completely broken at some pint in | highly confusing ways... | | Also, as mentioned by others - Snap is a proprietary, walled- | garden system owned by Canonical. | dstein9 wrote: | What made me drop snaps is it wouldn't let me access files | outside of $HOME no matter what I tried, and the snap decided I | was running Gnome instead of KDE no matter what I tried, going | back to the .deb worked perfectly. | edgyquant wrote: | Yet another sketchy and unprofitable company that has been | subsidized so that it can act as the intermediary for human | (teenage really) discussion. | 83 wrote: | Ubuntu Snap (package management). Not Snapchat | smallerfish wrote: | I had "Ubuntu" in the title of my HN submission originally | for this reason, but HN admins changed it (I guess to line it | up with the blog post). | [deleted] | avg_dev wrote: | hmm... https://snapcraft.io/docs/keeping-snaps-up-to-date | | > Snaps update automatically, and by default, the snapd daemon | checks for updates 4 times a day. Each update check is called a | refresh. | | i don't know when that line made it into the docs. i could be | wrong but i actually thought that being evergreen was one of the | selling points of snaps, and was advertised early on. | | an edit: sorry upvoters - i went ahead and read the article now. | i actually believe now that the article author has a point. to | summarize: while it will display a notification to the user about | two weeks ahead of time, announcing that an update is scheduled | and that the user should close the app to avoid disruptions (the | author has some valid complaints about this notification, i | think), at the end of the period, the app will be killed - | potentially causing unsaved data to be lost - and updated. i | believe in many cases this behavior is undesirable. it probably | should be discussed and a better alternative proposed. | | i do take issue with the author's vehemence against (and manner | of expressing such for) the notification, but i suspect i would | be quite angry too if i were either an application maintainer | fielding complaints about something that i didn't break, or a | user who was angry to have lost some data. | kelnos wrote: | Sorry, not familiar with how you're using that term. What do | you mean by "being evergreen" in this context? | avg_dev wrote: | no need to apologize. evergreen in this case means | "perpetually self-updating". | | i celebrate sharing this knowledge with you today :) | | https://xkcd.com/1053/ | [deleted] | mkasberg wrote: | The way Snap updates packages caused some problems with Firefox | on recent versions of Ubuntu - I wrote a blog about it: | https://www.mikekasberg.com/blog/2022/03/21/how-to-fix-firef... | Perhaps this update mechanism was part of the solution to some of | those problems... | signaru wrote: | For those who are getting their Firefox messed up, the binary | from the Mozilla site works just fine and is far more respectful. | | I'm using Mate 22.04 LTS. A few settings has to be done to | disable updates behind your back, but at least these settings | persist, unlike when I was using Snap or whatever it was I | managed to install via apt (I think it still eventually reverted | to Snap). There was also the issue that the Snap version disables | some extensions (sure they are potentially dangerous, but that | risk is for me to take). | | Now, I just manually update Firefox at convenient times via the | Help -> About menu. | mxmlnkn wrote: | That's also the solution I use. Especially because I have | multi-rows set up in Firefox and each update breaks this. | | Plus, when installing the binaries manually, you can also apply | some "hidden" settings by creating a distribution/policies.json | file inside the firefox installation folder. This is what mine | contains: { "policies": { | "DisableAppUpdate": true, "DisableFeedbackCommands": | true, "DisableFirefoxAccounts": true, | "DisableFirefoxStudies": true, "DisablePocket": true, | "DisableSetDesktopBackground": true, | "DisableTelemetry": true, "NoDefaultBookmarks": true | } } | | It's kinda sad how many settings you have to configure not only | here in order to not be nagged constantly. It's like you are | fighting against your tools. | geekbird wrote: | That's why I hate Snap. In Linux, unlike Windows or Mac, I | should not have to fight my tools in order to configure a | system the way I want it. Yet Ubuntu makes me do it every | goddamn time for anything on the desktop, between snap and | their nasty "Unity" desktop. | kelnos wrote: | I don't really have a problem with this in general, if a few | rules are followed (that Canonical/Snap have apparently not even | remotely bothered to address): | | 0. First off, the user should have to opt in to automatic | updates. This should never be forced. | | 1. The update should never cause unsaved work to be lost. This | means that the auto-updater should never kill the application | unless it knows that it can start back up in exactly the same | state before it was killed. Some apps will do this normally (some | requiring configuration first), like Firefox, but others cannot. | That's actually something I think apps should be required to | have: there should be a standardized "snapshot-kill-restart" | interface (perhaps some DBus thing) that allows for this. The old | X11 session management system was designed for this, but in | practice implementations are always buggy to some extent. | | 2. The app should be restarted after being updated, especially if | it's happening in the background outside of user control. | | 3. The app should never be killed while the user is present and | doing something. It should only happen while the machine is idle. | If there's never an opportunity for that (say, the user always | puts the computer to sleep rather than leaving it idle), then the | update mechanism must resort to popups that _ask for consent_ to | do the update right then. The consent should only last for that | single instance. | | 4. Updates can't ever break things. Auto updates should be | reserved for security and critical (like data-loss) bugfixes | only. All other updates should be voluntary. (I'd reluctantly | make an exception for the case where there are security issues | that need to be fixed, but it's not possible to backport those | fixes, so a "security update" becomes a straight version update. | Nothing is perfect.) A big part of why users don't like automatic | updates is because they break things or remove features too | often. Stop doing that, and users will start to trust the auto- | update mechanism again. (And point #0 will stop being an issue: | users will be happy to enable auto-updates. And maybe at some | point I'd even drop #0 and think it's ok for vendors to enable | auto-updates by default.) | | Regarding killing apps that need to be updated, most do not need | to be killed at all, and can be safely updated underneath the | running instance. Yes, there would need to be some mechanism to | ensure the OS has paged all of the executable into memory (don't | want "Text file busy" errors when trying to overwrite binaries), | but this doesn't feel like a huge deal. Some apps _do_ need to be | restarted, as they dynamically load and unload UI resources from | disk as the user uses the app, and those files changing | underneath a running instance would cause problems. | | If this was an unpaid, volunteer project, I could certainly | understand that the auto-update process would be unpolished and | not the best. But Snap is owned by Canonical, and if they're | serious about this, they need to get their shit together and | actually focus on UX... ironic, since that was originally the | entire point of the company in the first place: make a Linux | distro with a polished UX that non-techie people would feel | comfortable using. | JonChesterfield wrote: | Your set of rules, while reasonable, bear no apparent | similarity to how Ubuntu is implemented. In particular it's | moderately involved to disable the automated updates and seems | to change each time I go through it. | chazeon wrote: | This sounds exactly like Canonical's doing these days. | | Recently found I was asked to teach a workshop to help student | use Kenya's KENET vlab, it is a vm platform from Kenya's | education network, to run our program. | | Their system have some prebuild image for us to use including | Ubuntu. Probably because of lacking of fund, their vms are low- | performance QEMU-based machines. | | I fired up Ubuntu vm and find: | | 1. `snapd` running constantly in the background and eating up a | lot of memory. So the first thing I have to do is to stop snapd. | | 2. `unattended-upgrades` keep running. I guess is their internet | not good so it seems it runs for a long time and keep eating | bandwidth and cpu. | | Things like these keep making me loosing faith on Ubuntu. | | I remember the name Ubuntu borrowed its root from African | language, but it seems their system are not so friendly to the | users (including students, educators) from African countries. | kkfx wrote: | Snaps, Flatpacks etc are tools needed to push commercial CRAP in | FLOSS systems. Period. | | The present "sorry state of packaging", largely due to the sorry | state of storage (filesystems) stuck in the '80s in the _bad_ | sense of being simply largely obsolete for today 's needs can be | partially surpassed by NixOS/Guix model, witch is a FLOSS | packaging model. | | Snaps and co on contrary are needed to push distro to irrelevance | and allow closed source crapware, mostly filled up with outdated | dependencies and horrendous hacks to speed up delivery times by | some underpaid and under-competent developer, still fail to prove | ANY other realistic purpose. | | Really: try to honestly weight their ideas and tell different | conclusions if you can find something else. | | At first they say "we do compartmentalize anything for safety", | than "ah, yes, we can't really isolate stuff because if you want | just to open a damn pdf downloaded from a modern WebVM improperly | named browser for legacy reasons you can't, so we start punching | holes here and there" and thereafter even the effectiveness of | formal isolation was depicted as not really safe. | | Then/aside another justification came up: pushing fresh software | to distros who do not have manpower for quick enough maintainers. | The actual snap store prove the contrary: most snaps are outdated | and full of outdated deps, with potentially unpatched security | vulnerabilities, of course. | | Oh, of course they can't package anything than apps, since | kernel/userland can't be in a snap, so they need anyway a | secondary packaging systems. | bvhvhfcgxfdf wrote: | How is it different from Google forcing everyone to upgrade | Chrome? | [deleted] | signaru wrote: | I use both browsers on Ubuntu and Chrome never caused me any | unpleasant update interruptions. The Firefox binary from | mozilla.org is far less invasive, btw. | kelnos wrote: | Do they, though? I use Firefox, but my understanding is that | Chrome just puts a button in the corner of the window that you | can click to restart and install the updates, but it doesn't | ever force you to do it, and you could conceivably continue | running that way for as long as you want (well, until you end | up rebooting the computer for whatever reason). I could be | wrong, though. | nanna wrote: | Installed Ubuntu on a friend's laptop last weekend. Today her | Firefox wouldn't open because snap was reporting it couldn't | update it because it was already running. She restarted computer, | same problem. She asked if she can "delete" snap. | | I'm a debian person, so not sure. Can she? | usr1106 wrote: | snap can be uninstalled. But then she needs Firefox from | another source, there is no official .deb package any more. | There is also the risk that some update or package installation | will pull in snap again. Doable for a technical user who only | runs apt from command line and always reads the dependencies | before answering yes. Not suitable for non-technical users. | jgneff wrote: | You can now completely disable automatic updates of Snap | packages. [1] | | [1] https://snapcraft.io/blog/hold-your-horses-i-mean-snaps- | new-... | jacquesm wrote: | Give this man a medal. Thank you. | | To update to this version use: snap refresh | --channel=edge snapd snap refresh --hold | | to get rid of automatic updates. | smallerfish wrote: | Yeah I mention this towards the end of my rant (in the | article) but it's a) not available yet and b) not clear | whether it'll actually notify you when there are updates to | be made. I'm guessing it expects you to unhold at some point | to get "refreshes". | jacquesm wrote: | I'm fine with that. Nothing drives me more mad than to be | in the middle of an interview taking notes and then | suddenly land in an endless loop of being forced to restart | my browser. It's not like some of us don't have work to do | while we're in the browser and the utter disrespect by the | designers of this crap to the detriment of their users is | baffling. This is one thing where commercial software has | something of an edge over FOSS: you can't even threaten to | withhold your $ if they misbehave. Power to the user. | AnIdiotOnTheNet wrote: | Canonical watched this exact same shit play out with Microsoft | and Windows yet decided to do the exact same thing. Mind | boggling. | loloquwowndueo wrote: | The UX can definitely be improved but the vitriol against this | snap feature is puzzling, since the core of it (what in snap | jargon is called "refresh awareness") was implemented | specifically because the alternative (silently updating the app | from under the user which resulted in strange bugs, crashes and | other problems) was pretty undesirable. In essence refresh | awareness was added at users' behest :) | asdajksah2123 wrote: | Neither approach is necessary. There are other approaches which | work just fine. | | Ubuntu does not get credit from going from the worst option | possible to the next worst option possible. | quercusa wrote: | As mentioned in the article, the instructions are just plain | misleading/wrong. Shutting down the app does not cause a | refresh. Shut down and restart and you'll get another pop-up in | 6 hours. | sockaddr wrote: | I was struggling with this annoyance recently and today decided | to finally uninstall the snap. The "close now" is super annoying. | | I ran "sudo apt install firefox" and it installed a freaking | snap! | | Today I learned that Ubuntu just decides to install snaps instead | of the apt package. | | What the hell. | oliwarner wrote: | No contest, it's awful. But you can work around it. | | https://www.omgubuntu.co.uk/2022/04/how-to-install-firefox-d... | remram wrote: | Can confirm, I uninstalled snapd the day I installed Ubuntu | 22.04 and I have been running it for months. Firefox seems to | be the only popular package that redirects to a snap (out of | my own usage this whole time, at least). | | I don't know why they did that, and I am a bit worried I will | have to abandon Ubuntu if they move more packages to snaps in | the next release. But for now all you need to do is the | workaround above for Firefox. | dublinben wrote: | You might prefer Pop! OS, which is based on Ubuntu, but uses | flatpak instead of snaps. | akdor1154 wrote: | Pop's Firefox is also a deb package fyi. | comex wrote: | Or Debian, which much of Ubuntu is derived from, and where | Firefox is still offered as a regular apt package like | always. | sockaddr wrote: | Yup. This is the same advice I've gotten from two coworkers. | Next time I'm up for a reinstall I think I'll make the jump. | poszlem wrote: | Just to add a data point, I recently went back to Linux after | spending years in the MacOS world. Installed Ubuntu out of | habit, got the _exact_ same thing happen to me (removed snap, | installed firefox through apt, got snap back) and went to Pop | OS. Could not be happier with the overall system and still | very much disgusted by what Ubuntu decided to do. | hardwaresofton wrote: | Does it do this on Ubuntu server? I'm assuming not? | ilyt wrote: | That solidifies my opinion of canonical just picking good | distro as base then going around breaking shit... | | Like... wtf ? They'd had to patch apt to even do that... | justinpombrio wrote: | Consider Linux Mint. It's based on Ubuntu, but doesn't use the | Snap Store. (And from my experience, works like a charm and is | well polished.) From the Mint description of the Snap Store: | | > The Snap Store, also known as the Ubuntu Store, is a | commercial centralized software store operated by Canonical. | | and | | > This is a store we can't audit, which contains software | nobody can patch. If we can't fix or modify software, open- | source or not, it provides the same limitations as proprietary | software. | | https://linuxmint-user-guide.readthedocs.io/en/latest/snap.h... | https://linuxmint.com/ | brainchild-adam wrote: | ilyt wrote: | I just use Debian Testing... my install is 13 years old, | after many dist-upgrades | bityard wrote: | Can confirm. Debian + desktop of choice, and everything | generally works the way I want. | digitallyfree wrote: | Debian is another option too, and is used heavily in industry | unlike Mint. I'm disliking Ubuntu more and more but it'll be | a lot of work to migrate my fleet over, all managed via | Landscape (which is Ubuntu-only). While I'm currently | trialing 22 LTS in a limited environment I'm not sure if this | is a distro I want continue sticking with in the future. | | I guess I could say the same for GNOME, but that's what my | users are familiar with. The Ubuntu and GNOME setup works | well - for now. | pkaye wrote: | Do package updates to Linux Mint soon after they come to | Ubuntu? | angry_octet wrote: | There's no easy way to ban snaps, apt will keep selecting | snapd. But you can try: https://www.tecmint.com/disable-lock- | blacklist-package-updat... | | Then install flatpak. It has chromium and Firefox. | mtlmtlmtlmtl wrote: | Flatpak is awful too. | xkcd-sucks wrote: | Shortly after the push to manage everything through snap, I set | up ubuntu server and installed docker, to support a client facing | demo involving a few containers. A few hours before the demo snap | updated docker to a version that was totally broken and there was | much embarrassment. That day I gave up on Ubuntu completely and | never looked back. | remram wrote: | On a friend's machine, Ubuntu had somehow managed to install | both the APT docker and the Snap docker. This caused the entire | disk to fill with log messages from the snap docker trying and | failing to start, since another docker was already running. | | Removing snapd is the first thing I do on any Ubuntu machine | now, whether mine or my friends'. This now requires adding a | PPA for Firefox since 22.04 but otherwise I have never had to | deal with snap again. | avg_dev wrote: | what do you use now? | xkcd-sucks wrote: | Mostly....... PopOS with KDE, lol, the 3rd party driver | installation convenience is really nice. Or plain old debian | for server stuff. | jetbalsa wrote: | Debian, Debian all the way | sneak wrote: | This means that they enable RCE, technically speaking, if the | user is not involved in the upgrade. | | Uninstalling Snap is the first thing I do on Ubuntu these days. | wging wrote: | Another reason I hated snap, when I used Ubuntu, was the | performance problems. Opening a url from the snap version of | Slack took multiple seconds! The solution to this was to nuke it | and install the .deb version. Just completely unacceptable and | embarrassing. | jrm4 wrote: | I don't like Ubuntu anymore, but not because of "how it | operates." | | More because of "how it operates, without being forthcoming about | what its new purpose is, which is not 'everybody's Linux.'" | | You're trying to be a tool to support big corporate IT. That is | _absolutely fine,_ good even. Getting more Linux in that space, | under Ubuntu 's name, seems pretty cool. | | But you're no longer "the people's choice" when you behave that | way. They're putting in big grown up restrictions and ideas and | methods of doing things, and they just need to be honest about | that. | Animats wrote: | The restart notification system is so lame that I get | notifications that the snap daemon needs to update itself and I | should close the snap daemon. Which is not something I opened. | What am I supposed to do, kill the process? | streptomycin wrote: | _Third, the notification has one call to action: shut down the | application. This application will be updated, so shut it down. | If the user closes the application, presumably that then triggers | it to be updated, right? But no: the snap updater runs on a | schedule, and it could take 6 hours for it to run again, check | whether the application is running, and then apply the update if | it's not. Is the user supposed to leave the application shut down | for up to 6 hours? How could they possibly know to do that? You | could see a user getting into a cycle (for 13 days!) where they | restart the application, and then 6 hours later the intrusive | (and apparently not suppressible) notification pops up again._ | | I thought the same thing the first time I saw it. The only | solutions are to either close Firefox and wait for several hours | for something to silently happen in the background, or Google for | the CLI command to run to update it. Really bizarre UX, I would | love to hear someone from Canonical explain why they thought that | was a good idea. Is there something I'm missing? | xahrepap wrote: | I've also been annoyed by this. I don't have it handy but I did | find the ticket where their conversation to implement this | first happened. I guess before it would just update without | notifying the user. | | The idea in that conversation was, at least what I took away | from it, that the user gets the notification and now knows at | the end of the day they should close the app and in the morning | it'll be updated! | | Seems fine on paper. But the messaging in the notification | doesn't tell me that at all. And it turns out despite all the | nagging I always forget to close things before I step away. | | I hate the execution of this feature. So much. All the nagging. | All the confusing messaging. | | On top of it all, I don't feel like snap gives me any qol | improvements in exchange. | 0cf8612b2e1e wrote: | What's most frustrating is that snap knows the entire state | of the world! They know when the application is started and | closed. Could download the update at anytime and upon closing | the old application, link to the update and delete the old | version. | ilyt wrote: | Snap format is just a single compressed file. They could | _literally_ just replace it, remove the old one and due the | way of which Linux filesystems work, any new call to app | will run the new one, but the old one would use the old | file. | | They could do it basically seamlessly, with maybe | notification only if you keep app running for days. Hell, | that's how package manager does updates, just remove old | libraries and put a new one in place, old programs will use | the old one till restart, and when last filedescriptor | closes it will be unlinked from filesystem. It sometimes | can cause problems in "normal" apps but fact snap is just a | single file removes pretty much all drawbacks of that. | | It's not just bad decisions but incompetence on top of that | AnIdiotOnTheNet wrote: | My considered opinion is that anyone at Canonical that had good | ideas left about 10 years ago. | dhd415 wrote: | Yep, this prompted me to uninstall the snap version of Firefox | that was installed by default in Ubuntu 22.04 and reinstall it | from the Standard Ubuntu repository. Score minus one for snap. | usr1106 wrote: | There is no package for Firefox in Ubuntu 22.04. The package | called firefox does not contain a browser, its just | transitional for upgrading older versions to snap. | | I started to download Firefox from Mozilla. But just because | I have not decided yet what distro to use for family | computers. Archlinux is fine for me, but not suitable for | everyone. | dinosaurdynasty wrote: | Pop OS is similar to Ubuntu and doesn't use snap. | pessimizer wrote: | Debian is boring, easy, and stable. | xg15 wrote: | Apparently forcing updates is sort of the core of Snap's | philosophy. To the point that they rather added a whole host of | config options that lets you specify various "work periods", | "postponements" and other temporarily exceptions than just give | you the ability not to update. | | See the discussion here: https://forum.snapcraft.io/t/disabling- | automatic-refresh-for... | | Edit: ...or not anymore: | https://news.ycombinator.com/item?id=33836216 ___________________________________________________________________ (page generated 2022-12-02 23:00 UTC)