[HN Gopher] Snap updates happen without user consent
___________________________________________________________________
Snap updates happen without user consent
Author : smallerfish
Score : 165 points
Date : 2022-12-02 18:58 UTC (4 hours ago)
(HTM) web link (smaller.fish)
(TXT) w3m dump (smaller.fish)
| protoster wrote:
| It's a mystery to me how Firefox updates on Ubuntu. Sometimes it
| goes through auto updates, but sometimes I'll try to open a new
| tab and it tells me that it will NOT allow me to do that until I
| restart. This is exceptionally annoying and not something that
| happens on Windows.
|
| What is this related to?
| BeefWellington wrote:
| IME Firefox does this when the OS updates packages that Firefox
| depends on and/or changes FF version. I can't speak to Ubuntu
| specifically but I've seen the same behavior on Arch and Fedora
| and it's always around OS updates that I've triggered manually.
| mlvljr wrote:
| pxc wrote:
| On Windows, Firefox can't be updated while it's running because
| the files that comprise it are locked by the running
| application.
|
| On Linux, you can delete or replace open files, and even
| running applications. Instead of updates being handled by
| dozens of individual updaters that coordinate closely with each
| app so that updates happen between restarts, updates happen in
| the background without really coordinating with running apps.
|
| Sometimes, after Firefox has been updated, there's some kind of
| incompatibility between the old running binary and the new
| assets (internal JS, CSS, and idk what else). In that case,
| Firefox _can 't_ open new tabs because you're still running the
| old binary, which doesn't work with the new assets which have
| been installed, or which is looking for old assets that it
| opens dynamically at runtime that are simply no longer present
| on your disk.
| duped wrote:
| It's explained here pretty well:
| https://bugzilla.mozilla.org/show_bug.cgi?id=1492023
|
| My reading is that if your package manager updates FF on disk
| while it's running, it can no longer guarantee that new tabs
| can be created safely, since creating a tab requires spawning a
| child process and the parent was created with an executable
| that no longer exists/knows anything about the executable it
| needs to use when spawning.
|
| It is super annoying and I feel like there are some obvious
| fixes. I'm also not 100% sure why it only happens on Linux (it
| updates fine on Windows and MacOS while running right?)
| AndrewDucker wrote:
| On Windows it downloads the updater in the background and
| then executes it when you next restart Firefox.
|
| (At least, as far as I can tell)
| Saris wrote:
| On windows it just doesn't do the update until the browser is
| closed. It's odd that they don't have the same behavior on
| linux.
| tinus_hn wrote:
| Not an excuse but that wouldn't work on a multi-user system
| of course.
|
| The solution is to version the files and keep the old
| versions until the processes are closed. As Windows
| enforces because it doesn't allow you to delete files that
| are in use.
| duped wrote:
| On Windows applications control their updates, on Linux
| distros the updates can be triggered externally by the
| package manager.
|
| Or at least, you get an error if you try and modify an
| executable that is currently being used by a process on
| Windows.
| hcs wrote:
| You can get that behavior if you install Firefox from a tar
| [1], Firefox will then manage its own updates the same as
| on Windows (though the user running Firefox will need to
| have permissions to modify the files, which may be risky).
|
| But if you install it through apt or some such package
| manager, the PM is doing the updates, and it doesn't take
| into account that Firefox is running.
|
| [1] http://archive.mozilla.org/pub/firefox/releases/latest/
| READM... has instructions for getting a release tar.
| AnIdiotOnTheNet wrote:
| Pretty sure that's exactly how it works in the FlatPak
| version.
| ilyt wrote:
| From what I can see the bug is about _packages_ , not _snaps_
|
| Package is multiple files app needs replaced, so you have old
| app getting the files replaced under it during upgrade,
| that's why restart is needed.
|
| In case of snap there is layer between, the "snap" is just a
| blob that is mounted by a daemon that then runs app off it.
|
| If you just move/delete old snap the daemon should _just_ be
| accessing old one till the app stops
| compsciphd wrote:
| I'll just reference my rant from a month and a half ago -
|
| https://news.ycombinator.com/item?id=33275206#33277156
| azornathogron wrote:
| The article mentions Snap, AppImage and FlatPak, but there is
| also a much older system called 0install (zero install) that was
| started in 2003 or so [1].
|
| I wonder why that never took off.
|
| [1] https://zero-install.sourceforge.net/roadmap.html (note this
| is the old website; the new website is https://0install.net -
| looks like it's still getting releases in October this year)
| moffkalast wrote:
| Oh snap
| exabrial wrote:
| This a "feature not a bug".
| alkonaut wrote:
| Why would Snap _kill_ the running application when the update is
| pushed? Any system for self-updating applications needs to
| install the new version side by side with the existing one
| anyway. So what's the reason for terminating the running
| instance?
| userbinator wrote:
| They've adopted Microsoft's approach of trying to hold users on
| a leash and beat them into submission.
| alkonaut wrote:
| Microsoft's self updating desktop apps (Teams etc) switch
| silently on restart. Unsure about their store apps but I
| imagine it's the same thing.
|
| With older windows desktop apps which install to privileged
| locations like %programfiles% it's more complex.
|
| But that's the point: snap is a new system. It should be well
| designed because of it, and be on par with "modern" install
| systems. It feels strange if they restart for no reason. And
| it feels equally strange if they have a design that requires
| it.
| SQueeeeeL wrote:
| This is a very narrow perspective coming from someone who gets
| forced to use snap to install very specific packages, but snap
| always kind of gives off... I'm not sure how to verbalize this
| other than "bad vibes", especially compared to it's package
| management competition in aptitude. Is this a common experience
| or am I crazy?
| ProAm wrote:
| I agree. I understand why they are doing it, but I dont feel
| good using it. It has me wanting to switch to Fedora for no
| other reason beyond it makes me feel like my computer isn't my
| computer anymore.
| kelnos wrote:
| I think the bad vibes come from the fact that Snap is a
| proprietary, walled-garden system owned by Canonical. The
| server is not open source, so no one else can run their own
| Snap Store.
|
| It's antithetical to pretty much everything about what we think
| of as a "Linux distro".
|
| I would absolutely never run Ubuntu or install Snap because of
| this. I'll stick with Debian, thanks.
| Darmody wrote:
| I think it's not only that. In my opinion is also about how
| Canonical handles everything. Everyday they look and act more
| like Microsoft. Empty words to sell you something, to
| convince you they're better.
|
| You can't really act like Microsoft with people that are
| using your OS because they ran away from Microsoft and expect
| them to shut up.
| geekbird wrote:
| Worse, they lock down and make their standard UI not able
| to be customized, and keep "deprecating" standard UI tools
| and configs in favor of some junior intern's idea of how
| real users "should" work. This sucks, and is why I won't
| run Ubuntu on any desktop. If I wanted to be told how to
| use a desktop by an OS, I'd get a f'ing Windows box or a
| Mac.
|
| I use Linux because I can configure it to work the way I
| want. If they take that away, they are just another
| proprietary pile of shit.
| account-5 wrote:
| And Apple.
| matkoniecz wrote:
| For example `sudo apt update && sudo apt upgrade` CLI log
| now includes an ad
|
| see https://bugs.launchpad.net/ubuntu/+source/ubuntu-
| advantage-t...
|
| It advertises some Commercial product by Canonical and
| /r/linux subreddit.
| rpgmaker wrote:
| Didn't know it had gotten that bad. I stopped using it
| when it was clear the desktop was no longer a priority
| for them. Not blaming them since they're a private
| company but with so many alternatives there's no need to
| use a second class Linux "desktop". Fedora is more than
| great imho.
| Mikeb85 wrote:
| > Snap is a proprietary, walled-garden system owned by
| Canonical.
|
| How do you figure? It's all open source, you can easily see
| it on GitHub... I know Ubuntu hosts snaps on their servers,
| but every distro does that. What's the proprietary part?
| pxc wrote:
| The server itself is proprietary and the Snap client is
| hardcoded to point to Canonical's servers (repos are not
| configurable).
|
| There have been proof-of-concept server implementations by
| third parties, and some of those have been open-source. But
| IIRC none of them are maintained or used anywhere.
|
| It could be worse, but at the end of the day it still just
| seems like a controlling, proto-monopolistic design
| compared to something like Flatpak, or to any traditional
| package management repos on Linux.
| Mikeb85 wrote:
| > The server itself is proprietary and the Snap client is
| hardcoded to point to Canonical's servers (repos are not
| configurable).
|
| So fork it and change the code. This isn't the definition
| of "proprietary". There's still nothing stopping people
| from having their own snap store except a lil effort.
| pxc wrote:
| A client/server application where the server is
| proprietary isn't really a free software application as
| far as I'm concerned, even if the server is easy to
| clone. -\\_(tsu)_/-
|
| I expect better from 'open-source' in my personal
| computing life, and competitors seem happy to deliver it.
| If that makes me fussy, oh well.
| VWWHFSfQ wrote:
| snap is the naggiest thing in my computer. it seems like
| almost every day it's popping up notifications that snap
| store needs to do something and that I have like 4 days left
| and then I click on the notification and nothing happens. I
| have no idea what to do. why is desktop linux still such a
| piece of crap
| nequo wrote:
| Snaps are annoying. But Ubuntu is not the same as desktop
| Linux. Some alternatives: Linux Mint,[1] Fedora[2] or
| Silverblue,[3] Pop!_OS.[4]
|
| [1] https://en.wikipedia.org/wiki/Linux_Mint
|
| [2] https://en.wikipedia.org/wiki/Fedora_Linux
|
| [3] https://en.wikipedia.org/wiki/Fedora_Linux#Silverblue
|
| [4] https://en.wikipedia.org/wiki/Pop!_OS
| entropicdrifter wrote:
| THIS! I run Mint 21 on my main PC with the Liquorix
| kernel (for game performance and desktop responsiveness
| under load), and it's everything I want out of a Linux
| distro. More stable and easy to maintain than Arch or
| Manjaro, more open than Pop!_OS, and just as intuitive as
| Ubuntu without any Snaps.
| matkoniecz wrote:
| > why is desktop linux still such a piece of crap
|
| Snap infestation is highest in Ubuntu - so I am planning to
| switch to some alternative (and due to other Canonical
| excesses like ads in CLI system tools).
|
| My current candidates are Debian and Pop!OS.
| rpgmaker wrote:
| Try Fedora. I used to be an ubuntu guy, changed to Fedora
| KDE years ago and never looked back.
| entropicdrifter wrote:
| Consider Linux Mint as well. It's about as close to
| "Ubuntu without Snaps" as you can get while still having
| a separate community and dedicated devs.
| barnabee wrote:
| Snap was what made me switch back to Debian from Ubuntu. In the
| process I discovered that every issue and friction that had got
| me to try Ubuntu initially has been more than adequately solved
| by Debian now.
|
| IMO Debian is by far the saner distribution these days and
| there's no reason at all to use Ubuntu for most people.
| vdfs wrote:
| Debian is good if you don't want up to date browsers, the
| only shock i had when i tried Debian after this snap fiasco,
| ironically that's among things snap is trying to solve (quick
| updates)
| barnabee wrote:
| I have been completely unaware of which Firefox version my
| Debian machines are on and have noticed no issues
| whatsoever.
|
| I guess I don't want up to date browsers.
| vanous wrote:
| >Debian is good if you don't want up to date browsers, the
| only shock i had when i tried Debian after this snap
| fiasco, ironically that's among things snap is trying to
| solve (quick updates)
|
| You mean Debian stable. But you have a choice, you can
| select testing or unstable, which gives you newer software.
| yyyk wrote:
| Debian Testing has a problem: It doesn't get security
| updates directly like stable/backports or unstable, it
| waits for a package to be promoted from unstable which
| can make it sometimes less up to date then stable... e.g.
| you can be stuck on an old firefox-esr with known
| vulnerabilities for a good while, especially if firefox-
| esr itself had a major version update which it does every
| year.
| mort96 wrote:
| Debian Testing only has Firefox ESR, currently version
| 102. Unstable has Firefox 104, which was released in
| August and is 3 releases behind...
| geekbird wrote:
| Not everyone needs bleeding edge.
| mort96 wrote:
| Sooo... Debian is good if you don't want up to date
| browsers.
| 2b3a51 wrote:
| Debian stable users who _did_ want latest Firefox could
| download the binaries from Mozilla. Just unpack and run
| from e.g. home directory or perhaps copy to /opt/
|
| https://www.mozilla.org/en-GB/firefox/all/#product-
| desktop-r...
| pxc wrote:
| Just install Firefox via Nix or Guix or Flatpak. Not all
| ancillary package managers are as terrible as Snap.
| geekbird wrote:
| Or just get the .deb binaries from Firefox, and install
| them with apt/dpkg.
|
| There is no real need for "ancillary package managers",
| and all they do is complicate system maintenance.
| pxc wrote:
| Running an out-of-date browser is a security concern, is
| it not? Does Debian have a policy where they'll just
| backport the latest non-ESR from Unstable whenever a new
| 0-day is discovered? If they do and they're quick about
| it, I guess it's more a matter of personal preference.
|
| Anyway, using Guix, Nix, or Flatpak is definitely a
| better idea than installing standalone debs for a
| different version of Debian than you're running, where it
| may be built against libraries that aren't part of your
| distro.
|
| If you want to use the Debian package from Sid on
| Testing, better to rebuild it from source. openSUSE's
| public instance of the Open Build Service is a convenient
| way to manage keeping a repo for that up to date. But
| that definitely complicates system maintenance, too!
| yyyk wrote:
| ? Unstable has 107:
|
| https://packages.debian.org/sid/firefox
| macns wrote:
| what? can you be more specific? I'm using debian as my
| daily desktop and firefox and I've never ever had issues
| with anything, especially the web browser. I'm also staying
| away from fancy new things like snap. I've always managed
| to get everything I wanted either using apt or dpkg.
|
| Can you please give an example of an application you needed
| available only as a snap?
| mort96 wrote:
| What version of Firefox do you have installed? The up to
| date version is 107, released almost half a month ago. If
| you're on 106 or earlier, you're not running an up to
| date browser.
|
| Which might be fine! If that's the kind of system that
| works for you.
| yamtaddle wrote:
| Nah. None of the three big similar solutions to this (AppImage,
| Flatpack) feel _quite_ like they 're the right way to do this,
| but Snap manages to feel distinctly more-wrong than the others,
| without any accompanying unique benefits to offset that.
| geekbird wrote:
| As a sysadmin, I loathe "Snap".
|
| There are two main packaging systems for Linux that are well
| known and usable. You can also use standard config management
| software to roll out configs for each package. Snap is a
| solution in search for a problem by people who are too lazy to
| use standard packaging that has been in existence for decades.
|
| Listen up kids: "New" is seldom "better" when it comes to
| system tools. Put your creativity to applications, not trying
| to reinvent the wheel with "new" packaging systems.
|
| Snap is a bloated mess, and we wish is was not on any system we
| administer.
| kunwon1 wrote:
| I don't think you're crazy.
|
| My main gripe with Snap the last time I evaluated the system
| was that they will not let you disable automatic updates, as a
| matter of policy [1]
|
| I do not know if this is still the policy 5 years later
|
| [1] https://forum.snapcraft.io/t/disabling-automatic-refresh-
| for...
| jacquesm wrote:
| They do now, see upthread.
| wing-_-nuts wrote:
| I despise snap. There's a reason why we use apt / yum / pacman
| or whatever, and that's because traditional package management
| works.
|
| When I install something through snap or flatpack, invariably
| it starts slower, has worse performance, is much more bloated
| and is generally a much more janky experience than just getting
| it from the apt repo. Snaps are _the_ number one reason why I
| use popOS or mint over ubuntu.
| geekbird wrote:
| IMO Snap is nothing more than bloatware designed as a resume
| building project by newby programmers.
| stillkicking wrote:
| One thing I find funny is the problem of data loss. On macOS,
| it's been the norm for years that applications retain their state
| when quit and re-opened, including unsaved documents.
|
| While weird when introduced, in hindsight this is exactly the
| right behavior, because it is the most user-friendly and it makes
| e.g. software updates a non-issue. Even apps like iTerm can be
| updated and restarted in-place, retaining all the sessions.
|
| It's a testament to how bad Linux UX still is that this sort of
| idea is not only utterly alien, but instead some developers
| thought it was acceptable to kill running apps outright.
| pxc wrote:
| > Even apps like iTerm can be updated and restarted in-place,
| retaining all the sessions.
|
| iTerm doesn't retain sessions at all. It just presents a facade
| resembling preserved sessions. Close iTerm2 while you have a
| tmux session open, or some SSH connections, or any long-running
| command. Those sessions and their processes die when you close
| iTerm.
|
| Maybe iTerm can approximate some of those things if iTerm is
| actually running the whole show, i.e., iTerm mediates launching
| your tmux sessions and your SSH connections. But imo those
| features are underwhelming and oversold.
| boppo1 wrote:
| I use Xubuntu and snap just gets in my way. With Apt everything
| is transparent and 'just werks' or at least indicates what to
| fix. Snap has been the opposite in my experience and especially
| seems to make program interop more difficult.
|
| It seems like Canonical said "Apple and Microsoft have (painful)
| app stores that cater to the non-technical, we need one too!"
| noasaservice wrote:
| Reminder for you Ubuntu(and XUbuntu and KUbuntu) people:
|
| Snap is closed source garbage ware, with MS Windows forced
| updating and the terribleness of being 10x slower....
|
| So here's how to "Snap-Off" your system
| https://haydenjames.io/remove-snap-ubuntu-22-04-lts/
| INeedMoreRam wrote:
| I desnapped my Kubuntu machine successfully per those
| instructions.
| psanford wrote:
| This is one of the main reasons I've switched from Ubuntu to
| NixOS.
| wging wrote:
| PopOS also doesn't use Snap -- that's one of the reasons I like
| it.
| gjsman-1000 wrote:
| I used Ubuntu since 11.04. I abandoned it for Fedora.
|
| Everything about Ubuntu now is seemingly defined by a spirit of
| defiance from Fedora. They borrow PipeWire and SystemD, but
| uglify GNOME, replace Flatpak with Snap, and use *.deb instead of
| *.rpm. Otherwise it feels mostly the same.
|
| I looked at the Fedora ecosystem and... it's basically just like
| Ubuntu's point versions, and instead of an LTS every 2 years, you
| get one every 5 years and it's called Rocky Linux / AlmaLinux.
| Why pick Ubuntu instead of (basically) upstream? I'll pick the
| same thing with prettier GNOME and Flatpak instead of the weird
| mystery lump Ubuntu is now.
| vbezhenar wrote:
| Fedora is hardly better. I spent days figuring out how to
| install Fedora without Gnome junk, packagekit and other stuff I
| don't need.
|
| Auto updates must die in hell. I must be the only one on my
| system who issues `dnf upgrade`.
| geekbird wrote:
| IMO dnf is ridiculous newfangled garbage too. Why do people
| keep reinventing the wheel when it comers to package
| managers? Apt for .deb and yum for .rpm work fine, manage
| dependencies, and Just. Plain. Work. without f'ing up the
| system with autoupdates and bloatware. Seriously, an open
| source project is not for junior programmers to push their
| resume driven development on the rest of the community.
| macksd wrote:
| >> Why pick Ubuntu instead of (basically) upstream?
|
| "Upstream" for Ubuntu is more like Debian, which is the basis
| for MANY distros (much like Red Hat - founded around the same
| time as Debian - and the .rpm ecosystem is a significant core
| component of many systems including current versions of SuSE,
| etc.). Ubuntu has traditionally been a slightly more newbie-
| friendly / commercial-friendly version of Debian. I don't think
| many of the changes you're describing were really trying to
| defy Fedora, especially not the choice to use .deb over .rpm.
|
| That said, I did use Fedora for a while when Ubuntu started
| messing with Gnome a lot and I found it very refreshing, easy
| and reliable. It's a great distro, but the relationship between
| the two is absolutely not "upstream" and "downstream".
| pxc wrote:
| What they mean is not 'upstream' with respect to distro
| tooling, but Fedora's closer relationship to the upstream
| components of the stack desktop stack (GNOME, PipeWire,
| SystemD, etc.), which are often entirely or in part
| maintained by Fedora contributors or Red Hat employees, etc.
|
| The 'defiance' they're talking about are the projects that
| Canonical has developed, often in secret, which are or were
| essentially alternatives/competitors to the components of the
| Linux free desktop stack which have been developed in the
| open, often at Red Hat and developed on Fedora.
|
| The cases that come to mind are: - Unity vs.
| GNOME 3 - Upstart vs. Systemd - Mir vs. Wayland
| - Snap vs. Flatpak
|
| The Canonical entries all appear as sort of NIH latecomers,
| whereas their competitors have generally been developed in an
| upstream-first, 'release early' kind of way. In each case,
| the tech opposite Canonical's has been shipped on Fedora,
| before eventually becoming the default in Ubuntu anyway.
| (Snap has yet to go.)
| cesarb wrote:
| > Upstart vs. Systemd
|
| Upstart is older than systemd. The famous blog post which
| originally announced systemd
| (https://0pointer.de/blog/projects/systemd.html) explicitly
| mentioned upstart as an already existing alternative, and
| dedicates several paragraphs to describing the differences
| between both.
| pxc wrote:
| That's a useful thing to remember! Thanks for pointing it
| out.
| robertelder wrote:
| Since we're on the topic of snap updates:
|
| A couple weeks ago I was working away in the terminal when all of
| a sudden, my USB camera turned on and its light started flashing
| at me indicating something had just started interacting with my
| webcam. I immediately assumed "Oh, that's probably just some
| hackers watching me through my web-cam.", so I looked through
| /var/log a bit and noticed that it had just re-detected all USB
| devices and two new users had just been added to my system:
| snapd-range-12345-root:x:12345:12345::/nonexistent:/usr/bin/false
| snap_daemon:x:12345:12345::/nonexistent:/usr/bin/false
|
| Does anyone know what these new users are for, and why they were
| added just now instead of at install time? I googled a bit, but
| couldn't find any recent news about it.
| numeromancer wrote:
| It was the hacker known as "Canonical".
| danbmil99 wrote:
| I struggled mightily with Firefox's tendency (on Ubuntu) to
| suddenly and (at least until recently without any notice) tell me
| "Firefox must restart right now, and will make a feeble/futile
| attempt to restore your pages". Terrible, terrible UX.
|
| Finally, I just uninstalled the snap version and
| downloaded/installed the .deb manually. So far so good -- I guess
| some day I might get hit with a security problem or some must-
| have feature, but at least I don't randomly have to restart
| Firefox every few weeks without prior notification.
| asddubs wrote:
| you can use this ppa to keep it updated
|
| https://launchpad.net/~mozillateam/+archive/ubuntu/ppa
| FullyFunctional wrote:
| Thanks, but personally I don't want a workaround. I want a
| distribution that does the right thing. I have used Ubuntu
| for decades and use it everywhere. I hate to have to change,
| but as always, good things don't last.
| 0cf8612b2e1e wrote:
| I think you can point a direct line to that behavior and me
| installing PopOS. A web browser is my most used application and
| Ubuntu thinks they have the right to effectively crash it
| unexpectedly.
| ilyt wrote:
| They took thing people hated in windows update and ported it
| to ubuntu lmao
| dessant wrote:
| It's also alarming that GNOME extensions are updated in the
| background without user interaction, and the feature cannot be
| disabled. These extensions are not sandboxed, can run arbitrary
| commands, and have access to the entire system. Extensions are
| practically a backdoor for the entire GNOME user base that can be
| accessed by compromising the update server.
|
| https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/2514
| Barrin92 wrote:
| Personally I don't have an issue with the auto-updates and like
| them quite a lot. It automates something away that I do by
| routine anyway. If the default switched to making holding updates
| back explicit that would be a big improvement in my book. In
| particular from a security perspective.
| matkoniecz wrote:
| Snaps also create extreme litter in filesystem, some programs
| like Firefox are broken in confusing way by updates (new tabs are
| crashing without explanation, part of old tabs crashes), some
| programs like Telegram were completely broken at some pint in
| highly confusing ways...
|
| Also, as mentioned by others - Snap is a proprietary, walled-
| garden system owned by Canonical.
| dstein9 wrote:
| What made me drop snaps is it wouldn't let me access files
| outside of $HOME no matter what I tried, and the snap decided I
| was running Gnome instead of KDE no matter what I tried, going
| back to the .deb worked perfectly.
| edgyquant wrote:
| Yet another sketchy and unprofitable company that has been
| subsidized so that it can act as the intermediary for human
| (teenage really) discussion.
| 83 wrote:
| Ubuntu Snap (package management). Not Snapchat
| smallerfish wrote:
| I had "Ubuntu" in the title of my HN submission originally
| for this reason, but HN admins changed it (I guess to line it
| up with the blog post).
| [deleted]
| avg_dev wrote:
| hmm... https://snapcraft.io/docs/keeping-snaps-up-to-date
|
| > Snaps update automatically, and by default, the snapd daemon
| checks for updates 4 times a day. Each update check is called a
| refresh.
|
| i don't know when that line made it into the docs. i could be
| wrong but i actually thought that being evergreen was one of the
| selling points of snaps, and was advertised early on.
|
| an edit: sorry upvoters - i went ahead and read the article now.
| i actually believe now that the article author has a point. to
| summarize: while it will display a notification to the user about
| two weeks ahead of time, announcing that an update is scheduled
| and that the user should close the app to avoid disruptions (the
| author has some valid complaints about this notification, i
| think), at the end of the period, the app will be killed -
| potentially causing unsaved data to be lost - and updated. i
| believe in many cases this behavior is undesirable. it probably
| should be discussed and a better alternative proposed.
|
| i do take issue with the author's vehemence against (and manner
| of expressing such for) the notification, but i suspect i would
| be quite angry too if i were either an application maintainer
| fielding complaints about something that i didn't break, or a
| user who was angry to have lost some data.
| kelnos wrote:
| Sorry, not familiar with how you're using that term. What do
| you mean by "being evergreen" in this context?
| avg_dev wrote:
| no need to apologize. evergreen in this case means
| "perpetually self-updating".
|
| i celebrate sharing this knowledge with you today :)
|
| https://xkcd.com/1053/
| [deleted]
| mkasberg wrote:
| The way Snap updates packages caused some problems with Firefox
| on recent versions of Ubuntu - I wrote a blog about it:
| https://www.mikekasberg.com/blog/2022/03/21/how-to-fix-firef...
| Perhaps this update mechanism was part of the solution to some of
| those problems...
| signaru wrote:
| For those who are getting their Firefox messed up, the binary
| from the Mozilla site works just fine and is far more respectful.
|
| I'm using Mate 22.04 LTS. A few settings has to be done to
| disable updates behind your back, but at least these settings
| persist, unlike when I was using Snap or whatever it was I
| managed to install via apt (I think it still eventually reverted
| to Snap). There was also the issue that the Snap version disables
| some extensions (sure they are potentially dangerous, but that
| risk is for me to take).
|
| Now, I just manually update Firefox at convenient times via the
| Help -> About menu.
| mxmlnkn wrote:
| That's also the solution I use. Especially because I have
| multi-rows set up in Firefox and each update breaks this.
|
| Plus, when installing the binaries manually, you can also apply
| some "hidden" settings by creating a distribution/policies.json
| file inside the firefox installation folder. This is what mine
| contains: { "policies": {
| "DisableAppUpdate": true, "DisableFeedbackCommands":
| true, "DisableFirefoxAccounts": true,
| "DisableFirefoxStudies": true, "DisablePocket": true,
| "DisableSetDesktopBackground": true,
| "DisableTelemetry": true, "NoDefaultBookmarks": true
| } }
|
| It's kinda sad how many settings you have to configure not only
| here in order to not be nagged constantly. It's like you are
| fighting against your tools.
| geekbird wrote:
| That's why I hate Snap. In Linux, unlike Windows or Mac, I
| should not have to fight my tools in order to configure a
| system the way I want it. Yet Ubuntu makes me do it every
| goddamn time for anything on the desktop, between snap and
| their nasty "Unity" desktop.
| kelnos wrote:
| I don't really have a problem with this in general, if a few
| rules are followed (that Canonical/Snap have apparently not even
| remotely bothered to address):
|
| 0. First off, the user should have to opt in to automatic
| updates. This should never be forced.
|
| 1. The update should never cause unsaved work to be lost. This
| means that the auto-updater should never kill the application
| unless it knows that it can start back up in exactly the same
| state before it was killed. Some apps will do this normally (some
| requiring configuration first), like Firefox, but others cannot.
| That's actually something I think apps should be required to
| have: there should be a standardized "snapshot-kill-restart"
| interface (perhaps some DBus thing) that allows for this. The old
| X11 session management system was designed for this, but in
| practice implementations are always buggy to some extent.
|
| 2. The app should be restarted after being updated, especially if
| it's happening in the background outside of user control.
|
| 3. The app should never be killed while the user is present and
| doing something. It should only happen while the machine is idle.
| If there's never an opportunity for that (say, the user always
| puts the computer to sleep rather than leaving it idle), then the
| update mechanism must resort to popups that _ask for consent_ to
| do the update right then. The consent should only last for that
| single instance.
|
| 4. Updates can't ever break things. Auto updates should be
| reserved for security and critical (like data-loss) bugfixes
| only. All other updates should be voluntary. (I'd reluctantly
| make an exception for the case where there are security issues
| that need to be fixed, but it's not possible to backport those
| fixes, so a "security update" becomes a straight version update.
| Nothing is perfect.) A big part of why users don't like automatic
| updates is because they break things or remove features too
| often. Stop doing that, and users will start to trust the auto-
| update mechanism again. (And point #0 will stop being an issue:
| users will be happy to enable auto-updates. And maybe at some
| point I'd even drop #0 and think it's ok for vendors to enable
| auto-updates by default.)
|
| Regarding killing apps that need to be updated, most do not need
| to be killed at all, and can be safely updated underneath the
| running instance. Yes, there would need to be some mechanism to
| ensure the OS has paged all of the executable into memory (don't
| want "Text file busy" errors when trying to overwrite binaries),
| but this doesn't feel like a huge deal. Some apps _do_ need to be
| restarted, as they dynamically load and unload UI resources from
| disk as the user uses the app, and those files changing
| underneath a running instance would cause problems.
|
| If this was an unpaid, volunteer project, I could certainly
| understand that the auto-update process would be unpolished and
| not the best. But Snap is owned by Canonical, and if they're
| serious about this, they need to get their shit together and
| actually focus on UX... ironic, since that was originally the
| entire point of the company in the first place: make a Linux
| distro with a polished UX that non-techie people would feel
| comfortable using.
| JonChesterfield wrote:
| Your set of rules, while reasonable, bear no apparent
| similarity to how Ubuntu is implemented. In particular it's
| moderately involved to disable the automated updates and seems
| to change each time I go through it.
| chazeon wrote:
| This sounds exactly like Canonical's doing these days.
|
| Recently found I was asked to teach a workshop to help student
| use Kenya's KENET vlab, it is a vm platform from Kenya's
| education network, to run our program.
|
| Their system have some prebuild image for us to use including
| Ubuntu. Probably because of lacking of fund, their vms are low-
| performance QEMU-based machines.
|
| I fired up Ubuntu vm and find:
|
| 1. `snapd` running constantly in the background and eating up a
| lot of memory. So the first thing I have to do is to stop snapd.
|
| 2. `unattended-upgrades` keep running. I guess is their internet
| not good so it seems it runs for a long time and keep eating
| bandwidth and cpu.
|
| Things like these keep making me loosing faith on Ubuntu.
|
| I remember the name Ubuntu borrowed its root from African
| language, but it seems their system are not so friendly to the
| users (including students, educators) from African countries.
| kkfx wrote:
| Snaps, Flatpacks etc are tools needed to push commercial CRAP in
| FLOSS systems. Period.
|
| The present "sorry state of packaging", largely due to the sorry
| state of storage (filesystems) stuck in the '80s in the _bad_
| sense of being simply largely obsolete for today 's needs can be
| partially surpassed by NixOS/Guix model, witch is a FLOSS
| packaging model.
|
| Snaps and co on contrary are needed to push distro to irrelevance
| and allow closed source crapware, mostly filled up with outdated
| dependencies and horrendous hacks to speed up delivery times by
| some underpaid and under-competent developer, still fail to prove
| ANY other realistic purpose.
|
| Really: try to honestly weight their ideas and tell different
| conclusions if you can find something else.
|
| At first they say "we do compartmentalize anything for safety",
| than "ah, yes, we can't really isolate stuff because if you want
| just to open a damn pdf downloaded from a modern WebVM improperly
| named browser for legacy reasons you can't, so we start punching
| holes here and there" and thereafter even the effectiveness of
| formal isolation was depicted as not really safe.
|
| Then/aside another justification came up: pushing fresh software
| to distros who do not have manpower for quick enough maintainers.
| The actual snap store prove the contrary: most snaps are outdated
| and full of outdated deps, with potentially unpatched security
| vulnerabilities, of course.
|
| Oh, of course they can't package anything than apps, since
| kernel/userland can't be in a snap, so they need anyway a
| secondary packaging systems.
| bvhvhfcgxfdf wrote:
| How is it different from Google forcing everyone to upgrade
| Chrome?
| [deleted]
| signaru wrote:
| I use both browsers on Ubuntu and Chrome never caused me any
| unpleasant update interruptions. The Firefox binary from
| mozilla.org is far less invasive, btw.
| kelnos wrote:
| Do they, though? I use Firefox, but my understanding is that
| Chrome just puts a button in the corner of the window that you
| can click to restart and install the updates, but it doesn't
| ever force you to do it, and you could conceivably continue
| running that way for as long as you want (well, until you end
| up rebooting the computer for whatever reason). I could be
| wrong, though.
| nanna wrote:
| Installed Ubuntu on a friend's laptop last weekend. Today her
| Firefox wouldn't open because snap was reporting it couldn't
| update it because it was already running. She restarted computer,
| same problem. She asked if she can "delete" snap.
|
| I'm a debian person, so not sure. Can she?
| usr1106 wrote:
| snap can be uninstalled. But then she needs Firefox from
| another source, there is no official .deb package any more.
| There is also the risk that some update or package installation
| will pull in snap again. Doable for a technical user who only
| runs apt from command line and always reads the dependencies
| before answering yes. Not suitable for non-technical users.
| jgneff wrote:
| You can now completely disable automatic updates of Snap
| packages. [1]
|
| [1] https://snapcraft.io/blog/hold-your-horses-i-mean-snaps-
| new-...
| jacquesm wrote:
| Give this man a medal. Thank you.
|
| To update to this version use: snap refresh
| --channel=edge snapd snap refresh --hold
|
| to get rid of automatic updates.
| smallerfish wrote:
| Yeah I mention this towards the end of my rant (in the
| article) but it's a) not available yet and b) not clear
| whether it'll actually notify you when there are updates to
| be made. I'm guessing it expects you to unhold at some point
| to get "refreshes".
| jacquesm wrote:
| I'm fine with that. Nothing drives me more mad than to be
| in the middle of an interview taking notes and then
| suddenly land in an endless loop of being forced to restart
| my browser. It's not like some of us don't have work to do
| while we're in the browser and the utter disrespect by the
| designers of this crap to the detriment of their users is
| baffling. This is one thing where commercial software has
| something of an edge over FOSS: you can't even threaten to
| withhold your $ if they misbehave. Power to the user.
| AnIdiotOnTheNet wrote:
| Canonical watched this exact same shit play out with Microsoft
| and Windows yet decided to do the exact same thing. Mind
| boggling.
| loloquwowndueo wrote:
| The UX can definitely be improved but the vitriol against this
| snap feature is puzzling, since the core of it (what in snap
| jargon is called "refresh awareness") was implemented
| specifically because the alternative (silently updating the app
| from under the user which resulted in strange bugs, crashes and
| other problems) was pretty undesirable. In essence refresh
| awareness was added at users' behest :)
| asdajksah2123 wrote:
| Neither approach is necessary. There are other approaches which
| work just fine.
|
| Ubuntu does not get credit from going from the worst option
| possible to the next worst option possible.
| quercusa wrote:
| As mentioned in the article, the instructions are just plain
| misleading/wrong. Shutting down the app does not cause a
| refresh. Shut down and restart and you'll get another pop-up in
| 6 hours.
| sockaddr wrote:
| I was struggling with this annoyance recently and today decided
| to finally uninstall the snap. The "close now" is super annoying.
|
| I ran "sudo apt install firefox" and it installed a freaking
| snap!
|
| Today I learned that Ubuntu just decides to install snaps instead
| of the apt package.
|
| What the hell.
| oliwarner wrote:
| No contest, it's awful. But you can work around it.
|
| https://www.omgubuntu.co.uk/2022/04/how-to-install-firefox-d...
| remram wrote:
| Can confirm, I uninstalled snapd the day I installed Ubuntu
| 22.04 and I have been running it for months. Firefox seems to
| be the only popular package that redirects to a snap (out of
| my own usage this whole time, at least).
|
| I don't know why they did that, and I am a bit worried I will
| have to abandon Ubuntu if they move more packages to snaps in
| the next release. But for now all you need to do is the
| workaround above for Firefox.
| dublinben wrote:
| You might prefer Pop! OS, which is based on Ubuntu, but uses
| flatpak instead of snaps.
| akdor1154 wrote:
| Pop's Firefox is also a deb package fyi.
| comex wrote:
| Or Debian, which much of Ubuntu is derived from, and where
| Firefox is still offered as a regular apt package like
| always.
| sockaddr wrote:
| Yup. This is the same advice I've gotten from two coworkers.
| Next time I'm up for a reinstall I think I'll make the jump.
| poszlem wrote:
| Just to add a data point, I recently went back to Linux after
| spending years in the MacOS world. Installed Ubuntu out of
| habit, got the _exact_ same thing happen to me (removed snap,
| installed firefox through apt, got snap back) and went to Pop
| OS. Could not be happier with the overall system and still
| very much disgusted by what Ubuntu decided to do.
| hardwaresofton wrote:
| Does it do this on Ubuntu server? I'm assuming not?
| ilyt wrote:
| That solidifies my opinion of canonical just picking good
| distro as base then going around breaking shit...
|
| Like... wtf ? They'd had to patch apt to even do that...
| justinpombrio wrote:
| Consider Linux Mint. It's based on Ubuntu, but doesn't use the
| Snap Store. (And from my experience, works like a charm and is
| well polished.) From the Mint description of the Snap Store:
|
| > The Snap Store, also known as the Ubuntu Store, is a
| commercial centralized software store operated by Canonical.
|
| and
|
| > This is a store we can't audit, which contains software
| nobody can patch. If we can't fix or modify software, open-
| source or not, it provides the same limitations as proprietary
| software.
|
| https://linuxmint-user-guide.readthedocs.io/en/latest/snap.h...
| https://linuxmint.com/
| brainchild-adam wrote:
| ilyt wrote:
| I just use Debian Testing... my install is 13 years old,
| after many dist-upgrades
| bityard wrote:
| Can confirm. Debian + desktop of choice, and everything
| generally works the way I want.
| digitallyfree wrote:
| Debian is another option too, and is used heavily in industry
| unlike Mint. I'm disliking Ubuntu more and more but it'll be
| a lot of work to migrate my fleet over, all managed via
| Landscape (which is Ubuntu-only). While I'm currently
| trialing 22 LTS in a limited environment I'm not sure if this
| is a distro I want continue sticking with in the future.
|
| I guess I could say the same for GNOME, but that's what my
| users are familiar with. The Ubuntu and GNOME setup works
| well - for now.
| pkaye wrote:
| Do package updates to Linux Mint soon after they come to
| Ubuntu?
| angry_octet wrote:
| There's no easy way to ban snaps, apt will keep selecting
| snapd. But you can try: https://www.tecmint.com/disable-lock-
| blacklist-package-updat...
|
| Then install flatpak. It has chromium and Firefox.
| mtlmtlmtlmtl wrote:
| Flatpak is awful too.
| xkcd-sucks wrote:
| Shortly after the push to manage everything through snap, I set
| up ubuntu server and installed docker, to support a client facing
| demo involving a few containers. A few hours before the demo snap
| updated docker to a version that was totally broken and there was
| much embarrassment. That day I gave up on Ubuntu completely and
| never looked back.
| remram wrote:
| On a friend's machine, Ubuntu had somehow managed to install
| both the APT docker and the Snap docker. This caused the entire
| disk to fill with log messages from the snap docker trying and
| failing to start, since another docker was already running.
|
| Removing snapd is the first thing I do on any Ubuntu machine
| now, whether mine or my friends'. This now requires adding a
| PPA for Firefox since 22.04 but otherwise I have never had to
| deal with snap again.
| avg_dev wrote:
| what do you use now?
| xkcd-sucks wrote:
| Mostly....... PopOS with KDE, lol, the 3rd party driver
| installation convenience is really nice. Or plain old debian
| for server stuff.
| jetbalsa wrote:
| Debian, Debian all the way
| sneak wrote:
| This means that they enable RCE, technically speaking, if the
| user is not involved in the upgrade.
|
| Uninstalling Snap is the first thing I do on Ubuntu these days.
| wging wrote:
| Another reason I hated snap, when I used Ubuntu, was the
| performance problems. Opening a url from the snap version of
| Slack took multiple seconds! The solution to this was to nuke it
| and install the .deb version. Just completely unacceptable and
| embarrassing.
| jrm4 wrote:
| I don't like Ubuntu anymore, but not because of "how it
| operates."
|
| More because of "how it operates, without being forthcoming about
| what its new purpose is, which is not 'everybody's Linux.'"
|
| You're trying to be a tool to support big corporate IT. That is
| _absolutely fine,_ good even. Getting more Linux in that space,
| under Ubuntu 's name, seems pretty cool.
|
| But you're no longer "the people's choice" when you behave that
| way. They're putting in big grown up restrictions and ideas and
| methods of doing things, and they just need to be honest about
| that.
| Animats wrote:
| The restart notification system is so lame that I get
| notifications that the snap daemon needs to update itself and I
| should close the snap daemon. Which is not something I opened.
| What am I supposed to do, kill the process?
| streptomycin wrote:
| _Third, the notification has one call to action: shut down the
| application. This application will be updated, so shut it down.
| If the user closes the application, presumably that then triggers
| it to be updated, right? But no: the snap updater runs on a
| schedule, and it could take 6 hours for it to run again, check
| whether the application is running, and then apply the update if
| it's not. Is the user supposed to leave the application shut down
| for up to 6 hours? How could they possibly know to do that? You
| could see a user getting into a cycle (for 13 days!) where they
| restart the application, and then 6 hours later the intrusive
| (and apparently not suppressible) notification pops up again._
|
| I thought the same thing the first time I saw it. The only
| solutions are to either close Firefox and wait for several hours
| for something to silently happen in the background, or Google for
| the CLI command to run to update it. Really bizarre UX, I would
| love to hear someone from Canonical explain why they thought that
| was a good idea. Is there something I'm missing?
| xahrepap wrote:
| I've also been annoyed by this. I don't have it handy but I did
| find the ticket where their conversation to implement this
| first happened. I guess before it would just update without
| notifying the user.
|
| The idea in that conversation was, at least what I took away
| from it, that the user gets the notification and now knows at
| the end of the day they should close the app and in the morning
| it'll be updated!
|
| Seems fine on paper. But the messaging in the notification
| doesn't tell me that at all. And it turns out despite all the
| nagging I always forget to close things before I step away.
|
| I hate the execution of this feature. So much. All the nagging.
| All the confusing messaging.
|
| On top of it all, I don't feel like snap gives me any qol
| improvements in exchange.
| 0cf8612b2e1e wrote:
| What's most frustrating is that snap knows the entire state
| of the world! They know when the application is started and
| closed. Could download the update at anytime and upon closing
| the old application, link to the update and delete the old
| version.
| ilyt wrote:
| Snap format is just a single compressed file. They could
| _literally_ just replace it, remove the old one and due the
| way of which Linux filesystems work, any new call to app
| will run the new one, but the old one would use the old
| file.
|
| They could do it basically seamlessly, with maybe
| notification only if you keep app running for days. Hell,
| that's how package manager does updates, just remove old
| libraries and put a new one in place, old programs will use
| the old one till restart, and when last filedescriptor
| closes it will be unlinked from filesystem. It sometimes
| can cause problems in "normal" apps but fact snap is just a
| single file removes pretty much all drawbacks of that.
|
| It's not just bad decisions but incompetence on top of that
| AnIdiotOnTheNet wrote:
| My considered opinion is that anyone at Canonical that had good
| ideas left about 10 years ago.
| dhd415 wrote:
| Yep, this prompted me to uninstall the snap version of Firefox
| that was installed by default in Ubuntu 22.04 and reinstall it
| from the Standard Ubuntu repository. Score minus one for snap.
| usr1106 wrote:
| There is no package for Firefox in Ubuntu 22.04. The package
| called firefox does not contain a browser, its just
| transitional for upgrading older versions to snap.
|
| I started to download Firefox from Mozilla. But just because
| I have not decided yet what distro to use for family
| computers. Archlinux is fine for me, but not suitable for
| everyone.
| dinosaurdynasty wrote:
| Pop OS is similar to Ubuntu and doesn't use snap.
| pessimizer wrote:
| Debian is boring, easy, and stable.
| xg15 wrote:
| Apparently forcing updates is sort of the core of Snap's
| philosophy. To the point that they rather added a whole host of
| config options that lets you specify various "work periods",
| "postponements" and other temporarily exceptions than just give
| you the ability not to update.
|
| See the discussion here: https://forum.snapcraft.io/t/disabling-
| automatic-refresh-for...
|
| Edit: ...or not anymore:
| https://news.ycombinator.com/item?id=33836216
___________________________________________________________________
(page generated 2022-12-02 23:00 UTC)