auto-update-blueprint

Revision 48 as of 2008-08-06 16:27:03

Clear message

NOTE: Please check the status of this specification in Launchpad before editing it. If it is Approved, contact the Assignee or another knowledgeable person before making changes.

Summary

The ability to automatically download and install updates (unattended) when they are released. Users will be able to configure their systems, so that updates are automatically handled by the system without interaction, based off of their "Auto Update" selection. This should be handled by a user-friendly GUI.

Rationale

With a vigorous release schedule and round-the-clock updates, Linux is one of the most secure and "well-updated" operating systems in the world. But with this cutting edge technology comes endless updates. Although this can be seen as a good thing, it can become overly cumbersome and annoying to end-users, simply trying to do their work, without tinkering with the underlying OS.

Currently Ubuntu makes updates fun and easy, with the notifications in the task bar. This icon notifies the user of updates, and allows them to view, download, and install the updates with very few clicks of the mouse, and without being interrupted during current work. Although this is a great asset to updates and the Ubuntu system, there are other routes that can be taken with updates.

Currently there are a few options to "automatically update" Ubuntu. One way being via third party software, and the other, cron-jobs and scripts. Both go away from the "Linux for Human Begins" or "Just Working" attitude. Therefore a solution must be made within the Ubuntu release which solves the problem, both with stability and easy of use.

Thus the role of automatic updates, with the ability to setup the computer to just "download, update, and work", users will be able to continue working uninterrupted, while always being up-to-date and current.

Use cases

  • For those users who like to have complete control over their system, they have the ability to turn auto-updates off, and can still update via the normal means.
  • Users who want to be up-to-date without the hassle will have the ability to have all updates downloaded and installed, without any interaction.
  • The users who trust Ubuntu Security updates, etc. will be able to have security updates downloaded and installed, while still manually installing optional and recommended updates.

  • And the users who want to pick and choose the updates without waiting for them to download, can automatically pre-download the updates, so they can be installed later at the users' convenience.

Scope

This spec requires updates in:

Design

The Ubuntu update manager should have the ability to automatically install updates when notified by the repositories, of a new update. However, there should be some power in the hands of the user, therefore sane defaults and options must be available, through a carefully created "user-friendly" graphical interface.

Updates

The following options should be present:

  • Automatic Updates Off
  • Automatically Download and Install all Updates
  • Automatically Download and Install Security Updates Only [Recommended]
  • Automatically Download Updates Only (Do not Install)

Reboots

The follow options, will handle auto-reboots:

  • Automatic Reboots Off
  • Automatically Reboot (After the updates are installed) [Recommended]
  • Scheduled Reboot (HH : MM)(AM/PM)

Design Rationale

Updates

Sane options, and user-friendliness are key points in any Ubuntu related project, auto-updates shall be no different. With the described options, most users will be covered with an updating option. Although the options will not cover every case that could appear, they will fit nicely enough to give the flexibility needed in any case.

Reboots

Often time Linux updates will go without any interruptions to the working environment, and hardly need a physical-reboot, however these are rare occasions when such an updates is released.

Users will now have that ability to reboot the PC's while away, after new updates, or automatically reboot at a specified time. If the users choices to have the computer reboot after the installation, a sixty-second warning/prompt should be present to ensure the users is ready for the reboot (if no response is given to the prompt, the computer is rebooted). In addition is the reboot is scheduled, the user should be warned before the reboot. At anytime, a reboot should be able to be canceled.

Final decision

This is to be determined, after approval.

Implementation

This is to be determined, after approval.

Outstanding issues

  • What about packages that might ask debconf questions or questions about replacing debian/conffiles?
  • What about potential unresolvable package interrelationships?

BoF Agenda

This is to be determined, after approval.

Discussion

  • Auto Updating should not be this hard, Why is cron/autoupdate not working? or apt-get upgrade from cron or automatic updates --JustinMWray

  • unattended-upgrades/blueprint - This package is a python script to modify 'apt' in a way in which "security" updates are automatically installed. This package doesn't give the same power to the user as defined in these specifications, nor does it achieve the user-friendly level expected by this "feature". --JustinMWray

  • update-apt - This package keeps the repository cache up-to-date as well as predownloads updates. Therefore this package does complete/implement one portion of this specification. However, this is on the backend side, and the GUI interface still needs to be created.

  • In addition, this package should be installed by default, and be apart of, or easily accessed from the Update Manager --JustinMWray

  • I'm terribly sorry if this is the wrong place to write this, but the computer should NOT automatically reboot. This is a HUGE cumbersome with Windows XP currently where even when you tell XP to let the user decide when to reboot, XP does it automatically if it receives no feedback from the user. Also, XP pops up every 30 minutes, asking if it's OK to reboot and that is unwanted/annoying.

Why do we need to automatically reboot anyway? Most users reboot there computers daily, if not once a week, so why the need to automatically do it for them. It's generally servers and power-users that wouldn't reboot as often. The biggest problem I see is if Jane is working on her Doctrine and leaves for an hour to get coffee with her friend and the computer reboots without her confirmation, then she would be FURIOUS at this mistake made by Ubuntu. Even if she saved her work, what about all the other documents and windows that are open? This is a major inconvenience to regular users. --brettalton (2007-06-12) (This was moved from WhiteBoard --JustinMWray)

  • Here is a article on Windows XP's automatic updates: http://www.theregister.com/2006/08/21/bill_gates_invoice/ - I can not verify it's sources, validity, comprehension --brettalton (2007-06-13) (This was moved from WhiteBoard --JustinMWray)

  • As I've just read on the wiki page for this package, it's stated that automatic updates are OFF by default. Thus Jane, would probably never see that option or use it, and that's ok because she'll reboot her computer after she finishes writing a new section for her doctrine. The option is still available for the completeness of the package, like you said, for power-users and servers. I have a home-server which works 24/7 and i'm not always there to reboot it on updates. This auto-reboot will be great for me. --Unknown (This was moved from WhiteBoard --JustinMWray)

  • Why not just show a notification that a reboot will be needed to complete upgrades. And when the system keeps running for days increase the frequency of the notification appearing. Maybe if the user should have rebooted for over a week just display the notification constantly. [27.07.08 -- Bernstein]
  • When an reboot is required, just show a status area icon and message bubble saying so, just as it works now. The bubble would disappear after a timeout and only the icon would remain. This avoids stressing the user with a deadline to respond, and avoids interrupting the user's work with a pop-up. If the developers insist on a pop-up, please do not steal the focus from the currently focused window; this causes very annoying mode errors -- while typing in your text editor you suddenly discover that for the last several seconds you were typing in the dialog window instead, or even inadvertently accepted a reboot! [2008-05-29 PhilipGanchev]

Review comments

I like the idea of improving the automatic installation of security updates. The "Install security updates without confirmation" bit of the spec is implemented already with unattended-upgrades (already installed by default). If you go to System/Administration/Software Sources and click on "Updates" the options is available (also not turned on by default). The unattended-upgrades tool is flexible enough to handle the outlined options, only the gui needs to be extended to display them.

The automatic reboot is a interesting idea. I'm concerned that doing that automatically may annoy the user. We should give at least 10 minutes of notice so that the user gets a chance to finish his work or to cancel the reboot. Generally timers that tick down in the UI are problematic as it puts the user under stress to react. The best course of action is probably a notification bubble like the current reboot notification that tells the user that a reboot will happen in some minutes and when its less than a certain time a dialog should apprear with always_on_top=True that show a timer and a option to reboot now or cancel.

One issue that cannot be resolved without user interaction are conffile prompts and debconf questions. In those cases unattended-upgrades will leave the package alone and just show the normal "updates available" icon. Fortunately those prompts are rare for security updates.


CategorySpec