Snap is awful, no arguments there. I think the more important thing here is that the very idea that something should update itself is so incredibly insanely broken and I cannot for the life of me understand why it's the norm.
The number of times I've been hacked and suffered a data loss is astronomically small compared to the number of times I've had something update and suffered a data loss, or more importantly the number of times I've had something update and cause a regression or break something. Then I have to spend my precious time bringing something that was PREVIOUSLY IN A WORKING STATE back to a working state, which is one of the most infuriating feelings.
Firefox on the release channel downloads updates automatically. And it applies the updates when you next restart the browser. This does not interrupt your browsing in any way. Which I think is fair decision for a browser with a large attack surface.
Most other software should only update when specifically instructed to.
The biggest problem is that Firefox updates the next time you open the app, without warning.
That's not a sane decision. Sane would be to update on closing.
Same way Windows offers to "Update and Shutdown" (you don't need the PC anymore why don't I under after you walk away) and not "Update on next Start up" (I'll wait until you need me to get in your way).
> Same way Windows offers to "Update and Shutdown" (you don't need the PC anymore why don't I under after you walk away) and not "Update on next Start up" (I'll wait until you need me to get in your way).
This presumes that shutting down is never a time-sensitive action. If I had a nickel for every time Windows decided it wants to spend a half hour installing updates when I'm trying to shut down a laptop so that I can put it in my bag and go somewhere with it, I'd be able to actually buy a Windows license instead of resorting to vlmcsd.
If you use win-x to access the shutdown menu, it will give you options of shutdown or update and shutdown. Although, I think that's really shutdown and update on next boot though. At least this is available in Windows 10.
I run a desktop workstation with a UPS, its lead acid batteries are not infinite and don't like staying discharged, so at times shutting down quickly and cleanly is very important. The more I hear, the happier I am that I moved to Linux a decade and a half ago, and this general topic is a major reason I'm planning to go back to Debian after using Ubuntu LTS for my last two versions.
Quora always had reputation for being shit but I am impressed by how terrible that page is. I mean there are only two 2 types of answers there: "Window$ is BAD" and stuff that looks like generated by GPT-3( or straight up from those infamous "recipe sites" a.k.a. SEO farms).
I should have left a "sequence shortened" warning. Windows 10/11 offer you 4 options when an update is pending. "Update and shutdown", "Update and reboot", "Shutdown" and "Reboot".
Windows does, you can update whenever you life. All 4 possible options are offered when you go to shutdown, including skipping the update to shutdown/reboot now.
This is a consequence of most Linux package managers not caring if apps are running and updating their files anyways. Firefox does this because it would crash otherwise (as most other software does when you pull its files from underneath it). If it happens frequently, you must have automatic live updates enabled - maybe you don't on Fedora and that's why you don't see that happen?
On Windows, where no standard update mechanism exists, Firefox updates itself, so it does it only when it knows it's fully shut down (before it opens or after you close all windows).
No, Fedora package manager (dnf) does the sane thing and not replaces app files from under the running apps by default - google "dnf offline upgrades".
And for Windows there is standard update mechanism - Microsoft Store - which also does the same sane thing.
So it's Ubuntu implementation problem, and not a Firefox one.
Do I understand correctly that it is based on systemd's offline upgrade mode, i.e. installation is done at the following boot? If so, you can do that on Ubuntu too. I'm not sure how (perhaps by invoking apt-offline?), but at least KDE Discover does it on Kubuntu.
> Firefox does this because it would crash otherwise (as most other software does when you pull its files from underneath it).
Most software does fine, as long as it has already mapped in all of its libraries, those files can be unlinked in the filesystem, but will remain on disk in their current form. You do run into trouble if the software is part way through starting up and hasn't mapped all the libraries, or if you update the files rather than unlinking and copying new ones (at least, FreeBSD lets you update mmaped files and all processes will see the updates, which is usually not what you actually want when the files are code).
Windows makes it very hard to update program files while programs are running, so it's not surprising Firefox endeavors to do updates while it's not running.
Due to the way multi-process browsing works, Firefox at any time still needs to be able to launch new processes in order to accommodate new tabs, or thanks to site-isolation possibly even browsing to a different origin within the same tab. Once the old binaries have been unlinked, I assume there is no longer a sane way of launching a new process using the old binaries?
At start, you could start a new seed process, map all the libraries and what not, but don't do any browsing work... When it's time to launch an isolated process, fork the seed process and use the child.
This doesn't seem insane to me, but might not be an easy thing to fit in to the large body of code that's already there.
You still have issues if you're starting up during an upgrade, but that's a problem with anything dynamically linked.
Doesn't using fork make it more difficult to cleanly separate the various child processes from each other? It also makes address space layout randomisation less effective, because every forked process starts out with the same base memory layout, doesn't it?
> Doesn't using fork make it more difficult to cleanly separate the various child processes from each other?
I don't think so? As long as the main process is separate from the seed process, and the seed process is forked before specialization.
> It also makes address space layout randomisation less effective, because every forked process starts out with the same base memory layout, doesn't it?
Yeah, I think you're right. Not sure if you could maybe do some randomization post fork, but you're probably right.
Unfortunately, this breaks horribly if you're on a shitty network (for example I work a lot on the train) and/or slow hardware. The update check delays browser startup for more than a minute when connected to wifi with no internet (this happens a lot when going through rural areas) and the update after closing function has also burned me a few times when I closed the last window, then remembered I needed to check one last thing, but had to wait several minutes for the update to do its thing (a combination of old laptop, slow internet and many other things using resources).
Are you sure that originates in the update check? The update itself is downloaded asynchronously while the browser runs. The browser itself checks if an pending update has been downloaded when it is launched.
Just yesterday any new tabs I opened refused to load until I restarted Firefox due to a forced update. Existing tabs became unresponsive. Granted, it did restore my session upon restart, but it did not restore the DOM and data state of those tabs.
I wasn't able to verify how FF actually behaved under snap, but snap's confusing notifications was enough to make it annoying. After failed tweaks, I'm glad that I no longer have to deal with this since I already purged FF that comes with Ubuntu and just used the binary from Mozilla's site instead.
I’m not so sure that they only download. On macOS, Firefox (and Chrome) sometimes stop working in odd ways when they do the background ”download”. For example, file pickers stop functioning or tabs stop loading. All of this starts working again after restarting and letting it update. It’s happens more than a handful of times every year. Enough so that I’ve picked up on the pattern that it only happens when I see it say “update” by the settings menu.
This is not my experience on Ubuntu. It updates while I'm using Firefox. I then open a tab and get the stupid message saying that welp, you need to restart that browser boy because isn't this a great UX?
I don't think this is a fair decision. Virtually nothing requires such a forced update. And the browser should be sandboxed by the OS anyway.
> This does not interrupt your browsing in any way.
That's not been my experience. I don't know what system you're using, but with Firefox on Ubuntu, I discover that Mozilla has put out another (goddamn) update (again, already, goddamnit!) when all my tabs suddenly crash, forcing me to restart the browser.
> I think the more important thing here is that the very idea that something should update itself is so incredibly insanely broken and I cannot for the life of me understand why it's the norm.
Eek hard disagree.
Most things I want to auto-update. Preferably at 4am. Somethings I want to disable auto-update.
What I never want is things to update when I’m in the middle of something.
It sounds like you want to control a policy of when things should update. For example Firefox every 4am, Kernel when you say so, Python 2.6 never, etc. I understand "something should update itself" to mean that the user doesn't get to set the policy, it does.
macOS never interrupts the user, for example. Even if you click the install button, if you (X) out of the "restarting" notification it won't restart/install the update.
Because everything is connected to the internet and what was once working is now a security liability not just to your machine but to other connected machines.
This is a big reason why macOS snapshots your disk before an update. If you ever have a problem, reboot to recovery mode and you'll see a "Restore backup" entry from just before your update that will instantly revert the system to the previous version.
Apt updates itself if you instruct it to, the updates also won't restart anything by themselves. I don't think unattended upgrades are enabled on debian or on ubuntu.
When Firefox is updated by apt on 20.04, it keeps working until I open a new tab. Then it shows a page asking me to restart the browser and won't do anything else until I comply. This is a choice of Mozilla.
When Ubuntu prompts me to restart the system after an update I can dismiss the dialog even for weeks, but at a certain point the cumulative updates start making the system behave erratically and I have to restart. Probably kernel, drivers, libc, other vital stuff get too much disaligned.
> When Firefox is updated by apt on 20.04, it keeps working until I open a new tab. Then it shows a page asking me to restart the browser and won't do anything else until I comply. This is a choice of Mozilla.
Parts of the program were updated and now the program is in a not tested, half-updated, half-old state.
The "other choice" for Mozilla is pretending nothing happened, attempt to open the tab, probably immediatly segfaulting and losing all your current work in a potentially unrecoverable way. Not really a good choice under most circunstances.
It started doing that only a few months ago. Apparently it worked in the half updated state before then but of course the implementation and the update process could have changed.
I have a bunch of ubuntu containers at work, none of them self update by default, I know that because I had to enable unattended upgrades manually in all of them. Maybe it's a lxc template thing?
>I cannot for the life of me understand why it's the norm.
If updates were not automatic a large number of people would not upgrade and would not receive important security updates along with various fixes and new features. If a user keeps running into a bug that has already been patched in a newer version that user will just think your software is bad and they will not realize that this poor experience they are having is because they are on an old version.
>The number of times I've been hacked and suffered a data loss is astronomically small
Being hacked even once is a bad thing. It is something that the industry tries to minimize as much as possible.
>the number of times I've had something update and suffered a data loss
Personally I have not experienced this, but it sounds like this would still happen when you update later. This is why doing gradual updates of rollouts and collecting telemetry is important. It is very useful in being able to detect a bad update and stop it from going out. Unfortunately, the Linux ecosystem is still behind the rest of the industry which leads to people having a poor user experience.
OP posted a since-the-dawn-of-time complaint about automatic updates that ignores why they are necessary, and clearly states that he's just refusing to engage with the usual reasons for them.
The "generic" response is beacuse the complaint is simiarly generic.
Sorry, I'm not sure I'm parsing this right, you're saying "security updates are necessary and I as a user am going to have worse outcomes for not updating my stuff"?
My personal experience does not match this at all, so is the explanation there that I'm just lucky?
Sorry for the reply to my own reply here but I'm genuinely incredibly curious for someone to explain to me why updates are necessary. It really seems like a cargo cult thing to me but I'm not the smartest person and if someone can explain to me where I'm doing my threat model/attack surface analysis incorrectly I'd love to learn.
>I'm genuinely incredibly curious for someone to explain to me why updates are necessary.
Because software is never finished. There are always bugs to fix, new platforms to support, new features to be added, more polish to be added, etc. It is the developers goal to have the quality of their software to go up over time.
It is in developers interest for their users to remain secure, not experience bugs, have a good experience, and to solve a problem or need they have. Updates to applications try and address one or more of these things.
If making the user's life better is a cargo cult thing. Then maybe that cargo cult isn't such a bad thing.
If you are specifically talking about why should you care about a chrome 0day patch because you've never visited a shady site that tried to exploit it then the reason is that it's important for the ecosystem to be seen as secure. You want to make it as least financially viable to exploit Chrome as possible, you want to ensure people think of the web as a secure platform they can use without being afraid, as Google you want to avoid bad PR about a big hack. The first point is important. You want to increase the customer acquisition cost for an attacker which is "the cost to get a visitor divided by the chance a user's browser has not gotten the patch yet." (In proctice different demographics may have different patch rates which lowers the CAC my targeting that demographic) Google's lever for increasing an attacker's CAC is to use autoupdates to lower the chance. When CAC > LCV (lifetime customer value) then the attacker does not have a financial incentive to compromise users and this results in a large drop in the rate of attacks. The required updates remove the incentives to use the attacks which is why you feel like you aren't being targeted.
It's like how some management don't understand the value of a system administrator because when a system administrator does their job correctly everything appears to just work. When security updates are properly going out it may feel like they are unneccessary, but that just means that the defenders are doing a good job.
In the first bit you have not described why updates are necessary, you've given some reasons why updates can be useful. Opting into updates sometimes is fine. The context of the parent and grandparent posts is specifically security and security updates.
Security wise for most applications there's the oft overlooked possibility of just not connecting to the internet. Though when it comes to my personal experience running antivirusless Windows with updates disabled it has not been a problem for me for a decade now. According to my router I'm not part of a botnet either. It just doesn't seem necessary at all. Your attack surface as an individual on a reasonably well secured network is minuscule and your threat model is basically just the background radiation of bots trying whatever random exploits. Sure, I keep my router patched because it's on the edge, but other than that it doesn't matter.
Though I will give you that browsers are a special case where the tool is specifically used all the time to connect to potentially hostile content and give that content the ability to execute code on your machine. Things on the edge are a scenario where keeping up with security patches actually make sense.
No, this response was not generated by ChatGPT. I would like to point out that there is one part of the Linux ecosystem that does automatic updates well which is Android based operating systems. What this post is about, desktop Linux, is much further behind so a more generic response is deserved.
Before we get the point where we are discussing aspects like under what conditions should updates be applied or the priority of which updates should be installed first, desktop Linux needs to show that it can handle the basics.
My phone hasn't gotten update in over a year as Google dropped support for my old pixel. My 10 year old Linux desktop updated yesterday... Oh, and I didn't have to reboot my machine (live patching for the win). Android update is not "better" it is different with different goals.
The support duration of an operating system is different from the quality of how it handles autoupdates. Unsupported Android devices can still receive updates to apps from the Play Store. We were talking about application updates specifically and not operating system updates which while similar, are typically handled differently.
Upgrading Android apps does not need a reboot of the device either. Again live patching is a separate feature from automatic application updates. If you read the article it shows a case where a Roussel is fruterated with how live patching is broken on desktop Linux. Meanwhile on Android apps don't do that when they are updated.
>I am going back to Arch. My computer is my computer, and I don’t care anymore how much work it takes, I’m going to take charge so nothing like this ever happens again.
From my experience the only real work load with Arch was the set up. Once I installed it and configured everything to my liking there has been nearly 0 work with maintaining the system. I've been running my installation of Arch since 2016 and the system didn't break even once.
I recently switched back to arch, and when I updated my xorg a few days later, a few things started crashing (notably godot) with a “[xcb] Unknown sequence number while processing queue”, so as much as I love arch I definitely wouldn’t call it “nearly 0 work” unless you just never update.
I agree, Arch is amazing. I haven't been using it for a few years, I've been on Ubuntu in an attempt to be closer to how a "normal computer user" would experience Linux. But every single time Ubuntu Softwate messed something up, every single time I get a notification to close Firefox in <13 days to avoid disruptions, every time I click the "update all" button on Ubuntu Software and it tells me it can't because the Snap Store is running (as a background process which I can't close through the UI), I get the urge to go back. At this point, it's only inertia which keeps me on Ubuntu, I don't want to take the time to set stuff up anew. But at this rate, I'm sure I'll finally make the switch sooner rather than later.
I'm not philosophically against Snap as an idea. But what I am against is all the absolutely terrible UX decisions and bugs which Canonical evidently considers "acceptable". It makes the whole Linux desktop look like a joke.
Maybe it's time to realise it is a joke. That Linux will remain a programmer OS and an OS for locked-down consumer devices, but not a general consumer desktop-style OS. And maybe we should recognise that in such a world, there is no space for Ubuntu Desktop.
I never have a problem with this, but I do shutdown my computer everyday. I do actually use arch as well but a lot less than Ubuntu and Debian, my feeling is that Arch is a lot more trouble than Ubuntu and Debian. I am very conservative with my desktop I always want to be able to work, I've had zero problems with that attitude running Ubuntu since it was just an idea. All problems I've had were self inflicted and there are many foot guns for sure.
I also shut down my computer every night. If it works for you I'm happy for you, but it's more trouble than Arch was for me.
The stability is nice while it lasts, but I've had way too many major things break when upgrading to a new release. The most extreme case was the time Ubuntu 19.10 broke GDM, so anyone with an nvidia card and auto-login enabled had their system bricked. This is even though I reported the issue a long time before the release, and there were very reasonable workarounds proposed in the issue discussion in good time to fix the issues before release. Ubuntu 21.04 released with a nextcloud-desktop application which segfaulted on launch. I also reported this a long time before release, and it was ignored because they had already frozen the packages they import from Debian, so I had to deal with a desktop which couldn't sync my files.
I haven't experienced similar huge issues in Arch, but more importantly, when an issue does occur, I can expect a fix to be out in days, not weeks or months.
This is why I stay on LTS versions. I'm about to install 22.04 on a new SSD. I'll dual boot 20.04 to work until I'm confident that I can setup 22.04 with all the GNOME extensions I need to have a sane desktop, plus all the software I need to do my job. Actually maybe I'll give a try to Debian 11, no snaps there.
Here's the list, but the goal first: I want a desktop with only a bottom bar (I'd buy a Mac if I wanted a top one,) a task bar (like old Windows,) status icons and clock in the bottom right (old Windows again?), no laucher / dock on screen, virtual desktops but no animations that move everything on my screen, solid color for the desktop background.
1. Applications Menu - for when I forget the name of an app but I know more or less which category it belongs to.
2. Custom Hot Corners - to disable all actions started by moving the pointer to a corner.
3. Dash to Panel - The important one: panel to the bottom, intellihide the bottom bar, show the taskbar, position the date and system menus, background color, windows previews, workspace isolation, ungroup applications, disable gestures,
4. Desktop Icons - this seems to be a system extension, the only two icons I see are the trash bin and a link to my home directory. I'm not using them from the desktop.
5. Extensions - an extensions menu, useful only when I don't have Firefox open, so basically never. I could remove this extension.
6. GSConnect - not related to desktop customization but even more important IMHO. It's the GNOME implementation of KDE Connect.
7. Notification Center - notifications from the bottom right, in a menu, etc.
8. Places Status Indicator - a menu in the bottom bar with the bookmarks defined in the file manager.
9. Recent Items - a menu in the bottom bar with the recently opened documents.
10. Simple net speed - current bandwidth used by my laptop, in the bottom bar.
11. Sound Input & Output Device Chooser - list of sound output and input devices, set volume per device.
12. Start Overlay in Application View - very important one: when I press the super key I get the list of the available applications instead of the outlines of the open windows (what would I use them for? They are already on my screen.)
13. User Themes - to let me install a theme from my disk.
14. Workspace Switch Wraparound - I have one workspace per customer plus a couple for me. They are arranged horizontally. I go to a workspace with a hotkey but I also move with super-alt left/right and if I want to move a window across workspaces I do it with ctrl-super-alt left/right. This extension makes moving leftward work even on the first workspace and moving rightward works in the last one.
15. Workspaces to Dock - The other important one: it completes Dash to Panel at undoing the remaining default choices of GNOME Shell. Intellihide of the bottom bar (again?), no animations, never see workspace thumbnails, hide the workspace switcher.
I'm not missing the irony of throwing a lot of code at undoing the effects of a lot of code written by GNOME in the last decade. At least they still let us do it.
If somebody's asking why I'm not using another DE: I want to stay on the mayor ones (support and maintenance.) Why not KDE? I had bad memories of KDE around 2014: twice as many clicks than GNOME to do the same thing, especially in settings. Somebody told me that it got better but there is little incentive at investing time to only get where I am now. I'll do it if and when I won't be able to bend GNOME to my desires.
I only see problems with LTS. I do agree that there are some stability issues with Ubuntu that just don't get fixed, but this is mostly an issue with the other releases. This is the problem with staggered releases your fix might very well take 6 months.
Arch has severe problems in my mind especially in stability, but as you say it is easier to fix stuff and that is a huge plus. It's just a trap I try to avoid for my desktop!
Thanks for the explanation makes a lot more sense now!
I do truly believe that Ubuntu will be a lot more stable if you stay away from the "interim" releases. When I bring these things up with people, I do get the impression that Canonical looks at the non-LTS releases as more of a sort of public beta test to ensure the eventual LTS is solid. For the sort of stuff I do on my computer, using libraries which are up to 2 years out of date is incredibly painful; even the 6 months between interim releases is a problem sometimes.
So if you use the LTS, and the outdated packages isn't an issue for you, it makes sense that you'd be pretty happy with it. And maybe that's a use-case I'm underestimating.
I just do not trust new stuff being stable enough for a daily driver, but I still use it because I have to. As a developer I do not feel that this is an issue for me. I understand why it can be an issue.
Arch has been nearly maintenance free, and it's been the one distribution where when I did break something, I was able to fix it 100% without nuking and starting over.
I still can't bring myself to run it on servers for some reason, and I go back to Debian stable for those, but honestly, I'm not sure why. I'm starting to feel that a rolling release would make for a lower maintenance server because it's always a PITA when the inevitable end-of-life comes into play and the upgrade inevitably fails and I have to reconfigure everything anyways.
Ubuntu in contrast would ALWAYS find new and bizarre ways to break. ESPECIALLY when snap came into play.
Might I suggest NixOS. Same benefits. Auto-updates are disabled by default. But even if they do happen it's not going to try to mess with currently running processes. In fact, the old version will still be installed just no longer to default. You could even run both simultaneously (using two separate config directories otherwise you get warnings). Snap seems like a huge regression in the Linux ecosystem.
Same. I love their archiso, you can build your own little custom live ISO. I put Gnome and networking on mine, then install via a terminal shell window.
The only reason I reinstall is when I upgrade my box every 2 or 3 years. Years ago Arch was a bit more finicky, but today it's been perfectly stable for me, doing updates every Friday.
Jumping on this bandwagon, running it for 10 years now and the last 5 years or so I've touched more or less nothing (aside from updates) and had no issues.
Snap getting more invasive was the final straw, which led me to move a startup away from Ubuntu LTS, to Debian Stable.
(Was already leaning towards moving, because a rough monitoring of security updates over several months showed Debian was strangely more trustworthy. Snap making things even worse for some of our systems made the decision easier.)
It was the last straw for me, as well. More specially, the annoying notifications telling me to update Firefox or "it will automatically update in 13 days". I don't know what was supposed to happen, but these notifications kept showing up for several months.
I don't see snaps being phased out. I don't like them either, but there're plenty of abomination technologies being the future. The whole web might be one of them.
Snap is a pile or garbage and I really wish Ubuntu would just stop trying to be a little different all the time. They learned their lesson with Upstart but I guess it'll be a few releases until the abandon Snap.
Upstart worked well for its purpose. It gave me zero problems and a faster boot until systemd came along. It was a good stop gap solution and was adopted by other distros including ChromeOS.
People like to criticize the "different on the block" and although I think most of these complaints are for good reasons, so much is learned from these mistakes that we should not be so avert to them.
I don't think snaps are better than flatpaks, but I'm glad there is an alternative to it under a different management and having a good influence over it (IIUC, "portals" were born in snaps, not in flatpaks).
Mir would have been a better thing to point out as a poor technical decision. But Upstart came out before SystemD and was used by other distros, most notably RHEL5 + 6.
I'm not sure about that - Wayland hasn't exactly been a runaway success either.
The 2 key issues with Wayland, the fact that it's a protocol, meaning a lot of stuff needs to be handled by the window manager that was handled by the platform before, and its opinionated design, that made it very hard to port software that wasn't designed exactly how it wanted to be, meant adoption was (and is) very slow, and still kind of ongoing.
I grew to like Unity as time passed, the global menu, and the global search was great. Its initial launch was rough, but given how poorly Gnome 3 was received I think it was a valid path to explore
Hmm, it's good to try to be different, bit they certainly shouldn't push "different" stuff when it doesn't even work yet. I've not minded the transition to systemd, for example. Snap has been awful, I don't like it and every time it's pushed that bit more I feel like Canonical are behaving like Microsoft somewhat.
Debian is looking attractive.
Abandoning snap is not enough, it's more about respecting users ... but they are obviously under no obligations to me, I'm not paying.
Keeping the clock and widgets in the upper right while unifying the header window and app window was the reason. You can dislike the reason, but you can't say there wasn't one.
To the defence of Snap, I have the same issues on my Firefox installed with PPA
(Firefox updates at random time, then kindly asks to reboot by replacing each webpage by a grey one with a restart button, and it doesn't restart tabs in private windows)
It's a very Firefox problem, not snap
(I use PPA and not Snap because snap outright doesn't work when your home isn't /home/uname , and mine is /home/company_domain/uname )
(I can't believe that ubuntu forces you to use a software that isn't production ready)
> (Firefox updates at random time, then kindly asks to reboot by replacing each webpage by a grey one with a restart button, and it doesn't restart tabs in private windows)
I understand why they push so storngly to frequent updates and consider that idea mostly as good. However that implementation always makes me furious. I am in some workflow, doing some form of transactional thing and suddenly it decides to stop working without restart, where then half my work is gone. If they'd say "hey, new update ready update in next few hours" I'd be fine and could schedule it (well I would still not like it as I hoard too many open tabs thus restart takes time ... but could tolerate)
From what I've heard (haven't done this myself yet) if you install Firefox manually instead of through a package manager, it has an internal update mechanism that doesn't trigger the "please restart" page. That page is for when a package manager swaps files out from under it, while the internal mechanism waits for you to restart.
> From what I've heard (haven't done this myself yet) if you install Firefox manually instead of through a package manager, it has an internal update mechanism that doesn't trigger the "please restart" page.
I install Firefox in such a manner and can confirm the behavior is what you have heard. I've never seen the "please restart" page.
The weird thing is that the restart doesn't (usually?) seem to be necessary for it to function, only for you to receive the underlying security update. I learned this because there's a bug where if you have multiple profiles running simultaneously only the main one shows the restart screen.
When I found this out it really pissed me off so I tried to figure out where the restart screen showed up in the source code so I could patch it out. But I'm not familiar with the code base and left off after a bit of digging because I really can't justify the time spent.
In reality I end up holding back Firefox updates with my package manager until I'm ready to restart it. In the end I will thwart developers trying to dictate things to me. The software on my computer works for me, not the other way around. A lot of developers seem to be far too arrogant and forget this basic fact.
The problem is that with the way multi-process browsing works there is a long-lived parent process, which is only shut down when you fully close the browser, and there are a number of potentially shorter-lived child process that handle the actual browsing and rendering of web content.
So at any point the browser needs to be able to potentially launch a new child process if you open a new tab, or even just browse to a different website on a different domain (origin) – which thanks to site isolation nowadays requires a separate process, too, unless perhaps a page from the same origin is already open in a different tab.
If thanks to an ignorant update service the browser's binaries have been swapped out from underneath it, that now means that you've got an "old" parent process suddenly talking to a "new" child process, which isn't an officially supported configuration.
If you're lucky, there were no breaking changes within the browser and things might work anyway, but there are no guarantees that things always turn out that way, since the API between parent and child processes is a purely internal one and browser developers feel free to rejigger it any time they need to.
While in principle you could try to develop the browser in such a way that a certain amount of forwards/backwards compatibility is preserved between an older parent process talking to an updated child process, I presume that doing so would also significantly complicate development on anything that touches the parent/child process interface, and you could equally claim that it's Linux's package manager behaviour regarding updates (just swap out the files underneath a running process) that's broken.
On Arch Linux the Firefox installed via the package manager has never auto-updated and never shown this "please restart" page. But probably the official packaging on Arch resembles a manual install on Ubuntu.
You may have been lucky or have some specific config or workflow that made you avoid this issue.
I'm using a regular Arch installation with Firefox and Pacman. The "please restart" page appears regularly; I just had it yesterday. This occurs when running `pacman -Syu` in some background terminal while Firefox is active.
Not really, it's a relatively recent change in Firefox; I'd say for about a year, or maybe a bit longer? (time has been fuzzy these last few years). Before that I would always run updates in my distro in the background and wasn't forced to break my workflow in whatever application I was using.
Used to be able to also run Fedora distro upgrades while the system is running, now we're back in Windows-like territory, where I have to restart the system and wait for it to re-install 2-3k packages pretty slowly.
I don’t think this is a Firefox specific thing. When you do a Pacman upgrade you’re changing the files on disk. Any time those files need to be loaded in the future ought to trigger a warning from any program that doesn’t want to mysteriously break on you because it’s not loading what the previous version you still have in memory expected.
The only real workaround for this is systems like NixOS where the previous version is left intact when you do updates.
Yes, it's 100% normal; and it doesn't really bother me personally. The "please restart" page only appears when opening a new tab (so the disruption is minimal). I never lost any work because of this so it's just a minor inconvenience.
I was sharing my experience to illustrate that Arch does not have any protection against this problem _by default_. The post I was replying to was comparing Arch's package to a manual installation.
> The "please restart" page only appears when opening a new tab (so the disruption is minimal).
I usually open a new tab when I want to do something in that new tab, which makes the disruption very annoying. (As far as I remember, it also blocks loading of new pages in existing tabs thereafter so the disruption is total.) Then during the restart it loses all info in private tabs.
I hate Snap, but from what I experienced, I also don't think that the problem is related to it but some shitty logic in Firefox.
Regarding the "excuse" that it is the package manager that updated the Firefox in background, I saw it repeated a lot of time to deflect the blame, but it is totally not true in my opinion. On my system, I don't allow automatic updates. I have the notification when updates are available, but the system/packages are never updated without me doing it. And still, I noticed multiple times that Firefox breaks suddenly, like that, when nothing was updated on my system for some weeks and everything was working fine.
Ubuntu has an additional system called unattended-upgrades that does security updates in the background without any user interaction. At least in Ubuntu 18.04, pre-snap Firefox is included in it.
It wouldn't be in apt's log, it would be in the unattended-upgrades log. And I can say that when I removed Firefox from its config, it stopped happening to me.
I have never seen anyone mention this issue on macOS or Windows. It's definitely a Linux package manager thing, not part of Firefox's own update process.
If you're using a PPA then it shouldn't update on it's own and give you the restart screen. It should only update when you run an update with your package manager. How did you set it up so that it has this problem?
i've had the same thing happen in both chromium and firefox. what i hate most about snap though is the constant popups telling me the close the application. but closing the application doesn't actually trigger it updating, it basically wants you to close the application and then wait several hours until their cron job to update or whatever runs again. so I just get these constant pop ups
I'm mostly using Firefox on Arch and it doesn't suffer from this problem. It updates when I want it to update, meaning when I do my daily update with my distros package manager.
>(Firefox updates at random time, then kindly asks to reboot by replacing each webpage by a grey one with a restart button, and it doesn't restart tabs in private windows)
that happened to me several years ago despite automatic updates being explicitly turned off - I actually have a screenshot of the settings page next to that gray one
Firefox doesn't update itself. Your automatic background updates update Firefox.
Consider going to your settings and changing your update preferences. Firefox only shows the "please restart" page when it's already been updated, in your case (from a PPA) by something else like your OS upgrade service.
It'll also keep your existing tabs working as best it can, only new tabs will show the restart page. You should restart anyway because the underlying libraries have been swapped out from under Firefox while it's running that makes Firefox VERY crash prone for very obvious reasons.
I have uninstalled Snap Firefox and installed PPA Firefox
Suddenly it updates, and when I restart, the PPA Firefox is gone! It is back to the Snap Firefox
Also the Snap Firefox does not start, because I use a user that is not in the snap group. So after each update, I have to uninstall it and reinstall the PPA one
That's just false. It doesn't update, you have to run APT to do it.
Now if you run 'apt upgrade' and hit 'yes' without looking, you might be updating Firefox while it's running. Or maybe you use unattended-upgrades. Either way, not a Firefox issue.
Heh, I just tried to fire up a Snap instance of FreeCad on a remote machine (because snap on the local machine was broken). Got an "X11 connection rejected because of wrong authentication", even though xeyes started just fine. It seems to be yet another Snap limitation.
At this point I have trouble feeling sympathy. All of us former and some current users have been outlining the problems with snap for years, this one included.
Just find any HN thread (or probably Reddit and Twitter threads) about ubuntu or snaps from the last few years and you'll see.
At this point it's akin to starting smoking today then acting shocked when you get lung cancer.
Snap is a disaster, and full of problematic structural decisions that are now really hard to fix (e.g. [1]).
I've decided to delay my upgrade to 22.04 given Canonical's increasingly aggressive push towards Snap, and now I'm considering moving to Arch or some other distribution.
Canonical employees in that thread have repeatedly said they basically don't care about the opinion of the people affected. The latest reasoning provided being that they don't have the resources...
But either they have so little resources they shouldn't be pushing snap in its current form at all or they're lying (and the former reason still applies).
Either case it's disappointing and will slowly destroy all the goodwill they had.
Funny thing is the biggest Ubuntu derivatives (elementary OS, Linux Mint, Pop! OS) are all going against Ubuntu on this one and shipping with flatpak support.
I get why snap is needed, but, like others, my experience has been poor. The first issue was Ubuntu 22.04 shipping the firefox snap only. It's ok for small occasional use programs that you need the bleeding edge version on. But it's not ok to wait 30+ seconds for firefox to open.
They fixed that. But I hit into it's idea of security - being unable to open html files on my local drive, unable to load links from my mutt client, and unable to download and save directly into a specific folder.
And worse, the snap updates just don't function well. They remind you when you are using the program, and they don't seem to update when you're not using it.
I was recently forced into using snap for Firefox by Mint. I had enabled snap for convenient installation of some packages. But I did not anticipate that it would force me to switch to the snap version of Firefox.
They went to Arch, which is fine, although quite a steep change in the baseline system. New package manager, new update cadence, new "way to do things".
Another alternative with much less change would have been Linux Mint: it still is a fine-tuned Ubuntu, but without the Snap Store.
Yeah, Snap updates seem cursed for the newest Ubuntu.
I'm on Fedora these days, can't see ever leaving it the way things are going. It's rock solid and seems to be driving the state of the art in Linux things...
Cloudflare is trivial to set up. You should definitely use it. If you use a mainstream static site generator, you can just deploy to Cloudflare Pages as well.
You don't, you still have the option to switch distros. Stop being a slave to Canonica. With Ubuntu and Snap, Linux is no better than Windows. Try Linux Mint, Debian, Fedora, Arch, openSUSE. Options is something we're not short on in the Linux space.
But when you remove Snaps, how do you install the apps Snap was providing? I recommend Linux Mint which has no Snaps and everything is in the repo as normal.
Update: so as mentioned in my blog post, my panic force reboot during the Firefox Snap update has definitely done something bad to my system. It's now failing to boot most of the time and also crashing randomly when it does boot. Not sure what the root cause is but it's a 1 year old laptop.
And yes I will definitely be re-watching the game after I have finished installing Arch.
I also signed up to Cloudflare due to you all hammering my server last night!
I found Snap to be frustating. It's trying to address a real problem but imho it fails to make life easier. As soon as something breaks or goes wrong and I have to look under the hood, my mental model of how traditional Unix software managment "works" is almost useless.
Why can't something be coherent and powerful behind the scenes but slick up front for users who don't want to think too much about the complexities of software managment?
Yet another example of why the traditional champion companies of the Linux desktop (Canonical, Red Hat etc.) are like a poisoned apple - they are catering to their paying userbase (who are running servers, IoT, PoS, whatever), and don't give a damn about making technical changes that break the average users' experience.
In short they are doing the exact same as Microsoft does with Windows, but the enemy this time is inside the gates.
This is not the fault of snap though, Firefox is just fucking useless - the current instance of the browser that's already loaded everything it has into ram since it will happily suck up a gig while doing nothing should not break because the on disk version has changed.
But no, instead of continuing it will do one of several things:
- show a blank page after entering URL or search term (no feedback, it just does nothing)
- fail to refresh the tab
- crash entirely
- helpfully suggest you restart Firefox in one of those tabs that stopped working earlier.
It is embarrassingly bad, just like the overall UX for Mozilla products is unfortunately, but alas the only other choice is brave and its even worse somehow. (Chrome proper would also be fine but Firefox is the only multi platform* browser that supports custom sync etc)
* Firefox is horrific on android too - broken rendering, blank pages until you engage the address bar and hit go again, etc, add-ons basically unavailable...
Snap has its uses, but Firefox is most certainly not one of them. Firefox maintains personalized databases that aren't where they should be under Snap. Also, Snap completely ruins the ability to run Firefox remotely on a local X display. I was fine with Snap being part of Ubuntu, but when they migrated Firefox to Snap, I uninstalled Snap and manually installed Firefox directly from Mozilla.
I always disable auto-updates on my PCs. The OS has no business installing anything on it's schedule, or in any schedule. I do it on mine as I go. I just have update notifications and I install them manually when I feel like it.
Also, it is bizarre that they desinged a software delivery system with no option to disable auto-updates... and only adding the option now.
And the fact that Firefox frooze during the update is also strange. Not sure if it's a snap problem or Firefox problem.
As a long-time Firefox and Linux user (started using Firefox when it was alpha version and Linux around 2002), the best decision I made around 3 years ago was move to Windows and Edge.
Page isn't working for me but what happened? I use over a bunch snaps on my Ubuntu install (1password, firefox, docker, telegram, discord just off the top of my head) and updates don't happen until I restart the app, and it gives me a desktop notification something like a week out before it forces it, never had an issue with it personally. I can't think of any desktop app that I use that stays open for more than a week at a time that is a huge distruption to close it and reopen it.
Automated update processes that run at the expense of securing access to information when it's needed or that do so with the risk of data loss are a complete failure in my view.
Crazy game for sure. The best WC ever (or over the last 20 anyway). This is a classic UX problem with automation: there are times when you don't know the operating condition. It's better to prompt with opt-out.
Mac OS prompts, and that's better than anything else.
Snaps are also abysmally slow. And while I'm complaining, they also occupy my `mount` output so that's annoying.
The last 20 WC covers pretty much all of living memory, and I doubt many of us on here are qualified to talk about more than 5-10 WCs.
2006 I remember Italy v France was very exciting.
1954 was supposedly pretty exciting with allegations of doping, blatent fouling, and a very dodgy offside call against Puskas.
'58 was also supposedly pretty exciting (certainly a lot of goals)
'66 was a great one for me as a Brit, but also interesting because of the stolen trophy, yet more doping. The match itself was also tense, with a last minute free-kick pushing the match to extra time, the first (and only) hat trick every scored in a WC final, the controversial third goal and the final goal scored while the pitch was being invaded.
'90 was interesting because of the sheer dirtiness of play.
'98 is interesting for me because it's the first World cup I really remember following closely, but not particularly noteworthy as these things go.
That said, 2022 was a very exciting final and will go down in World Cup History.
And definitely nothing should kill a browser without explicit user confirmation.
Was there ever a time when faking injuries like a toddler wasn't an integral, unpunished part of the game?
I like watching the WC because soccer is interesting enough to see once per Olympiad on the world stage. The final today had some amazing shows of talent and teamwork, but it is primally revolting to me to watch grown men writhe in faux agony with one eye on the ref, when their opponent's foot whiffed some air past their shin.
It's odd because I have firefox snap on ubuntu 2204 on my laptop, an annoying popup crops up occasionally, but the only thing I've ever had kill firefox is oom-killer.
Can someone explain what’s going on here? Is there a design mistake here? Does the app update in-place rather than side by side so it simply launches the updated version on next launch?
If it’s side by side then why does it even affect the old version it force a restart? And if it’s not side by side then who the hell designed it?
I got strange notifications telling me to close VS Code, so that it can be updated. But it's often closed, and I kept getting these notifications. I ended up uninstalling the snap and installing VS Code from the website.
"Time duration units can be seconds (s), minutes (m) or hours (h), or a combination of these. A value of forever is also valid, to postpone updates indefinitely:"
...
"If no duration is specified, the time duration defaults to forever."
Just running "snap refresh --hold" should disable snap updates permanently. If you configure your system update script/tooling to unhold the snaps so security fixes can still be installed at the appropriate time, this should mean that no unexpected updates should occur.
You could probably even attach the snap unhold + snap refresh + snap hold flow to the APT hooks somehow, integrating snap updates with apt upgrade.
I'm doing it by using Linux Mint. It's Ubuntu without Snaps. It's taking people a long time to remove from their brains that Ubuntu is a good desktop Linux.
Sorry to hear this. If you managed not to get "spoilered" on the result, try to watch it (I'm sure there's several ways to watch a rerun)... it was a phenomenal game.
I have a snap installation of nextcloud. It has self updated for years with no problem. The set up took almost no time. Canonical tests the package before releasing it in their OS.
Compared to bare metal and docker installation that were broken every few months and required maintenance, I have been pretty happy with snap.
Based on this, would say snap is not a bad idea. Sure snaps might be slow, but that’s improving.
I don’t have time to tweak applications. Let canonical package and test all dependencies for their platform, secure and update the apps.
Snaps are available for other distros but I presume Canonical doesn't test their Snaps on all the other distros. Sounds like a recipe for disaster, making Snaps a bad idea.
That's a fairly recent addition, after a very long time without any notifications and abysmal handling of a running application. These issues were handled slow and dismissively, the current solution is still half-baked. It's yet another good example how bad Snap is.
If you ignore the notifications for two weeks, yes. But you even get a notification at least four hours before updating saying you have little time left.
That said, if you run `snap hold firefox`, it will wait indefinitely.
The problem is that the dialog says to quit the application so snap can update, but snap doesn't do that. It checks a few times a day and bails if the application is running. It doesn't wait for the application to exit and then update, like the dialog indicates it would.
Thus you quit the Firefox, wait a few minutes, assume it has been updated because why shouldn't it, and after two weeks it gets killed mid-session.
I've encountered this exact issue: It kept bugging me to close firefox so that I can update. I closed it. Then I relaunched it and the message popped up again. I repeated this process for a couple of days until I gave up, uninstalled snap, and installed flatpak.
Issues like this are present in a lot of highly-opinionated software; they become utterly unusable when used in a way that deviates from the dev's ideal vision, or ways they plain just refuse to support. Configurability and transparency is almost always a good thing in software. It seems that some Devs will have to relearn this lesson the hard way.
Not updating isn't a solution. What works for me is a systemd service that does a snap refresh on boot. At least I have some controll on when it updates.
What do you mean "just" restarted? Isn't killing one single program a subset of what happens when your computer restarts? And isn't 2 weeks a lot more lead time than Windows gives you?
> Why is it false? Those security updates are important and it's very nonintrusive.
Not sure if this is a complete list, but here are some of my reasons:
a) It's common for updates to contain a mix of security-fixes and other stuff. Sometimes that "other stuff" breaks things and/or needs vetting for deployed systems.
b) Sometimes even "security fixes" break stuff. (I don't have the time to find examples, so feel free to take this with a grain of salt.)
c) Sometimes a forced restart of the system or a program is worse than a delayed update. For example, when giving a presentation, or when firefighting a production issue.
d) It's absolutely an attractive attack vector. I want time to hear about problems before installing updates.
And finally, this might not resonate with everyone, but:
e) It's my system. Nobody else gets to override my choices for how it runs. Full stop. I refuse to cede my agency in this area of computing.
> It's common for updates to contain a mix of security-fixes and other stuff. Sometimes that "other stuff" breaks things and/or needs vetting for deployed systems.
So you have no experience with unattended-upgrades. They really don't contain new features, that's not how Debian's model works - they backport security fixes to keep features the same.
> Sometimes a forced restart of the system or a program is worse than a delayed update. For example, when giving a presentation, or when firefighting a production issue.
Again, you have no clue how Debian/APT updates work. Things don't just get forcefully restarted.
> It's absolutely an attractive attack vector. I want time to hear about problems before installing updates.
Unpatched software is significantly more so than attacking your distribution.
> e) It's my system. Nobody else gets to override my choices for how it runs. Full stop. I refuse to cede my agency in this area of computing.
Sure, feel free to do with yours as you please, but don't recommend terrible things to others, especially those not as proficient.
It's bad advice for most end-users and sysadmins to get rid of unattended-upgrades especially for the FUD reasons listed above.
The number of times I've been hacked and suffered a data loss is astronomically small compared to the number of times I've had something update and suffered a data loss, or more importantly the number of times I've had something update and cause a regression or break something. Then I have to spend my precious time bringing something that was PREVIOUSLY IN A WORKING STATE back to a working state, which is one of the most infuriating feelings.