Updater improvements - a wishlist

I find the updates manager one of the more uncomfortable parts of Qubes. That cheerful little star in the system tray is now starting to look like a cloud.

The Updater is rather like a brick on a balcony. Set it off and you know its going down and there’s nothing you can really do to stop it. I mean, sure, its going to hit the pavement. Unless its one of those times it doesn’t, gets hung up in something on the way down. And then its ‘drop everything’ with whatever you were doing and get it back to where you started, hoping nothing’s been damaged on the way down and no-one’s going to mind that dinner is gonna be late…

My wish list (constructive criticism) would include:

  1. It shouldn’t crash the machine. That may be technically difficult for reasons I do not understand, but still. No.
  2. “Details” should display full process in real time, just like sudo dnf/apt upgrade dialog
  3. “Cancel” should do exactly that. It doesn’t. (Its like clicking ‘stop’ on the brick halfway down the fall).
  4. Security / urgent updates labelled as such. “Is this an IMPORTANT update? This morning? Overnight?”
  5. You shouldn’t need to click a checkbox to enable clicking on templates you want to force an upgrade. That should be enabled automatically.
  6. A mouse-over each template should reveal what packages are going to be upgraded. (I’m guessing it already has that info, hence the update signal).

I may have this all completely wrong, but it would really help me with such a central part of the OS.

Thoughts? Opinions? Additions?

There is a technical explanation as to why this is not simple to accomplish technically. It uses salt behind the scenes. And as far as I know, that tool doesn’t give a lot of real time information of what’s going on under the hood. But I might be wrong on this.

I like your suggestions. Might be worth sharing with the developers as a UX issue:

done.

I just posted this as a comment on the GitHub issue, but I’ll also share my thoughts here for the sake of discussion:

I’ve been thinking about this lately too. Ideally, I think Qubes should install all mandatory updates (especially mandatory critical security updates) automatically, in the background, without any user awareness (much less action) required. There should be options for not downloading updates over metered connections and for advanced users to opt out entirely. There should also be options for downloading (but not installing) non-mandatory updates and automatically installing all updates. (The appropriate defaults for non-mandatory updates are more open to debate.)

One of the biggest pain points is that updating can take a very long time, especially with many templates, especially over Tor. There’s no reason that a human should be have to sit and wait while update data is being downloaded. It should be downloaded in the background (when appropriate, as unobtrusively as possible).

Another problem is users not knowing what exactly to do or not taking the appropriate action at the right time when a critical security update is released, such as when a new QSB is issued. For virtually all normal users, we already know that they want to install security updates when those updates are stable (and some even earlier, i.e., from security-testing). So, the logical default is for all stable security updates to be installed automatically. Qubes should be secure by default and keep itself that way by default.

Xen and kernel updates will require a dom0 reboot, but requiring a reboot after certain updates is nothing new for an operating system. Just handle this in the usual way: by notifying the user that a reboot is required and letting them choose when to do it. (Of course, the system should never forcibly reboot. The user gets to control the system; not the other way around. Which is, again, why there should also be an option to opt out of all of this.)