Linux Mint 20 disables deb2snap packages, and Snap's growing external adoption problem

What would you propose as the alternative when the deb version of a package is no longer available in a new distro release? Removing the package on upgrade would mean the user loses access to the software, and leaving the version from the last distro release in place is just asking for conflicts down the line.

Remember that the primary purpose of these packages is to allow someone to continue using the application they installed after upgrading to the new distro release. There is a long history of using transition packages to smooth over the upgrade process in both Debian and Ubuntu (e.g. transitioning from OpenOffice to LibreOffice, XFree86 to Xorg, etc).

2 Likes

What would you propose as the alternative when the deb version of a package is no longer available in a new distro release?

User has a choice:

1- allow snaps, and update the application from deb to snap

2- refuse snaps, and application no longer works

Today’s situation, with the “deb that actually installs a snap”, doesn’t really fix that problem, it just silently chooses option 1 for the user.

I don’t think this is right. My perception:

1- Snaps don’t solve much for a normal user. Snaps give some new edge abilities such as user can run two different versions of an app in same system. Not many users need that. Installing a new app is less likely to break existing apps, because they’re no longer sharing packages. And snaps create problems for some users: some (mainly server people) do not want to update, maybe ever.

2- Snaps are a big win for app developers: package once and it runs in N distros x M distro releases. Get a bug report or support request, probably no need to interrogate the user about the exact distro and release and system configuration etc.

3- Snaps are a pretty big win for distro developers: push packaging work onto the app developers.

… and you think it is okay to let them do this so their insecure server software can be hooked up to that botnet that serves the paypal fishing site you type in your account password at next login ?

Being a server admin comes with responsibilities to protect not only your users (or companies) data but also the rest of the world (if your machines are internet facing at least) from spreading malicious code.

I personally expect a responsible server admin to have regular maintenance windows for their servers, to create and check backups and close known security holes by applying updates. snapd allows you to set such scheduled maintenance times, the snap store even provides various channels to pick from so you can have a test system set up prior to the security update hitting the stable channel.

And as a last resort there is always snap revert to get you back to the last known good snap revision.

The internet is mankinds biggest community project, to prevent malware from spreading in pandemic ways, some hygiene is required … even in the virtual world :wink:

What do you think of the other transitions I mentioned? Would it have been sensible to leave users stuck on an ancient OpenOffice release when there is a new LibreOffice package that is the obvious continuation of what they were using before?

Frankly, absolutely, yes. The owner of the system has the right to make decisions about it. It is not Canonical’s or Snap’s job to force them into certain decisions. Linux gives the owner/user the power to do things, and sometimes it’s the power to shoot themselves in the foot.

Who knows, maybe they have good reason to prevent updates. Maybe security holes are being handled by a firewall or something else external to the system. Maybe an update would break their payroll-check-printing system. You and I and Canonical and Snap can’t know the right thing for every situation.

The user (or system owner) should make an informed choice. Having a deb that really installs a snap seems underhanded. Inform them that the deb path no longer exists, or the version they’re using has security vulns, give them the opportunity to change to the better/newer snap. But don’t force them or deceive them.

well, not sure you read my words, i dont care at all if they shoot themselves in the foot but i do care about the fact that their unmaintained server becomes part of the botnet that kills my server with a DOS attack … or that they provide hackers a platform to operate from to steal your data … i dont care about their feet but about ours

they are free to use slackware from 1995 instead of ubuntu, nobody forces anyone to pick Ubuntu and snaps over anything else but if they do pick Ubuntu, snaps are there and come with a secure update mechanism that gives you enough abilities to adapt them to your own schedule.

6 Likes

There are a million ways their actions could affect you. Forcing them to update snaps will just make them avoid snaps.

And nobody forces them to use snaps or Ubuntu as i said in my last paragraph :slight_smile:

(note that i’m working a lot with customers. most of them grok snaps and thier update mechanism and actually picked snaps explicitly because of it to run critical infrastructure in their factories, robots, IoT setups and embedded systems. it isnt like people run away screaming from it, despite there being some loud complainers in the community. from a business perspective it is exactly the opposite, people take snaps because of this)

3 Likes

Maybe I’m missing something, but if some power user really wants to use snaps, but doesn’t like the forced updates, there’s this option:

OK, it’s not for everybody and it does not work for the core snap, but the thing is that the options exists.

Okay, every debate about snap updates that I’ve seen has said you can postpone updates, but not completely stop them. If true, this ability to disable updates forever should be publicized by Snap/Canonical.

To me, as a normal desktop user and an as observer… all of this discusión are artificial, there are number of ways to plan / pospone / remove all snaps and, if you want to, remove completly snap or use another linux distro. All the comments that scream that they are forced to swalow snap down their throath are to me just nonsense.
Nobody is forcing you and if, snaps are a failure then we can allways choose something else. The developers are open to discuss to constructive conversations, but as always you sometimes have to say “no”.
I for one, like the idea of snaps, and there are getting better with each release.

5 Likes

they are free to use slackware from 1995 instead of ubuntu, nobody forces anyone to pick Ubuntu and snaps over anything else but if they do pick Ubuntu, snaps are there and come with a secure update mechanism that gives you enough abilities to adapt them to your own schedule.

That sounds exactly as I said, like take it or leave. Nothing wrong with the approach, it’s fine with me - but I do understand why it’s not to others. It’d be easier if the third path existed: some people do want to use Snaps, but don’t want to have them auto updated. Sounds reasonable to me, but it seems you at Canonical see differently.

Edit: I know there are ways to prevent them form updating at all, but they all seem hackish; should be “official”.

My main point is that while I understand Canonical’s perspective and motives regarding auto-updating, I think that the alternatives (i.e. Flatpak, AppImage) are just a much more compelling, less “my-way-or-the-highway” approach for distribution operators. Distribution operators are the key here: Developers aren’t going to be happy if this “universal” format turns out to be not universal after all.

Canonical seems to think that distributions will fall in line with their “my way or the highway” approach. While Snap is nice, the highway (a certain alternative) is looking pretty attractive and is just “good enough.”

1 Like

Please note that while I work at Cannical, and do largely agree with the update design, I am an individual, only expressing my own opinion here, I do not speak fo the company.

That said … note also that the update policy chosen for snaps by Canonical is actually a result of 16 years of experience dealing with update and security issues of users and customers. In my very personal view (having been around for that time) it is an awesome step forward in the evolution of packaging. Still though, please take my optiinon as mine…

3 Likes

All formats are built with distribution-centered design in mind except Snaps. Snaps are built with user-centered design in mind. This is what makes Snaps different and good and the reason users like it and distribution devs dislike it. I don’t want Snaps to become yet another format that is harder to use because it’s better for distros that way. I like what is better for users way.

If you prefer distribution-centered design it’s good all other formats are to your requirements. IMHO users are the key and it doesn’t matter what distro devs support out of box if users want something else. Just like you, the user, have chosen right now to use something else. :wink:

Wikipedia would require a citation here with a “who?” tag. If you are not in the demographic that wants this then please point those that are to come here to elaborate on why they want this. As you have implied you are not one of these people then what you’re saying is anecdotal.

There is a lot of noise with no real substance other than complaining. Without understanding the reasoning for people to want to disable updating we have nothing to go on. Until we have that clarity we will continue with our plan to ensure that people are updated so that their systems remain secure.

1 Like

I must raise my hand here. I use snaps, I build snaps and I love snaps but I hate when snapd unexpectedly brings my machine to a halt. Yes, I could schedule the updates but I can’t predict when I’m going to be working on something important. I’d much rather get a prompt to update instead of this happening beneath my feet.

1 Like

One thing I’ve noticed is long boot times if you haven’t used Linux for a while and all your snaps need updating. It would be nice to have snapd moderate it’s update process to do updates after the system is booted rather than during the bootup. I agree that updating when you’re about to go onstage for example would be really bad. I would like to see a “I’m doing important stuff now” button that holds updates until you close the lid, logout, or the screen idles to turn off or some other more reliable indicator that you’re finished with your important task and that updates can resume. What I don’t want, though, is for that “important stuff now” button to be permanently effective once set; I would want some automated mechanism to reset it to “off” again.

1 Like