Third, the notification has one call to action: shut down the application. This application will be updated, so shut it down. If the user closes the application, presumably that then triggers it to be updated, right? But no: the snap updater runs on a schedule, and it could take 6 hours for it to run again, check whether the application is running, and then apply the update if it’s not. Is the user supposed to leave the application shut down for up to 6 hours? How could they possibly know to do that? You could see a user getting into a cycle (for 13 days!) where they restart the application, and then 6 hours later the intrusive (and apparently not suppressible) notification pops up again.
I thought the same thing the first time I saw it. The only solutions are to either close Firefox and wait for several hours for something to silently happen in the background, or Google for the CLI command to run to update it. Really bizarre UX, I would love to hear someone from Canonical explain why they thought that was a good idea. Is there something I'm missing?
I’ve also been annoyed by this. I don’t have it handy but I did find the ticket where their conversation to implement this first happened. I guess before it would just update without notifying the user.
The idea in that conversation was, at least what I took away from it, that the user gets the notification and now knows at the end of the day they should close the app and in the morning it’ll be updated!
Seems fine on paper. But the messaging in the notification doesn’t tell me that at all. And it turns out despite all the nagging I always forget to close things before I step away.
I hate the execution of this feature. So much. All the nagging. All the confusing messaging.
On top of it all, I don’t feel like snap gives me any qol improvements in exchange.
What’s most frustrating is that snap knows the entire state of the world! They know when the application is started and closed. Could download the update at anytime and upon closing the old application, link to the update and delete the old version.
Snap format is just a single compressed file. They could literally just replace it, remove the old one and due the way of which Linux filesystems work, any new call to app will run the new one, but the old one would use the old file.
They could do it basically seamlessly, with maybe notification only if you keep app running for days. Hell, that's how package manager does updates, just remove old libraries and put a new one in place, old programs will use the old one till restart, and when last filedescriptor closes it will be unlinked from filesystem. It sometimes can cause problems in "normal" apps but fact snap is just a single file removes pretty much all drawbacks of that.
It's not just bad decisions but incompetence on top of that
Snaps don't actually work that way. Snaps are squashfs images, which imposes the contract of requiring to unmount the old image before mounting the new one. When files are in use, you can't easily unmount. (Yes, you can use a lazy unmount, but bad things happen on the system with those, so it's not a good idea to rely on it!)
I think you're thinking of Flatpaks, which are basically hardlink/reflink farms with symlinks used to control the pointers to the current version (OSTree).
Which is basically how web workers work. Download silently then either use the new one on restart, or add some app level code to ask the user if they want to take the update now. At which point its a minimal install process since most of the work has been done already.
Not only that, but I stopped leaving computers on years ago. And couldn’t do that if I wanted to since it’s a laptop I’m putting away in a bag. The thing’s going to sleep until next work day.
Yep, this prompted me to uninstall the snap version of Firefox that was installed by default in Ubuntu 22.04 and reinstall it from the Standard Ubuntu repository. Score minus one for snap.
There is no package for Firefox in Ubuntu 22.04. The package called firefox does not contain a browser, its just transitional for upgrading older versions to snap.
I started to download Firefox from Mozilla. But just because I have not decided yet what distro to use for family computers. Archlinux is fine for me, but not suitable for everyone.
You can also just download the tar ball from Mozilla and run that. It takes care of keeping itself up to date. I do that on Manjaro because I want my updates straight from the source. I'm on the beta channel, so my browser updates frequently and it simply indicates when there is an update and then I can choose when to restart the browser. Works on Ubuntu as well.
I'll recommend Pop_OS as well, but it might be overkill.
It depends on what is meant by "family computer" but don't underestimate the usefulness of a cheap chromebook as well. My wife uses hers exclusively, since using the internet is pretty much the only thing she actually uses a computer for.
The hardware of Chromebooks is more than enough. But as long as I understand something about IT I don't want Google to take away my freedom and lock me out. That would be like a Westerner asking for asylum in China because the party thinks on my behalf.
Not the op, but I guess they meant the hardware specs of a "normal" computer.
Myself I used to buy these little Atoms with eMMC running Windows S. E.g. HP used to have good hardware in that class. Now Windows S has been discontinued and I don't see much choice in the class anymore. Maybe Acer sometimes, but I have zero experience with them.
For Chromebooks there is GalliumOS, but it looks very silent. Not sure whether it is still alive. Last supported model is from 2019.
Who maintains Pop!_OS and how, based on which process and motivation? For Debian and Ubuntu I understand that to some degree, for Pop!_OS I have very little insight. There is System76, but how many developers can they afford?
What you're supposed to do is close the application then run "snap refresh", but there is absolutely no hint that this is what you have to do. I had to look it up online as well. A sane person, in 202X would assuming closing the application would immediately trigger the update, as you said.
Consider Linux Mint. It's based on Ubuntu, but doesn't use the Snap Store. (And from my experience, works like a charm and is well polished.) From the Mint description of the Snap Store:
> The Snap Store, also known as the Ubuntu Store, is a commercial centralized software store operated by Canonical.
and
> This is a store we can’t audit, which contains software nobody can patch. If we can’t fix or modify software, open-source or not, it provides the same limitations as proprietary software.
Another vote for Linux Mint. Run it on my trusty X220 (main driver), a Fujitsu (mainly for media and browsing), an HP (media + browsing), and my mom's ancient Dell laptop. Works flawlessly, leaves me in control, gets out of my way, and has, for my taste, wonderfully sane and reasonable defaults.
Debian is another option too, and is used heavily in industry unlike Mint. I'm disliking Ubuntu more and more but it'll be a lot of work to migrate my fleet over, all managed via Landscape (which is Ubuntu-only). While I'm currently trialing 22 LTS in a limited environment I'm not sure if this is a distro I want continue sticking with in the future.
I guess I could say the same for GNOME, but that's what my users are familiar with. The Ubuntu and GNOME setup works well - for now.
> Debian is another option too, and is used heavily in industry unlike Mint
RHEL is probably also used more in the industry than Mint, that doesn't mean you should prefer it as desktop OS. Debian is solid, no question, but its derivatives became successful for a reason.
RHEL is not a bad choice for desktop these days. The desktop is reasonably fresh, basic tasks are well-supported (office, browsing, etc.), and it has even better short-term and long-term hardware and software compatibility.
The RHEL desktop is quite a bit better with RHEL 9 than it was in its predecessors.
They go so smoothly that I always think I must have forgotten something. The only things I've learned to watch out for are networking changes, like the semi-recent interface name changes, network shares (samba protocol changes), and updates on stuff relating to encryption standards (ssh/ssl.)
I avoided that by accident because I migrated to bareos and used bareos package repo.
But in those case I think problems are plainly that the upstream doesn't really want to support distro packaging, we had some mess because the just one version decided... to start changing the name of packages and services for no good reason.
Most of the "bad script complained on uninstall" I got from 3rd party packages, which is funny as we have people in this thread complaining its "too hard" to get the package in the distro and the exact reason for that is to have as little problems like that as possible.
Can confirm, I uninstalled snapd the day I installed Ubuntu 22.04 and I have been running it for months. Firefox seems to be the only popular package that redirects to a snap (out of my own usage this whole time, at least).
I don't know why they did that, and I am a bit worried I will have to abandon Ubuntu if they move more packages to snaps in the next release. But for now all you need to do is the workaround above for Firefox.
I stand corrected. It looks like there's both a deb and a snap [1].
I now remember getting confused about which one to install, mentally making a note about Docker having been snap'ified, and counting one more strike (perhaps the final one) towards eradicating snap from my system.
Just to add a data point, I recently went back to Linux after spending years in the MacOS world. Installed Ubuntu out of habit, got the exact same thing happen to me (removed snap, installed firefox through apt, got snap back) and went to Pop OS. Could not be happier with the overall system and still very much disgusted by what Ubuntu decided to do.
Not OP but the desktop is super annoying for advanced users with too much mouse usage and things that are super easy in Linux to install from packages require Macports or brew pulling out N squared dependencies.
Yes, I can relate to that. Next to my Linux machines, I use an M1 Mac Mini with macOS, and I eagerly await the day I can install a Linux of my liking on it and run the Mac from there (looking at Asahi Linux's impressive work).
Also, the system update approach of macOS seems quite hostile to slow and/or metered connections.
First of all just the concept of a second package manager is pretty stupid. I only need one.
Second, while the idea of sandboxing sounds nice, when it's done to arbitrary packages that might not even be written with sandboxing in mind, all sorts of bugginess can result, in addition to a bunch of friction. E.g on Pop OS the 7zip GUI for linux is a flatpak, and 7zip might leave half made archives around if it crashes during archiving. But now you have to go find some place 8 folders deep into the root filesystem to find and delete it. All sorts of other annoying interactions with filesystems can occur with flatpak'd programs.
It just muddies the waters and makes things more complicated. It makes much more sense to just have a reasonable, flexible method of sandboxing, independent of packages, that I can apply to whatever software I want to as needed, like jails on FreeBSD.
In short, bundling sandboxing with the package manager breaks with the UNIX philosophy: it does two unrelated things, neither of them well.
>when it's done to arbitrary packages that might not even be written with sandboxing in mind, all sorts of bugginess can result
That's something the package maintainer should consider.
>bundling sandboxing with the package manager
Flatpak utilizes bubblewrap for sandboxing that can be used independently. Flatpak merely provides ("packages" someone can say) the instructions for it.
You're complaining that the Unix API is hard to sandbox, and indeed that sandboxing comes with inherent friction. That isn't a flatpak problem. Macos sometimes does it better, but it's an unsolved problem.
On Ubuntu we shouldn't have to be forced to accept snap packaging for the browser, but we are. Canonical make a number of shit decisions, chasing some corporate dollars, and using flatpak is something you can do without rebuilding everything yourself.
It might not be a flatpak problem, but that doesn't make flatpak a better idea.
I think the concept is just fundamentally flawed. I'm planning on moving back to Arch or maybe try Guix just to get away from all this Linux trying to be Windows nonsense. I don't like Windows and I think we can do better without imitating it so much, and so poorly.
It's weird, I used to think Linux would only ever get better to use, but the more mainstream distros kind of peaked around 2010 in terms of ergonomics for technically minded users. And the experience seems to have become increasingly opaque and frustrating since then, all to chase some desktop adoption that never really materialised anyway, and what do we have to show for it? Greybeards like me are unhappy, nontechnical people still find the OS chafy and inpenetrable.
it doesn't respect umask for one. if you're umask is 027, for 750 & 640, you'll get 755 and 644
The most popular repo 'flathub' is filled with flatpak apps that are built from manifests where they are just downloading random debs and extracting them to get the binary instead of actually building anything from source.
It's a mullet package manager.. business in the front, party in the back.
This sounds exactly like Canonical's doing these days.
Recently found I was asked to teach a workshop to help student use Kenya's KENET vlab, it is a vm platform from Kenya's education network, to run our program.
Their system have some prebuild image for us to use including Ubuntu. Probably because of lacking of fund, their vms are low-performance QEMU-based machines.
I fired up Ubuntu vm and find:
1. `snapd` running constantly in the background and eating up a lot of memory. So the first thing I have to do is to stop snapd.
2. `unattended-upgrades` keep running. I guess is their internet not good so it seems it runs for a long time and keep eating bandwidth and cpu.
Things like these keep making me loosing faith on Ubuntu.
I remember the name Ubuntu borrowed its root from African language, but it seems their system are not so friendly to the users (including students, educators) from African countries.
Yes, forced updates are just insane. It forces an unknown schedule on the users for no reason. Implying the tiniest, most meaningless update is more important than anything the user might do with their computer.
I've been away from Linux for a while and was looking at Ubuntu the other day. Huge download size, huge minimum resources, background processes phoning home constantly. IMHO this is what Linux is there to fight.
The system should be reasonably knowable and controllable by the user, especially a technical one like myself. If I want a byzantine labyrinth of processes phoning home and eating up all my system resources I'll use macOS or Windows.
Unattended upgrades holds a lock that apt uses while downloading. Shouldn't, does.
So a really common experience is turn on a machine, apt install foo, blocked by the updates, anger. Helps a little that apt now tells me what is holding the lock, but it's always unattended upgrades. Which somehow has come back to life after attempts to disable it.
A couple weeks ago I was working away in the terminal when all of a sudden, my USB camera turned on and its light started flashing at me indicating something had just started interacting with my webcam. I immediately assumed "Oh, that's probably just some hackers watching me through my web-cam.", so I looked through /var/log a bit and noticed that it had just re-detected all USB devices and two new users had just been added to my system:
Does anyone know what these new users are for, and why they were added just now instead of at install time? I googled a bit, but couldn't find any recent news about it.
It's a mystery to me how Firefox updates on Ubuntu. Sometimes it goes through auto updates, but sometimes I'll try to open a new tab and it tells me that it will NOT allow me to do that until I restart. This is exceptionally annoying and not something that happens on Windows.
My reading is that if your package manager updates FF on disk while it's running, it can no longer guarantee that new tabs can be created safely, since creating a tab requires spawning a child process and the parent was created with an executable that no longer exists/knows anything about the executable it needs to use when spawning.
It is super annoying and I feel like there are some obvious fixes. I'm also not 100% sure why it only happens on Linux (it updates fine on Windows and MacOS while running right?)
Yes, but that's because it's updated by firefox itself.
If you install, say, FDE directly on linux, you'll get the same behaviour.
But if you use the distro's package manager then I don't think there's a viable workflow for it, as the package manager doesn't have hooks into process management.
The package manager would probably have to be subsumed by systemd for that to even be feasible.
You can get that behavior if you install Firefox from a tar [1], Firefox will then manage its own updates the same as on Windows (though the user running Firefox will need to have permissions to modify the files, which may be risky).
But if you install it through apt or some such package manager, the PM is doing the updates, and it doesn't take into account that Firefox is running.
More specifically, Firefox is updating itself in that situation so it knows not to do anything until startup/shutdown. When the you-have-to-restart tab appears, it's because Firefox didn't do the update, something external on linux (apt or snap or something) did it in a way Firefox can't handle.
Not an excuse but that wouldn’t work on a multi-user system of course.
The solution is to version the files and keep the old versions until the processes are closed. As Windows enforces because it doesn’t allow you to delete files that are in use.
On Windows, Firefox can't be updated while it's running because the files that comprise it are locked by the running application.
On Linux, you can delete or replace open files, and even running applications. Instead of updates being handled by dozens of individual updaters that coordinate closely with each app so that updates happen between restarts, updates happen in the background without really coordinating with running apps.
Sometimes, after Firefox has been updated, there's some kind of incompatibility between the old running binary and the new assets (internal JS, CSS, and idk what else). In that case, Firefox can't open new tabs because you're still running the old binary, which doesn't work with the new assets which have been installed, or which is looking for old assets that it opens dynamically at runtime that are simply no longer present on your disk.
> On Windows, Firefox can't be updated while it's running because the files that comprise it are locked by the running application.
I don't know how the "behind the scenes" work but you can run an update while Firefox is running. We do it all the time. We push security updates to our clients via an agent. It runs the official installer in silent mode.
It is like OP described: You can't open new tabs (ok you can but they will not work) until you restart the browser, but the existing tabs keep working.
IME Firefox does this when the OS updates packages that Firefox depends on and/or changes FF version. I can't speak to Ubuntu specifically but I've seen the same behavior on Arch and Fedora and it's always around OS updates that I've triggered manually.
Ubuntu (at least pre-snap) has Firefox in unattended-upgrades so apt can update Firefox in the background even if the user never runs updates themselves.
Shortly after the push to manage everything through snap, I set up ubuntu server and installed docker, to support a client facing demo involving a few containers. A few hours before the demo snap updated docker to a version that was totally broken and there was much embarrassment. That day I gave up on Ubuntu completely and never looked back.
On a friend's machine, Ubuntu had somehow managed to install both the APT docker and the Snap docker. This caused the entire disk to fill with log messages from the snap docker trying and failing to start, since another docker was already running.
Removing snapd is the first thing I do on any Ubuntu machine now, whether mine or my friends'. This now requires adding a PPA for Firefox since 22.04 but otherwise I have never had to deal with snap again.
I struggled mightily with Firefox's tendency (on Ubuntu) to suddenly and (at least until recently without any notice) tell me "Firefox must restart right now, and will make a feeble/futile attempt to restore your pages". Terrible, terrible UX.
Finally, I just uninstalled the snap version and downloaded/installed the .deb manually. So far so good -- I guess some day I might get hit with a security problem or some must-have feature, but at least I don't randomly have to restart Firefox every few weeks without prior notification.
I think you can point a direct line to that behavior and me installing PopOS. A web browser is my most used application and Ubuntu thinks they have the right to effectively crash it unexpectedly.
Firefox has a built-in upgrade mechanism that doesn't rely on a package manager. I don't know if the .deb has it active, but it's worth checking, so if it is active you wouldn't have to worry about it.
Thanks, but personally I don't want a workaround. I want a distribution that does the right thing. I have used Ubuntu for decades and use it everywhere. I hate to have to change, but as always, good things don't last.
Snaps also create extreme litter in filesystem, some programs like Firefox are broken in confusing way by updates (new tabs are crashing without explanation, part of old tabs crashes), some programs like Telegram were completely broken at some pint in highly confusing ways...
Also, as mentioned by others - Snap is a proprietary, walled-garden system owned by Canonical.
What made me drop snaps is it wouldn’t let me access files outside of $HOME no matter what I tried, and the snap decided I was running Gnome instead of KDE no matter what I tried, going back to the .deb worked perfectly.
It's also alarming that GNOME extensions are updated in the background without user interaction, and the feature cannot be disabled. These extensions are not sandboxed, can run arbitrary commands, and have access to the entire system. Extensions are practically a backdoor for the entire GNOME user base that can be accessed by compromising the update server.
I used Ubuntu since 11.04. I abandoned it for Fedora.
Everything about Ubuntu now is seemingly defined by a spirit of defiance from Fedora. They borrow PipeWire and SystemD, but uglify GNOME, replace Flatpak with Snap, and use *.deb instead of *.rpm. Otherwise it feels mostly the same.
I looked at the Fedora ecosystem and... it's basically just like Ubuntu's point versions, and instead of an LTS every 2 years, you get one every 5 years and it's called Rocky Linux / AlmaLinux. Why pick Ubuntu instead of (basically) upstream? I'll pick the same thing with prettier GNOME and Flatpak instead of the weird mystery lump Ubuntu is now.
>> Why pick Ubuntu instead of (basically) upstream?
"Upstream" for Ubuntu is more like Debian, which is the basis for MANY distros (much like Red Hat - founded around the same time as Debian - and the .rpm ecosystem is a significant core component of many systems including current versions of SuSE, etc.). Ubuntu has traditionally been a slightly more newbie-friendly / commercial-friendly version of Debian. I don't think many of the changes you're describing were really trying to defy Fedora, especially not the choice to use .deb over .rpm.
That said, I did use Fedora for a while when Ubuntu started messing with Gnome a lot and I found it very refreshing, easy and reliable. It's a great distro, but the relationship between the two is absolutely not "upstream" and "downstream".
What they mean is not 'upstream' with respect to distro tooling, but Fedora's closer relationship to the upstream components of the stack desktop stack (GNOME, PipeWire, SystemD, etc.), which are often entirely or in part maintained by Fedora contributors or Red Hat employees, etc.
The 'defiance' they're talking about are the projects that Canonical has developed, often in secret, which are or were essentially alternatives/competitors to the components of the Linux free desktop stack which have been developed in the open, often at Red Hat and developed on Fedora.
The cases that come to mind are:
- Unity vs. GNOME 3
- Upstart vs. Systemd
- Mir vs. Wayland
- Snap vs. Flatpak
The Canonical entries all appear as sort of NIH latecomers, whereas their competitors have generally been developed in an upstream-first, 'release early' kind of way. In each case, the tech opposite Canonical's has been shipped on Fedora, before eventually becoming the default in Ubuntu anyway. (Snap has yet to go.)
Upstart is older than systemd. The famous blog post which originally announced systemd (https://0pointer.de/blog/projects/systemd.html) explicitly mentioned upstart as an already existing alternative, and dedicates several paragraphs to describing the differences between both.
That's a useful thing to remember! Thanks for pointing it out.
Anyway that's the broad picture of the supposed rivalry which might motivate the perceived 'defiance' of Canonical, and the sense that parts of Ubuntu's stack are 'downstream' from Red Hat or Fedora.
Idk if the characterization really makes sense, but that's what the earlier commenter was talking about, not a proper upstream in terms of distro tooling or repositories.
Unity may have gotten out the door first, but GNOME3 was announced in 2008. Unity was revealed out of the blue in 2010.
Flatpak was born as xdg-app, conceived in 2013 with substantive work beginning in 2014.
In both cases, Canonical was doing their own thing, collaborating with no one, while ignoring projects which do all their development in the open and had been upstream of their desktop stack for years.
Did Canonical 'beat' the community projects within (supposedly) their own community 'to market'? Sure. Does it still reveal relatively little interest in collaborating with the wider free software and Linux desktop community compared to 'upstream-first' organizations? Yes! Does throwing code over the wall after community efforts have been underway in public for years still make you look like a latecomer? Hell yes!
Maybe there are good reasons for that— maybe GNOME is hard to work with, maybe it's somehow better to present years worth of code to the world out of the blue instead of writing proposals. Bu5 it still fits the same picture of Canonical's uneasy relationship to formerly-and later, again-upstream projects like GNOME.
lol I'm not saying it's language I would use myself, or that it's fair to characterize projects like GNOME or Flatpak as 'belonging' to Fedora.
Personally, I liked Unity. Mir has turned out to have enduring value outside of the desktop space and also implements Wayland. I don't fully buy into the view I described.
I just think there was an intelligible argument behind that other commenter's strange language, and tried to point it out.
(Another possible reading is that Fedora is 'closer to upstream' because they don't do as much downstream theming of the desktop. I'm not sure if that was also part of what they were getting at.)
IMO dnf is ridiculous newfangled garbage too. Why do people keep reinventing the wheel when it comers to package managers? Apt for .deb and yum for .rpm work fine, manage dependencies, and Just. Plain. Work. without f'ing up the system with autoupdates and bloatware. Seriously, an open source project is not for junior programmers to push their resume driven development on the rest of the community.
dnf is way better than either apt or yum. (Somewhere in my HN comment history I've written at some length about this.)
Major points:
- dnf has a more complete dependency resolver than apt uses by default
- the notion of vendor change is extremely useful when managing multiple repositories on a system
- modern subcommand interfaces are great, and dnf's is stable and mature whereas apt's is still experimental
- dnf handles repo management itself. apt doesn't
For those who are getting their Firefox messed up, the binary from the Mozilla site works just fine and is far more respectful.
I'm using Mate 22.04 LTS. A few settings has to be done to disable updates behind your back, but at least these settings persist, unlike when I was using Snap or whatever it was I managed to install via apt (I think it still eventually reverted to Snap). There was also the issue that the Snap version disables some extensions (sure they are potentially dangerous, but that risk is for me to take).
Now, I just manually update Firefox at convenient times via the Help -> About menu.
That's also the solution I use. Especially because I have multi-rows set up in Firefox and each update breaks this.
Plus, when installing the binaries manually, you can also apply some "hidden" settings by creating a distribution/policies.json file inside the firefox installation folder. This is what mine contains:
It's kinda sad how many settings you have to configure not only here in order to not be nagged constantly. It's like you are fighting against your tools.
That's why I hate Snap. In Linux, unlike Windows or Mac, I should not have to fight my tools in order to configure a system the way I want it. Yet Ubuntu makes me do it every goddamn time for anything on the desktop, between snap and their nasty "Unity" desktop.
> Snaps update automatically, and by default, the snapd daemon checks for updates 4 times a day. Each update check is called a refresh.
i don't know when that line made it into the docs. i could be wrong but i actually thought that being evergreen was one of the selling points of snaps, and was advertised early on.
an edit: sorry upvoters - i went ahead and read the article now. i actually believe now that the article author has a point. to summarize: while it will display a notification to the user about two weeks ahead of time, announcing that an update is scheduled and that the user should close the app to avoid disruptions (the author has some valid complaints about this notification, i think), at the end of the period, the app will be killed - potentially causing unsaved data to be lost - and updated. i believe in many cases this behavior is undesirable. it probably should be discussed and a better alternative proposed.
i do take issue with the author's vehemence against (and manner of expressing such for) the notification, but i suspect i would be quite angry too if i were either an application maintainer fielding complaints about something that i didn't break, or a user who was angry to have lost some data.
oh i completely agree. i dont take issue with the content but the wording. i believe the poster said explicitly the developer was likely quite young. it bugged me. im old now, if anything i probably face the reverse kind of ageism. but i think that comment was ageist
edit: yeah, i looked it up, and i was right. i get the general feeling of a personal attack from the author's text in that paragraph, which irks me. i believe it is quite possible to argue against implementation or functionality without resorting to that sort of thing. its especially funny because the person clearly has no real idea of the situation and makes that clear. no need for that. i do agree with the content of the thoughts otherwise.
the repeated notifixation message from snapd that i need to close the app is really bad IMO...and e.g.closing firefox does not make the message go away(??), its very confusing
The last time I looked at Ubuntu as a daily driver, a few years back, I remember reading the threads about snap and its forced updates. The sheer arrogance of the snap team in their hardline refusal to acknowledge that this would be useful to users was staggering, and for me, ample reason to write Ubuntu off.
Glad that they finally came around. I'm sure many people are happy with this.
Maybe they were trying to take a page from Microsoft's business model; take control away from users only to sell it back as an "enterprise edition" brand store.
Yeah I mention this towards the end of my rant (in the article) but it's a) not available yet and b) not clear whether it'll actually notify you when there are updates to be made. I'm guessing it expects you to unhold at some point to get "refreshes".
I'm fine with that. Nothing drives me more mad than to be in the middle of an interview taking notes and then suddenly land in an endless loop of being forced to restart my browser. It's not like some of us don't have work to do while we're in the browser and the utter disrespect by the designers of this crap to the detriment of their users is baffling. This is one thing where commercial software has something of an edge over FOSS: you can't even threaten to withhold your $ if they misbehave. Power to the user.
I use Xubuntu and snap just gets in my way. With Apt everything is transparent and 'just werks' or at least indicates what to fix. Snap has been the opposite in my experience and especially seems to make program interop more difficult.
It seems like Canonical said "Apple and Microsoft have (painful) app stores that cater to the non-technical, we need one too!"
Snaps, Flatpacks etc are tools needed to push commercial CRAP in FLOSS systems. Period.
The present "sorry state of packaging", largely due to the sorry state of storage (filesystems) stuck in the '80s in the bad sense of being simply largely obsolete for today's needs can be partially surpassed by NixOS/Guix model, witch is a FLOSS packaging model.
Snaps and co on contrary are needed to push distro to irrelevance and allow closed source crapware, mostly filled up with outdated dependencies and horrendous hacks to speed up delivery times by some underpaid and under-competent developer, still fail to prove ANY other realistic purpose.
Really: try to honestly weight their ideas and tell different conclusions if you can find something else.
At first they say "we do compartmentalize anything for safety", than "ah, yes, we can't really isolate stuff because if you want just to open a damn pdf downloaded from a modern WebVM improperly named browser for legacy reasons you can't, so we start punching holes here and there" and thereafter even the effectiveness of formal isolation was depicted as not really safe.
Then/aside another justification came up: pushing fresh software to distros who do not have manpower for quick enough maintainers. The actual snap store prove the contrary: most snaps are outdated and full of outdated deps, with potentially unpatched security vulnerabilities, of course.
Oh, of course they can't package anything than apps, since kernel/userland can't be in a snap, so they need anyway a secondary packaging systems.
Another reason I hated snap, when I used Ubuntu, was the performance problems. Opening a url from the snap version of Slack took multiple seconds! The solution to this was to nuke it and install the .deb version. Just completely unacceptable and embarrassing.
Why would Snap kill the running application when the update is pushed? Any system for self-updating applications needs to install the new version side by side with the existing one anyway. So what’s the reason for terminating the running instance?
Microsoft’s self updating desktop apps (Teams etc) switch silently on restart.
Unsure about their store apps but I imagine it’s the same thing.
With older windows desktop apps which install to privileged locations like %programfiles% it’s more complex.
But that’s the point: snap is a new system. It should be well designed because of it, and be on par with “modern” install systems. It feels strange if they restart for no reason. And it feels equally strange if they have a design that requires it.
# Goddammit ubuntu
sudo apt-get purge snapd -y;
sudo apt-get autoremove -y;
echo "Package: snapd" | sudo tee /etc/apt/preferences.d/block-snap
echo "Pin: release *" | sudo tee -a /etc/apt/preferences.d/block-snap
echo "Pin-Priority: -1" | sudo tee -a /etc/apt/preferences.d/block-snap
Uninstalls and permanently blocks the underlying `snapd` package so it will not be reinistalled. It might "break" some packages that depend on snapd, but as far as I'm concerned they're already broken by virtue of being snap packages.
Realistically, with ubuntu dropping the old (text-mode) installer for ubuntu server, I'll probably basically stop using it altogether after 20.04. I've tried the Ubiquity (gui) installer several times across several virtualization hosts (Xen, KVM), and somehow I've never had it /actually work/. It always managed to crash or loop at some point.
Every time I get those notifications now, I have to remember to close down the application, and go run `snap refresh`. There's literally no other way to make sure the update won't quit my application other than hope it's not running when the update will be applied in 2 weeks.
A better—although arguably still horrible—notification would be to tell you when the application is actually scheduled to be updated so you know when to have it closed. Telling you that you need to have it closed at an indeterminate time 2 weeks from now or else fear "disruption" is clearly not good enough.
Who thought this was an acceptable process for a user to follow and not an utter dealbreaker? Should we still call this snap growing pains?
Updates should always only be applied when the application is starting. If there's a new update, a notification would just tell me to restart the application to have the update applied.
Installed Ubuntu on a friend's laptop last weekend. Today her Firefox wouldn't open because snap was reporting it couldn't update it because it was already running. She restarted computer, same problem. She asked if she can "delete" snap.
snap can be uninstalled. But then she needs Firefox from another source, there is no official .deb package any more. There is also the risk that some update or package installation will pull in snap again. Doable for a technical user who only runs apt from command line and always reads the dependencies before answering yes. Not suitable for non-technical users.
Apparently forcing updates is sort of the core of Snap's philosophy. To the point that they rather added a whole host of config options that lets you specify various "work periods", "postponements" and other temporarily exceptions than just give you the ability not to update.
Can I tell it what I consider my "home directory" is because snaps seem to limit me to what some bozo at canonical thinks is my home directory (rather the multiple volumes and symbolic links I've used for a couple of decades now)
Snaps continue to puzzle me. I have shifted away from Ubuntu (partially because of the attitude attached to pushing snaps) and so I pay less attention than I might have done previously - but I've never seen anyone from Canonical offer a compelling argument for what benefits snaps offer. Most of the notional benefits of bundled app tools like snap and flatpak have either been refuted or have balancing downsides, so what is left? Just continuing to do it out of stubbornness is a really sad but seemingly quite likely possibility.
IMO it's just new for the sake of newness. Apt and dpkg work fine, but some folks feel they have to reinvent the wheel, I guess to beef up their resume or be more like MS or Apple. If they want to write MS or Apple style software, they need to just go and work for those companies.
Apparently some people think that Linux should be just as deterministic and user limiting as proprietary software. I don't understand it, personally.
"Close the app to avoid disruptions" is just laughingly stupid. This is a bit harsh to say it this way ... but it is.
Yet another point, which is related to all the valid remarks already done: it is quite painful to have this notification seconds after Firefox had been launched. Why the update system did not notice Firefox required an update before it launches it? Technical points left aside: when an application requires an update (Chrome, IE), it performs it before launching, not after it has launched.
The way Snap updates packages caused some problems with Firefox on recent versions of Ubuntu - I wrote a blog about it: https://www.mikekasberg.com/blog/2022/03/21/how-to-fix-firef... Perhaps this update mechanism was part of the solution to some of those problems...
This is a very narrow perspective coming from someone who gets forced to use snap to install very specific packages, but snap always kind of gives off... I'm not sure how to verbalize this other than "bad vibes", especially compared to it's package management competition in aptitude. Is this a common experience or am I crazy?
I think the bad vibes come from the fact that Snap is a proprietary, walled-garden system owned by Canonical. The server is not open source, so no one else can run their own Snap Store.
It's antithetical to pretty much everything about what we think of as a "Linux distro".
I would absolutely never run Ubuntu or install Snap because of this. I'll stick with Debian, thanks.
I think it's not only that. In my opinion is also about how Canonical handles everything. Everyday they look and act more like Microsoft. Empty words to sell you something, to convince you they're better.
You can't really act like Microsoft with people that are using your OS because they ran away from Microsoft and expect them to shut up.
Didn't know it had gotten that bad. I stopped using it when it was clear the desktop was no longer a priority for them. Not blaming them since they're a private company but with so many alternatives there's no need to use a second class Linux "desktop". Fedora is more than great imho.
Worse, they lock down and make their standard UI not able to be customized, and keep "deprecating" standard UI tools and configs in favor of some junior intern's idea of how real users "should" work. This sucks, and is why I won't run Ubuntu on any desktop. If I wanted to be told how to use a desktop by an OS, I'd get a f'ing Windows box or a Mac.
I use Linux because I can configure it to work the way I want. If they take that away, they are just another proprietary pile of shit.
snap is the naggiest thing in my computer. it seems like almost every day it's popping up notifications that snap store needs to do something and that I have like 4 days left and then I click on the notification and nothing happens. I have no idea what to do. why is desktop linux still such a piece of crap
THIS! I run Mint 21 on my main PC with the Liquorix kernel (for game performance and desktop responsiveness under load), and it's everything I want out of a Linux distro. More stable and easy to maintain than Arch or Manjaro, more open than Pop!_OS, and just as intuitive as Ubuntu without any Snaps.
Snap infestation is highest in Ubuntu - so I am planning to switch to some alternative (and due to other Canonical excesses like ads in CLI system tools).
> Snap is a proprietary, walled-garden system owned by Canonical.
How do you figure? It's all open source, you can easily see it on GitHub... I know Ubuntu hosts snaps on their servers, but every distro does that. What's the proprietary part?
The server itself is proprietary and the Snap client is hardcoded to point to Canonical's servers (repos are not configurable).
There have been proof-of-concept server implementations by third parties, and some of those have been open-source. But IIRC none of them are maintained or used anywhere.
It could be worse, but at the end of the day it still just seems like a controlling, proto-monopolistic design compared to something like Flatpak, or to any traditional package management repos on Linux.
> The server itself is proprietary and the Snap client is hardcoded to point to Canonical's servers (repos are not configurable).
So fork it and change the code. This isn't the definition of "proprietary". There's still nothing stopping people from having their own snap store except a lil effort.
A client/server application where the server is proprietary isn't really a free software application as far as I'm concerned, even if the server is easy to clone. ¯\_(ツ)_/¯
I expect better from 'open-source' in my personal computing life, and competitors seem happy to deliver it.
If that makes me fussy, oh well.
Snap was what made me switch back to Debian from Ubuntu. In the process I discovered that every issue and friction that had got me to try Ubuntu initially has been more than adequately solved by Debian now.
IMO Debian is by far the saner distribution these days and there’s no reason at all to use Ubuntu for most people.
Debian is good if you don't want up to date browsers, the only shock i had when i tried Debian after this snap fiasco, ironically that's among things snap is trying to solve (quick updates)
>Debian is good if you don't want up to date browsers, the only shock i had when i tried Debian after this snap fiasco, ironically that's among things snap is trying to solve (quick updates)
You mean Debian stable. But you have a choice, you can select testing or unstable, which gives you newer software.
Debian Testing has a problem: It doesn't get security updates directly like stable/backports or unstable, it waits for a package to be promoted from unstable which can make it sometimes less up to date then stable... e.g. you can be stuck on an old firefox-esr with known vulnerabilities for a good while, especially if firefox-esr itself had a major version update which it does every year.
Also why would i use "Testing" or "Unstable" for my daily drive OS? Can't they make an exception to update Firefox+Chromium on Stable? It's really strange thing about Debian
Debian stable users who did want latest Firefox could download the binaries from Mozilla. Just unpack and run from e.g. home directory or perhaps copy to /opt/
Running an out-of-date browser is a security concern, is it not? Does Debian have a policy where they'll just backport the latest non-ESR from Unstable whenever a new 0-day is discovered? If they do and they're quick about it, I guess it's more a matter of personal preference.
Anyway, using Guix, Nix, or Flatpak is definitely a better idea than installing standalone debs for a different version of Debian than you're running, where it may be built against libraries that aren't part of your distro.
If you want to use the Debian package from Sid on Testing, better to rebuild it from source. openSUSE's public instance of the Open Build Service is a convenient way to manage keeping a repo for that up to date. But that definitely complicates system maintenance, too!
what? can you be more specific? I'm using debian as my daily desktop and firefox and I've never ever had issues with anything, especially the web browser. I'm also staying away from fancy new things like snap. I've always managed to get everything I wanted either using apt or dpkg.
Can you please give an example of an application you needed available only as a snap?
What version of Firefox do you have installed? The up to date version is 107, released almost half a month ago. If you're on 106 or earlier, you're not running an up to date browser.
Which might be fine! If that's the kind of system that works for you.
Nah. None of the three big similar solutions to this (AppImage, Flatpack) feel quite like they're the right way to do this, but Snap manages to feel distinctly more-wrong than the others, without any accompanying unique benefits to offset that.
I despise snap. There's a reason why we use apt / yum / pacman or whatever, and that's because traditional package management works.
When I install something through snap or flatpack, invariably it starts slower, has worse performance, is much more bloated and is generally a much more janky experience than just getting it from the apt repo. Snaps are the number one reason why I use popOS or mint over ubuntu.
There are two main packaging systems for Linux that are well known and usable. You can also use standard config management software to roll out configs for each package. Snap is a solution in search for a problem by people who are too lazy to use standard packaging that has been in existence for decades.
Listen up kids: "New" is seldom "better" when it comes to system tools. Put your creativity to applications, not trying to reinvent the wheel with "new" packaging systems.
Snap is a bloated mess, and we wish is was not on any system we administer.
I agree. I understand why they are doing it, but I dont feel good using it. It has me wanting to switch to Fedora for no other reason beyond it makes me feel like my computer isn't my computer anymore.
I don't like Ubuntu anymore, but not because of "how it operates."
More because of "how it operates, without being forthcoming about what its new purpose is, which is not 'everybody's Linux.'"
You're trying to be a tool to support big corporate IT. That is absolutely fine, good even. Getting more Linux in that space, under Ubuntu's name, seems pretty cool.
But you're no longer "the people's choice" when you behave that way. They're putting in big grown up restrictions and ideas and methods of doing things, and they just need to be honest about that.
One thing I find funny is the problem of data loss. On macOS, it's been the norm for years that applications retain their state when quit and re-opened, including unsaved documents.
While weird when introduced, in hindsight this is exactly the right behavior, because it is the most user-friendly and it makes e.g. software updates a non-issue. Even apps like iTerm can be updated and restarted in-place, retaining all the sessions.
It's a testament to how bad Linux UX still is that this sort of idea is not only utterly alien, but instead some developers thought it was acceptable to kill running apps outright.
> Even apps like iTerm can be updated and restarted in-place, retaining all the sessions.
iTerm doesn't retain sessions at all. It just presents a facade resembling preserved sessions. Close iTerm2 while you have a tmux session open, or some SSH connections, or any long-running command. Those sessions and their processes die when you close iTerm.
Maybe iTerm can approximate some of those things if iTerm is actually running the whole show, i.e., iTerm mediates launching your tmux sessions and your SSH connections. But imo those features are underwhelming and oversold.
And browsers, too, are only semi-reliable at restoring any sort of more complex page with significant dynamic contents, because that requires the cooperation of the website itself and in practice relying on that is a crapshoot.
The article mentions Snap, AppImage and FlatPak, but there is also a much older system called 0install (zero install) that was started in 2003 or so [1].
Why does it even need to stop the application before updating, that seems like a deficiency in snapd. Shouldn't it keep the application running from the old image, and install the new image side by side with it, so it launches from the new image when you restart the application. I think that works for flatpak.
Personally I don't have an issue with the auto-updates and like them quite a lot. It automates something away that I do by routine anyway. If the default switched to making holding updates back explicit that would be a big improvement in my book. In particular from a security perspective.
But everybody's not you. Sometimes we're on expensive, metered bandwidth. Sometimes we're in an online business meeting. Sometimes we're giving/about to give a presentation. Sometimes we're under deadline pressure and can't afford the additional time and stress of a potentially-breaking upgrade. We have lot's of times when we'd really rather postpone an upgrade, for perfectly legitimate reasons. We get the security issue, we'll upgrade when the timing is better. Just don't take that decision out of our hands.
Totally automated upgrades are an evil (unless there's an explicit opt-in) and must die.
The restart notification system is so lame that I get notifications that the snap daemon needs to update itself and I should close the snap daemon. Which is not something I opened. What am I supposed to do, kill the process?
The UX can definitely be improved but the vitriol against this snap feature is puzzling, since the core of it (what in snap jargon is called “refresh awareness”) was implemented specifically because the alternative (silently updating the app from under the user which resulted in strange bugs, crashes and other problems) was pretty undesirable. In essence refresh awareness was added at users’ behest :)
As mentioned in the article, the instructions are just plain misleading/wrong. Shutting down the app does not cause a refresh. Shut down and restart and you'll get another pop-up in 6 hours.
I don't really have a problem with this in general, if a few rules are followed (that Canonical/Snap have apparently not even remotely bothered to address):
0. First off, the user should have to opt in to automatic updates. This should never be forced.
1. The update should never cause unsaved work to be lost. This means that the auto-updater should never kill the application unless it knows that it can start back up in exactly the same state before it was killed. Some apps will do this normally (some requiring configuration first), like Firefox, but others cannot. That's actually something I think apps should be required to have: there should be a standardized "snapshot-kill-restart" interface (perhaps some DBus thing) that allows for this. The old X11 session management system was designed for this, but in practice implementations are always buggy to some extent.
2. The app should be restarted after being updated, especially if it's happening in the background outside of user control.
3. The app should never be killed while the user is present and doing something. It should only happen while the machine is idle. If there's never an opportunity for that (say, the user always puts the computer to sleep rather than leaving it idle), then the update mechanism must resort to popups that ask for consent to do the update right then. The consent should only last for that single instance.
4. Updates can't ever break things. Auto updates should be reserved for security and critical (like data-loss) bugfixes only. All other updates should be voluntary. (I'd reluctantly make an exception for the case where there are security issues that need to be fixed, but it's not possible to backport those fixes, so a "security update" becomes a straight version update. Nothing is perfect.) A big part of why users don't like automatic updates is because they break things or remove features too often. Stop doing that, and users will start to trust the auto-update mechanism again. (And point #0 will stop being an issue: users will be happy to enable auto-updates. And maybe at some point I'd even drop #0 and think it's ok for vendors to enable auto-updates by default.)
Regarding killing apps that need to be updated, most do not need to be killed at all, and can be safely updated underneath the running instance. Yes, there would need to be some mechanism to ensure the OS has paged all of the executable into memory (don't want "Text file busy" errors when trying to overwrite binaries), but this doesn't feel like a huge deal. Some apps do need to be restarted, as they dynamically load and unload UI resources from disk as the user uses the app, and those files changing underneath a running instance would cause problems.
If this was an unpaid, volunteer project, I could certainly understand that the auto-update process would be unpolished and not the best. But Snap is owned by Canonical, and if they're serious about this, they need to get their shit together and actually focus on UX... ironic, since that was originally the entire point of the company in the first place: make a Linux distro with a polished UX that non-techie people would feel comfortable using.
Your set of rules, while reasonable, bear no apparent similarity to how Ubuntu is implemented. In particular it's moderately involved to disable the automated updates and seems to change each time I go through it.
Do they, though? I use Firefox, but my understanding is that Chrome just puts a button in the corner of the window that you can click to restart and install the updates, but it doesn't ever force you to do it, and you could conceivably continue running that way for as long as you want (well, until you end up rebooting the computer for whatever reason). I could be wrong, though.
I use both browsers on Ubuntu and Chrome never caused me any unpleasant update interruptions. The Firefox binary from mozilla.org is far less invasive, btw.
I thought the same thing the first time I saw it. The only solutions are to either close Firefox and wait for several hours for something to silently happen in the background, or Google for the CLI command to run to update it. Really bizarre UX, I would love to hear someone from Canonical explain why they thought that was a good idea. Is there something I'm missing?
The idea in that conversation was, at least what I took away from it, that the user gets the notification and now knows at the end of the day they should close the app and in the morning it’ll be updated!
Seems fine on paper. But the messaging in the notification doesn’t tell me that at all. And it turns out despite all the nagging I always forget to close things before I step away.
I hate the execution of this feature. So much. All the nagging. All the confusing messaging.
On top of it all, I don’t feel like snap gives me any qol improvements in exchange.
They could do it basically seamlessly, with maybe notification only if you keep app running for days. Hell, that's how package manager does updates, just remove old libraries and put a new one in place, old programs will use the old one till restart, and when last filedescriptor closes it will be unlinked from filesystem. It sometimes can cause problems in "normal" apps but fact snap is just a single file removes pretty much all drawbacks of that.
It's not just bad decisions but incompetence on top of that
I think you're thinking of Flatpaks, which are basically hardlink/reflink farms with symlinks used to control the pointers to the current version (OSTree).
I keep that laptop around the living room, always suspended if not used, all apps always running.
If the notification gave me a “update now!” button I would click it
I started to download Firefox from Mozilla. But just because I have not decided yet what distro to use for family computers. Archlinux is fine for me, but not suitable for everyone.
I was using ubuntu a lot years ago but have now settled on Debian. No annoying crap like this happens there, apt is all i need!
Make sure to pin it and/or neutralize snap so it takes precedence.
I guess it's unlucky that they call the package firefox. Calling it something unique would make pinning unnecessary and popcon results correct.
It depends on what is meant by "family computer" but don't underestimate the usefulness of a cheap chromebook as well. My wife uses hers exclusively, since using the internet is pretty much the only thing she actually uses a computer for.
In what way? For any desktop usage Ubuntu is suitable for, Pop_OS can do it.
Myself I used to buy these little Atoms with eMMC running Windows S. E.g. HP used to have good hardware in that class. Now Windows S has been discontinued and I don't see much choice in the class anymore. Maybe Acer sometimes, but I have zero experience with them.
For Chromebooks there is GalliumOS, but it looks very silent. Not sure whether it is still alive. Last supported model is from 2019.
https://blog.linuxmint.com/?p=4244
I ran “sudo apt install firefox” and it installed a freaking snap!
Today I learned that Ubuntu just decides to install snaps instead of the apt package.
What the hell.
> The Snap Store, also known as the Ubuntu Store, is a commercial centralized software store operated by Canonical.
and
> This is a store we can’t audit, which contains software nobody can patch. If we can’t fix or modify software, open-source or not, it provides the same limitations as proprietary software.
https://linuxmint-user-guide.readthedocs.io/en/latest/snap.h... https://linuxmint.com/
Hats off to the fine people behind Linux Mint.
I guess I could say the same for GNOME, but that's what my users are familiar with. The Ubuntu and GNOME setup works well - for now.
RHEL is probably also used more in the industry than Mint, that doesn't mean you should prefer it as desktop OS. Debian is solid, no question, but its derivatives became successful for a reason.
The RHEL desktop is quite a bit better with RHEL 9 than it was in its predecessors.
They go so smoothly that I always think I must have forgotten something. The only things I've learned to watch out for are networking changes, like the semi-recent interface name changes, network shares (samba protocol changes), and updates on stuff relating to encryption standards (ssh/ssl.)
But in those case I think problems are plainly that the upstream doesn't really want to support distro packaging, we had some mess because the just one version decided... to start changing the name of packages and services for no good reason.
Most of the "bad script complained on uninstall" I got from 3rd party packages, which is funny as we have people in this thread complaining its "too hard" to get the package in the distro and the exact reason for that is to have as little problems like that as possible.
https://linuxmint.com/rel_elsie.php
https://www.omgubuntu.co.uk/2022/04/how-to-install-firefox-d...
I don't know why they did that, and I am a bit worried I will have to abandon Ubuntu if they move more packages to snaps in the next release. But for now all you need to do is the workaround above for Firefox.
I now remember getting confused about which one to install, mentally making a note about Docker having been snap'ified, and counting one more strike (perhaps the final one) towards eradicating snap from my system.
[1] https://snapcraft.io/docker
What made you switch from macOS?
Also, the system update approach of macOS seems quite hostile to slow and/or metered connections.
- Apt installs traditional deb packages
- The software center GUI has a dropdown to pick between Flatpack & Deb, defaulting to Flatpack.
I think this is a decent setup. Apt not doing what I'm used to infuriates me, but it feels vibely fitting for a gui to default to Flatpacks.
Then install flatpak. It has chromium and Firefox.
E.g. https://www.debugpoint.com/remove-snap-ubuntu/?amp=1
Second, while the idea of sandboxing sounds nice, when it's done to arbitrary packages that might not even be written with sandboxing in mind, all sorts of bugginess can result, in addition to a bunch of friction. E.g on Pop OS the 7zip GUI for linux is a flatpak, and 7zip might leave half made archives around if it crashes during archiving. But now you have to go find some place 8 folders deep into the root filesystem to find and delete it. All sorts of other annoying interactions with filesystems can occur with flatpak'd programs.
It just muddies the waters and makes things more complicated. It makes much more sense to just have a reasonable, flexible method of sandboxing, independent of packages, that I can apply to whatever software I want to as needed, like jails on FreeBSD.
In short, bundling sandboxing with the package manager breaks with the UNIX philosophy: it does two unrelated things, neither of them well.
That's something the package maintainer should consider.
>bundling sandboxing with the package manager
Flatpak utilizes bubblewrap for sandboxing that can be used independently. Flatpak merely provides ("packages" someone can say) the instructions for it.
On Ubuntu we shouldn't have to be forced to accept snap packaging for the browser, but we are. Canonical make a number of shit decisions, chasing some corporate dollars, and using flatpak is something you can do without rebuilding everything yourself.
I think the concept is just fundamentally flawed. I'm planning on moving back to Arch or maybe try Guix just to get away from all this Linux trying to be Windows nonsense. I don't like Windows and I think we can do better without imitating it so much, and so poorly.
It's weird, I used to think Linux would only ever get better to use, but the more mainstream distros kind of peaked around 2010 in terms of ergonomics for technically minded users. And the experience seems to have become increasingly opaque and frustrating since then, all to chase some desktop adoption that never really materialised anyway, and what do we have to show for it? Greybeards like me are unhappy, nontechnical people still find the OS chafy and inpenetrable.
The most popular repo 'flathub' is filled with flatpak apps that are built from manifests where they are just downloading random debs and extracting them to get the binary instead of actually building anything from source.
It's a mullet package manager.. business in the front, party in the back.
Like... wtf ? They'd had to patch apt to even do that...
see https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-t...
Now they've stepped onto this slippery slope, I don't intend to be on the ride with them on the way down.
You install a package called firefox that on install installs the snap and on uninstall removes it.
Recently found I was asked to teach a workshop to help student use Kenya's KENET vlab, it is a vm platform from Kenya's education network, to run our program.
Their system have some prebuild image for us to use including Ubuntu. Probably because of lacking of fund, their vms are low-performance QEMU-based machines.
I fired up Ubuntu vm and find:
1. `snapd` running constantly in the background and eating up a lot of memory. So the first thing I have to do is to stop snapd.
2. `unattended-upgrades` keep running. I guess is their internet not good so it seems it runs for a long time and keep eating bandwidth and cpu.
Things like these keep making me loosing faith on Ubuntu.
I remember the name Ubuntu borrowed its root from African language, but it seems their system are not so friendly to the users (including students, educators) from African countries.
You have no control and can't get a stable system.
And since things change automatically you have no clue what made stuff broken.
I can vision the condescending and smug guy on Canonical forcing auto updates (remote code execution) by default as some "security" measure.
The system should be reasonably knowable and controllable by the user, especially a technical one like myself. If I want a byzantine labyrinth of processes phoning home and eating up all my system resources I'll use macOS or Windows.
So a really common experience is turn on a machine, apt install foo, blocked by the updates, anger. Helps a little that apt now tells me what is holding the lock, but it's always unattended upgrades. Which somehow has come back to life after attempts to disable it.
A couple weeks ago I was working away in the terminal when all of a sudden, my USB camera turned on and its light started flashing at me indicating something had just started interacting with my webcam. I immediately assumed "Oh, that's probably just some hackers watching me through my web-cam.", so I looked through /var/log a bit and noticed that it had just re-detected all USB devices and two new users had just been added to my system:
Does anyone know what these new users are for, and why they were added just now instead of at install time? I googled a bit, but couldn't find any recent news about it.The client is foss. The store is proprietary. The store isn't required to install or/and distribute snaps.
On the other hand this username is mentioned in a snap dev forum: https://forum.snapcraft.io/t/system-usernames/13386 - but there it says it should be using the 524288-589823 uid range...
What is this related to?
My reading is that if your package manager updates FF on disk while it's running, it can no longer guarantee that new tabs can be created safely, since creating a tab requires spawning a child process and the parent was created with an executable that no longer exists/knows anything about the executable it needs to use when spawning.
It is super annoying and I feel like there are some obvious fixes. I'm also not 100% sure why it only happens on Linux (it updates fine on Windows and MacOS while running right?)
(At least, as far as I can tell)
If you install, say, FDE directly on linux, you'll get the same behaviour.
But if you use the distro's package manager then I don't think there's a viable workflow for it, as the package manager doesn't have hooks into process management.
The package manager would probably have to be subsumed by systemd for that to even be feasible.
Package is multiple files app needs replaced, so you have old app getting the files replaced under it during upgrade, that's why restart is needed.
In case of snap there is layer between, the "snap" is just a blob that is mounted by a daemon that then runs app off it.
If you just move/delete old snap the daemon should just be accessing old one till the app stops
Or at least, you get an error if you try and modify an executable that is currently being used by a process on Windows.
But I suppose linux is generally geared towards servers, where that isn't an issue.
But if you install it through apt or some such package manager, the PM is doing the updates, and it doesn't take into account that Firefox is running.
[1] http://archive.mozilla.org/pub/firefox/releases/latest/READM... has instructions for getting a release tar.
The solution is to version the files and keep the old versions until the processes are closed. As Windows enforces because it doesn’t allow you to delete files that are in use.
On Linux, you can delete or replace open files, and even running applications. Instead of updates being handled by dozens of individual updaters that coordinate closely with each app so that updates happen between restarts, updates happen in the background without really coordinating with running apps.
Sometimes, after Firefox has been updated, there's some kind of incompatibility between the old running binary and the new assets (internal JS, CSS, and idk what else). In that case, Firefox can't open new tabs because you're still running the old binary, which doesn't work with the new assets which have been installed, or which is looking for old assets that it opens dynamically at runtime that are simply no longer present on your disk.
I don't know how the "behind the scenes" work but you can run an update while Firefox is running. We do it all the time. We push security updates to our clients via an agent. It runs the official installer in silent mode. It is like OP described: You can't open new tabs (ok you can but they will not work) until you restart the browser, but the existing tabs keep working.
Removing snapd is the first thing I do on any Ubuntu machine now, whether mine or my friends'. This now requires adding a PPA for Firefox since 22.04 but otherwise I have never had to deal with snap again.
Finally, I just uninstalled the snap version and downloaded/installed the .deb manually. So far so good -- I guess some day I might get hit with a security problem or some must-have feature, but at least I don't randomly have to restart Firefox every few weeks without prior notification.
https://launchpad.net/~mozillateam/+archive/ubuntu/ppa
Also, as mentioned by others - Snap is a proprietary, walled-garden system owned by Canonical.
https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/2514
It is bad but it’s not that bad, they are still running as your unprivileged user.
Everything about Ubuntu now is seemingly defined by a spirit of defiance from Fedora. They borrow PipeWire and SystemD, but uglify GNOME, replace Flatpak with Snap, and use *.deb instead of *.rpm. Otherwise it feels mostly the same.
I looked at the Fedora ecosystem and... it's basically just like Ubuntu's point versions, and instead of an LTS every 2 years, you get one every 5 years and it's called Rocky Linux / AlmaLinux. Why pick Ubuntu instead of (basically) upstream? I'll pick the same thing with prettier GNOME and Flatpak instead of the weird mystery lump Ubuntu is now.
"Upstream" for Ubuntu is more like Debian, which is the basis for MANY distros (much like Red Hat - founded around the same time as Debian - and the .rpm ecosystem is a significant core component of many systems including current versions of SuSE, etc.). Ubuntu has traditionally been a slightly more newbie-friendly / commercial-friendly version of Debian. I don't think many of the changes you're describing were really trying to defy Fedora, especially not the choice to use .deb over .rpm.
That said, I did use Fedora for a while when Ubuntu started messing with Gnome a lot and I found it very refreshing, easy and reliable. It's a great distro, but the relationship between the two is absolutely not "upstream" and "downstream".
The 'defiance' they're talking about are the projects that Canonical has developed, often in secret, which are or were essentially alternatives/competitors to the components of the Linux free desktop stack which have been developed in the open, often at Red Hat and developed on Fedora.
The cases that come to mind are:
The Canonical entries all appear as sort of NIH latecomers, whereas their competitors have generally been developed in an upstream-first, 'release early' kind of way. In each case, the tech opposite Canonical's has been shipped on Fedora, before eventually becoming the default in Ubuntu anyway. (Snap has yet to go.)Upstart is older than systemd. The famous blog post which originally announced systemd (https://0pointer.de/blog/projects/systemd.html) explicitly mentioned upstart as an already existing alternative, and dedicates several paragraphs to describing the differences between both.
Anyway that's the broad picture of the supposed rivalry which might motivate the perceived 'defiance' of Canonical, and the sense that parts of Ubuntu's stack are 'downstream' from Red Hat or Fedora.
Idk if the characterization really makes sense, but that's what the earlier commenter was talking about, not a proper upstream in terms of distro tooling or repositories.
So are Unity and Snap compared to GNOME3 and Flatpak.
Flatpak was born as xdg-app, conceived in 2013 with substantive work beginning in 2014.
In both cases, Canonical was doing their own thing, collaborating with no one, while ignoring projects which do all their development in the open and had been upstream of their desktop stack for years.
Did Canonical 'beat' the community projects within (supposedly) their own community 'to market'? Sure. Does it still reveal relatively little interest in collaborating with the wider free software and Linux desktop community compared to 'upstream-first' organizations? Yes! Does throwing code over the wall after community efforts have been underway in public for years still make you look like a latecomer? Hell yes!
Maybe there are good reasons for that— maybe GNOME is hard to work with, maybe it's somehow better to present years worth of code to the world out of the blue instead of writing proposals. Bu5 it still fits the same picture of Canonical's uneasy relationship to formerly-and later, again-upstream projects like GNOME.
Personally, I liked Unity. Mir has turned out to have enduring value outside of the desktop space and also implements Wayland. I don't fully buy into the view I described.
I just think there was an intelligible argument behind that other commenter's strange language, and tried to point it out.
(Another possible reading is that Fedora is 'closer to upstream' because they don't do as much downstream theming of the desktop. I'm not sure if that was also part of what they were getting at.)
Auto updates must die in hell. I must be the only one on my system who issues `dnf upgrade`.
Major points:
I'm using Mate 22.04 LTS. A few settings has to be done to disable updates behind your back, but at least these settings persist, unlike when I was using Snap or whatever it was I managed to install via apt (I think it still eventually reverted to Snap). There was also the issue that the Snap version disables some extensions (sure they are potentially dangerous, but that risk is for me to take).
Now, I just manually update Firefox at convenient times via the Help -> About menu.
Plus, when installing the binaries manually, you can also apply some "hidden" settings by creating a distribution/policies.json file inside the firefox installation folder. This is what mine contains:
It's kinda sad how many settings you have to configure not only here in order to not be nagged constantly. It's like you are fighting against your tools.> Snaps update automatically, and by default, the snapd daemon checks for updates 4 times a day. Each update check is called a refresh.
i don't know when that line made it into the docs. i could be wrong but i actually thought that being evergreen was one of the selling points of snaps, and was advertised early on.
an edit: sorry upvoters - i went ahead and read the article now. i actually believe now that the article author has a point. to summarize: while it will display a notification to the user about two weeks ahead of time, announcing that an update is scheduled and that the user should close the app to avoid disruptions (the author has some valid complaints about this notification, i think), at the end of the period, the app will be killed - potentially causing unsaved data to be lost - and updated. i believe in many cases this behavior is undesirable. it probably should be discussed and a better alternative proposed.
i do take issue with the author's vehemence against (and manner of expressing such for) the notification, but i suspect i would be quite angry too if i were either an application maintainer fielding complaints about something that i didn't break, or a user who was angry to have lost some data.
i celebrate sharing this knowledge with you today :)
https://xkcd.com/1053/
edit: yeah, i looked it up, and i was right. i get the general feeling of a personal attack from the author's text in that paragraph, which irks me. i believe it is quite possible to argue against implementation or functionality without resorting to that sort of thing. its especially funny because the person clearly has no real idea of the situation and makes that clear. no need for that. i do agree with the content of the thoughts otherwise.
[1] https://snapcraft.io/blog/hold-your-horses-i-mean-snaps-new-...
Glad that they finally came around. I'm sure many people are happy with this.
To update to this version use:
to get rid of automatic updates.It seems like Canonical said "Apple and Microsoft have (painful) app stores that cater to the non-technical, we need one too!"
The present "sorry state of packaging", largely due to the sorry state of storage (filesystems) stuck in the '80s in the bad sense of being simply largely obsolete for today's needs can be partially surpassed by NixOS/Guix model, witch is a FLOSS packaging model.
Snaps and co on contrary are needed to push distro to irrelevance and allow closed source crapware, mostly filled up with outdated dependencies and horrendous hacks to speed up delivery times by some underpaid and under-competent developer, still fail to prove ANY other realistic purpose.
Really: try to honestly weight their ideas and tell different conclusions if you can find something else.
At first they say "we do compartmentalize anything for safety", than "ah, yes, we can't really isolate stuff because if you want just to open a damn pdf downloaded from a modern WebVM improperly named browser for legacy reasons you can't, so we start punching holes here and there" and thereafter even the effectiveness of formal isolation was depicted as not really safe.
Then/aside another justification came up: pushing fresh software to distros who do not have manpower for quick enough maintainers. The actual snap store prove the contrary: most snaps are outdated and full of outdated deps, with potentially unpatched security vulnerabilities, of course.
Oh, of course they can't package anything than apps, since kernel/userland can't be in a snap, so they need anyway a secondary packaging systems.
With older windows desktop apps which install to privileged locations like %programfiles% it’s more complex.
But that’s the point: snap is a new system. It should be well designed because of it, and be on par with “modern” install systems. It feels strange if they restart for no reason. And it feels equally strange if they have a design that requires it.
Realistically, with ubuntu dropping the old (text-mode) installer for ubuntu server, I'll probably basically stop using it altogether after 20.04. I've tried the Ubiquity (gui) installer several times across several virtualization hosts (Xen, KVM), and somehow I've never had it /actually work/. It always managed to crash or loop at some point.
A better—although arguably still horrible—notification would be to tell you when the application is actually scheduled to be updated so you know when to have it closed. Telling you that you need to have it closed at an indeterminate time 2 weeks from now or else fear "disruption" is clearly not good enough.
Who thought this was an acceptable process for a user to follow and not an utter dealbreaker? Should we still call this snap growing pains?
Updates should always only be applied when the application is starting. If there's a new update, a notification would just tell me to restart the application to have the update applied.
I'm a debian person, so not sure. Can she?
Sure, I can kill firefox, run the updater manually, then restart it, every time I see this popup, but that's pretty tiring.
See the discussion here: https://forum.snapcraft.io/t/disabling-automatic-refresh-for...
Edit: ...or not anymore: https://news.ycombinator.com/item?id=33836216
Apparently some people think that Linux should be just as deterministic and user limiting as proprietary software. I don't understand it, personally.
That is why Canonical pushes it.
And `sudo apt update && sudo apt upgrade` CLI log now includes an ad: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-t...
As they are remotely breaking users' systems too I see no need to recommend Ubuntu as a newbie friendly distro anymore either.
Yet another point, which is related to all the valid remarks already done: it is quite painful to have this notification seconds after Firefox had been launched. Why the update system did not notice Firefox required an update before it launches it? Technical points left aside: when an application requires an update (Chrome, IE), it performs it before launching, not after it has launched.
It's antithetical to pretty much everything about what we think of as a "Linux distro".
I would absolutely never run Ubuntu or install Snap because of this. I'll stick with Debian, thanks.
You can't really act like Microsoft with people that are using your OS because they ran away from Microsoft and expect them to shut up.
see https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-t...
It advertises some Commercial product by Canonical and /r/linux subreddit.
I use Linux because I can configure it to work the way I want. If they take that away, they are just another proprietary pile of shit.
[1] https://en.wikipedia.org/wiki/Linux_Mint
[2] https://en.wikipedia.org/wiki/Fedora_Linux
[3] https://en.wikipedia.org/wiki/Fedora_Linux#Silverblue
[4] https://en.wikipedia.org/wiki/Pop!_OS
Snap infestation is highest in Ubuntu - so I am planning to switch to some alternative (and due to other Canonical excesses like ads in CLI system tools).
My current candidates are Debian and Pop!OS.
How do you figure? It's all open source, you can easily see it on GitHub... I know Ubuntu hosts snaps on their servers, but every distro does that. What's the proprietary part?
There have been proof-of-concept server implementations by third parties, and some of those have been open-source. But IIRC none of them are maintained or used anywhere.
It could be worse, but at the end of the day it still just seems like a controlling, proto-monopolistic design compared to something like Flatpak, or to any traditional package management repos on Linux.
So fork it and change the code. This isn't the definition of "proprietary". There's still nothing stopping people from having their own snap store except a lil effort.
I expect better from 'open-source' in my personal computing life, and competitors seem happy to deliver it. If that makes me fussy, oh well.
IMO Debian is by far the saner distribution these days and there’s no reason at all to use Ubuntu for most people.
I guess I don’t want up to date browsers.
You mean Debian stable. But you have a choice, you can select testing or unstable, which gives you newer software.
https://packages.debian.org/sid/firefox
https://www.mozilla.org/en-GB/firefox/all/#product-desktop-r...
There is no real need for "ancillary package managers", and all they do is complicate system maintenance.
Anyway, using Guix, Nix, or Flatpak is definitely a better idea than installing standalone debs for a different version of Debian than you're running, where it may be built against libraries that aren't part of your distro.
If you want to use the Debian package from Sid on Testing, better to rebuild it from source. openSUSE's public instance of the Open Build Service is a convenient way to manage keeping a repo for that up to date. But that definitely complicates system maintenance, too!
Only if you assume new bugs are better than old.
Can you please give an example of an application you needed available only as a snap?
Which might be fine! If that's the kind of system that works for you.
When I install something through snap or flatpack, invariably it starts slower, has worse performance, is much more bloated and is generally a much more janky experience than just getting it from the apt repo. Snaps are the number one reason why I use popOS or mint over ubuntu.
My main gripe with Snap the last time I evaluated the system was that they will not let you disable automatic updates, as a matter of policy [1]
I do not know if this is still the policy 5 years later
[1] https://forum.snapcraft.io/t/disabling-automatic-refresh-for...
There are two main packaging systems for Linux that are well known and usable. You can also use standard config management software to roll out configs for each package. Snap is a solution in search for a problem by people who are too lazy to use standard packaging that has been in existence for decades.
Listen up kids: "New" is seldom "better" when it comes to system tools. Put your creativity to applications, not trying to reinvent the wheel with "new" packaging systems.
Snap is a bloated mess, and we wish is was not on any system we administer.
More because of "how it operates, without being forthcoming about what its new purpose is, which is not 'everybody's Linux.'"
You're trying to be a tool to support big corporate IT. That is absolutely fine, good even. Getting more Linux in that space, under Ubuntu's name, seems pretty cool.
But you're no longer "the people's choice" when you behave that way. They're putting in big grown up restrictions and ideas and methods of doing things, and they just need to be honest about that.
While weird when introduced, in hindsight this is exactly the right behavior, because it is the most user-friendly and it makes e.g. software updates a non-issue. Even apps like iTerm can be updated and restarted in-place, retaining all the sessions.
It's a testament to how bad Linux UX still is that this sort of idea is not only utterly alien, but instead some developers thought it was acceptable to kill running apps outright.
iTerm doesn't retain sessions at all. It just presents a facade resembling preserved sessions. Close iTerm2 while you have a tmux session open, or some SSH connections, or any long-running command. Those sessions and their processes die when you close iTerm.
Maybe iTerm can approximate some of those things if iTerm is actually running the whole show, i.e., iTerm mediates launching your tmux sessions and your SSH connections. But imo those features are underwhelming and oversold.
I wonder why that never took off.
[1] https://zero-install.sourceforge.net/roadmap.html (note this is the old website; the new website is https://0install.net - looks like it's still getting releases in October this year)
Snap is closed source garbage ware, with MS Windows forced updating and the terribleness of being 10x slower....
So here's how to "Snap-Off" your system https://haydenjames.io/remove-snap-ubuntu-22-04-lts/
Totally automated upgrades are an evil (unless there's an explicit opt-in) and must die.
https://news.ycombinator.com/item?id=33275206#33277156
Uninstalling Snap is the first thing I do on Ubuntu these days.
Ubuntu does not get credit from going from the worst option possible to the next worst option possible.
0. First off, the user should have to opt in to automatic updates. This should never be forced.
1. The update should never cause unsaved work to be lost. This means that the auto-updater should never kill the application unless it knows that it can start back up in exactly the same state before it was killed. Some apps will do this normally (some requiring configuration first), like Firefox, but others cannot. That's actually something I think apps should be required to have: there should be a standardized "snapshot-kill-restart" interface (perhaps some DBus thing) that allows for this. The old X11 session management system was designed for this, but in practice implementations are always buggy to some extent.
2. The app should be restarted after being updated, especially if it's happening in the background outside of user control.
3. The app should never be killed while the user is present and doing something. It should only happen while the machine is idle. If there's never an opportunity for that (say, the user always puts the computer to sleep rather than leaving it idle), then the update mechanism must resort to popups that ask for consent to do the update right then. The consent should only last for that single instance.
4. Updates can't ever break things. Auto updates should be reserved for security and critical (like data-loss) bugfixes only. All other updates should be voluntary. (I'd reluctantly make an exception for the case where there are security issues that need to be fixed, but it's not possible to backport those fixes, so a "security update" becomes a straight version update. Nothing is perfect.) A big part of why users don't like automatic updates is because they break things or remove features too often. Stop doing that, and users will start to trust the auto-update mechanism again. (And point #0 will stop being an issue: users will be happy to enable auto-updates. And maybe at some point I'd even drop #0 and think it's ok for vendors to enable auto-updates by default.)
Regarding killing apps that need to be updated, most do not need to be killed at all, and can be safely updated underneath the running instance. Yes, there would need to be some mechanism to ensure the OS has paged all of the executable into memory (don't want "Text file busy" errors when trying to overwrite binaries), but this doesn't feel like a huge deal. Some apps do need to be restarted, as they dynamically load and unload UI resources from disk as the user uses the app, and those files changing underneath a running instance would cause problems.
If this was an unpaid, volunteer project, I could certainly understand that the auto-update process would be unpolished and not the best. But Snap is owned by Canonical, and if they're serious about this, they need to get their shit together and actually focus on UX... ironic, since that was originally the entire point of the company in the first place: make a Linux distro with a polished UX that non-techie people would feel comfortable using.