Automatic and silent installation of security updates

Wouter Stomp wouterstomp at gmail.com
Fri Jul 8 08:34:18 CDT 2005


It was suggested on bugzilla by Michael Vogt to discuss this here, so
here it is:

The original bug (11856):
The pretty red icon seems not to be sufficient for end-users, they
often do not install security fixes. I suggest to open a popup at
startup wich propose to install updates and allow to install them or
deporte the upgrade.

Of course this is very close to update-manager. The update-manager
should be able to BE that popup if the list of upgrades are in an
expander and with a phrase more like : « %i updates are available, for
security reasons, you should install them now. Click on « install » to
install them. ».

If the user chooses to upgrade, the upgrade should be silent. A
blinking/breathing icon in the tray is enough.

A problem is also that people that do not belong to the admin group
have this mechanism (icons, etc.) but at the last moment, they realize
they are not allowed to do such operations.

--

My thoughts on this:
I think the update-manager should also have an option to do it
completely automatically, without any user-intervention. As long as I
am not on a development version, the system should just install the
updates and don't ask anything. As a stable version only gets security
updates, I see no reason for not installing those updates for almost
all home users. Make it so that it runs no matter which user is using
the system, no need for a password, just install the updates in the
background.

I would even suggest to make this the default for a desktop install
(of course only for the official repositories), so every user gets the
security updates as fast as possible.

--

Comments from Michael:
This is a pretty far reaching change and will need to be discussed in
a wider audience (e.g. on the ubuntu-devel mainlisting). If we could
do that, we would have to add a python-apt application that would make
sure that it only upgrades packages from official ubuntu repositories
and that it does not change the system state (e.g. not
installing/removing any packages, only upgrading already installed
stuff).

Wouter.



More information about the ubuntu-devel mailing list