What is Mint's current "official" recommendation about updates?

Questions about other topics - please check if your question fits better in another category before posting here
Forum rules
Before you post please read how to get help
User avatar
jimallyn
Level 18
Level 18
Posts: 8532
Joined: Thu Jun 05, 2014 7:34 pm
Location: Wenatchee, WA USA

What is Mint's current "official" recommendation about updates?

Post by jimallyn » Tue Feb 13, 2018 2:40 am

It used to be that when I installed all the updates within my chosen update policy, Update Manager would tell me that my system was up to date. (The green check mark appeared in the Update Manager panel icon.) Now, it appears the only way to get rid of the blue "updates available" icon is to select the "Always update everything" update policy, and update everything. Is it now official Mint recommendation that users should install ALL updates? That's certainly the way it looks to me. If this is not the official Mint recommendation, then how can I get rid of the blue icon when I have installed all updates for my chosen update policy?
Image

“If the government were coming for your TVs and cars, then you'd be upset. But, as it is, they're only coming for your sons.” - Daniel Berrigan

User avatar
MintBean
Level 9
Level 9
Posts: 2968
Joined: Fri Aug 07, 2015 6:54 am
Location: Blighty

Re: What is Mint's current "official" recommendation about updates?

Post by MintBean » Tue Feb 13, 2018 5:11 am

Good point, Jim. I always update the lot so I've not seen this, but if that's how it's working it will only cause confusion.
As per the descriptions accompanying update manager levels, I don't think there is one single recommended policy. 'Always update everything' is only recommended as an option for advanced users.

I guess the first question is, are others seeing the behaviour you mention?

User avatar
Sir Charles
Level 7
Level 7
Posts: 1827
Joined: Thu Jan 04, 2018 1:00 pm

Re: What is Mint's current "official" recommendation about updates?

Post by Sir Charles » Tue Feb 13, 2018 5:34 am

MintBean wrote:
Tue Feb 13, 2018 5:11 am
I guess the first question is, are others seeing the behaviour you mention?
I am not. I get the green check mark after I have updated the system according to the set policy.
Last edited by Sir Charles on Tue Feb 13, 2018 9:46 am, edited 2 times in total.
I suppose that's one of the ironies of life, doing the wrong thing at the right moment -C.C.

User avatar
jimallyn
Level 18
Level 18
Posts: 8532
Joined: Thu Jun 05, 2014 7:34 pm
Location: Wenatchee, WA USA

Re: What is Mint's current "official" recommendation about updates?

Post by jimallyn » Tue Feb 13, 2018 5:41 am

Others are seeing the behavior I described, and there have been several topics discussing it. You're right, it does cause confusion. I am still running 17.3 on my computers, and Update Manager works the way it always has on 17.x. But I installed 18.3 XFCE on a laptop for my brother the other day, and confirmed what others had observed. Today I took time to do a fresh install of 18.3 Cinnamon in VirtualBox, specifically to investigate this. I set it for "Just keep my computer safe" and updated, and the Update Manager icon was still blue. Then I set it for "Let me review sensitive updates" and updated, and the icon remained blue. Then I set it for "Always update everything" and updated, and that finally gave me the green check mark indicating the system is up to date. In one of the discussions I saw on this, somebody said the way it currently works is intentional, and that it should have been that way all along. I'm not so sure of that. It used to be that when I did a Mint install for a friend, I'd set the update policy to "Let me review sensitive updates" and tell the friend that all they had to do was look for the icon to turn blue, and that would let them know there were updates to be done. With the way Update Manager currently works, that doesn't work anymore, and I will have to tell them to click the blue icon now and then to see if there are updates available. If I had the time and ambition, I might look through the code and see about fixing it myself. Well, actually, I do have the time, but have been seriously lacking in ambition lately!
Image

“If the government were coming for your TVs and cars, then you'd be upset. But, as it is, they're only coming for your sons.” - Daniel Berrigan

User avatar
MintBean
Level 9
Level 9
Posts: 2968
Joined: Fri Aug 07, 2015 6:54 am
Location: Blighty

Re: What is Mint's current "official" recommendation about updates?

Post by MintBean » Tue Feb 13, 2018 5:51 am

Well if you raise a bug report on Github, I suspect this would be considered high priority as it seriously impacts usability and ease of use.

Cosmo.
Level 23
Level 23
Posts: 17824
Joined: Sat Dec 06, 2014 7:34 am

Re: What is Mint's current "official" recommendation about updates?

Post by Cosmo. » Tue Feb 13, 2018 6:53 am

jimallyn wrote:
Tue Feb 13, 2018 5:41 am
In one of the discussions I saw on this, somebody said the way it currently works is intentional, and that it should have been that way all along.
Most likely you have read a post by me. Actually I wrote about it several times.

The shortest possible answer to your question: Update everything.

But now follows the big but:
You should not apply all the updates at once; this is only advisable for level 1 & 2 (regarding only Mint 18.2 & 18.3) updates. For the rest the advice is: Apply them one by one and reboot between each update. Rebooting is important, as in level 3 & 4 can exist packages, which need a service to get restarted. If this is the case and if this restart gets done automatically is hardly to determine by a user, at least it would take more time to find this out than a reboot. As long as a service (or a driver or of course a kernel) does not get reloaded, the old version is still in memory and you cannot say, if this makes a problem or not. If you now apply another level 3 / 4 update and find later, that anything is broken, you cannot tell, wether the first or the following update is the culprit.

Until Mint 18.2 the update manager showed a green check mark, if you have set to show the higher level updates but to not automatically trust them (= mark them for applying). Actually this was a lie. If there are visible updates, than quite obviously the system is not up to date. This has been corrected in LM 18.3. The only - but important - mistake with this change is, that this had nowhere been documented. On the "What's new" page for the Mint editions this should have been explained. So this change leads necessarily to confusion (as to be seen in the forum in a number of cases).

The update all recommendation can be read in the help file for the update manager. (Sadly the help file is too much hidden in the menu; there would be plenty of space in the toolbar to make it better visible. IMO it would be better, if the help file would get automatically opened on the first run instead of the update policy page, which has a number of problems.) It also says, that the updates for the higher levels have to get applied one by one. But also in this documentation there is a mistake: It does nowhere cover the problem of restarting drivers, services and kernels.

Another aspect in context with updating is to use TimeShift. Actually you can forget the one-by-one update for level 3 / 4 updates. Create a snapshot before the update, and in case of a regression you can easily revert. Then there is the point, where the updates have to get applied one by one to find the culprit for the regression. It would be a good idea, if TS could quickly be opened from inside of the update manager, but this will obviously not happen, as Pjotr reported some time back after talking about that idea with Clem in the chat.

User avatar
MintBean
Level 9
Level 9
Posts: 2968
Joined: Fri Aug 07, 2015 6:54 am
Location: Blighty

Re: What is Mint's current "official" recommendation about updates?

Post by MintBean » Tue Feb 13, 2018 7:42 am

If that's the current state of play, it's broke IMO for a couple reasons:

1) A major change like that should have been announced properly.
2) The documentation on the update manager has not been updated. 'Apply all updates' is not the default setting or the setting recommended for most users.
3) The tray icon now becomes useless for all except those who apply all updates. They will now have to open update manager to see if updates are required. I shouldn't have to explain why this is a bad thing.

Cosmo.
Level 23
Level 23
Posts: 17824
Joined: Sat Dec 06, 2014 7:34 am

Re: What is Mint's current "official" recommendation about updates?

Post by Cosmo. » Tue Feb 13, 2018 7:57 am

Regarding documentation: I fully agree and said so already.

Regarding #3: I disagree. If the icon shows a blue shield, than there is indeed something not up to date. Saying by the green check mark "up to date", although at the same time update are not applied is quite obviously a contradiction in itself. If you really think, that it would be best to not apply those higher level, security amd kernel updates (I don't agree with this attempt), than disable them from showing and you get what you want. It does really not make any sense to let them display, but never apply them. (Otherwise you have to explain, why you want to get updates displayed, that you will never apply.) But reverting to the previous behavior (as until 18.2) would mean, that you want UM to show you an imagination of an updated system. An imagination, that stands in contradiction to the truth, cannot be a trusted information.

User avatar
Pjotr
Level 20
Level 20
Posts: 11058
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: What is Mint's current "official" recommendation about updates?

Post by Pjotr » Tue Feb 13, 2018 8:19 am

As Cosmo. says. With one difference: I advise to install all level 3 updates together with the batch of level 1 and 2. Only for level 4, I advise the "one by one, with a reboot after each individual update" approach.

Reason: I find it too bothersome to apply the same approach for level 3 as for level 4. I find it impractical. The risk of level 3 is more limited anyway, and "bad apples" of that level are, in my opinion, simply too rare for that.... :)
Tip: 10 things to do after installing Linux Mint 19 Tara
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

User avatar
jimallyn
Level 18
Level 18
Posts: 8532
Joined: Thu Jun 05, 2014 7:34 pm
Location: Wenatchee, WA USA

Re: What is Mint's current "official" recommendation about updates?

Post by jimallyn » Tue Feb 13, 2018 9:45 pm

Cosmo. wrote:
Tue Feb 13, 2018 6:53 am
Apply them one by one and reboot between each update.
Gawd, that's as bad as Windows. Maybe worse.

Perhaps there should be another color Update Manager icon for "All the stuff you said you wanted updated has been updated" and the green check mark icon could still be used for "Absolutely everything that can be updated has been updated."

If I find the time to do so, I will probably poke through the code and see if I can figure out how to fix this. Otherwise, I will probably just file a bug report on this.
Image

“If the government were coming for your TVs and cars, then you'd be upset. But, as it is, they're only coming for your sons.” - Daniel Berrigan

User avatar
jimallyn
Level 18
Level 18
Posts: 8532
Joined: Thu Jun 05, 2014 7:34 pm
Location: Wenatchee, WA USA

Re: What is Mint's current "official" recommendation about updates?

Post by jimallyn » Tue Feb 13, 2018 9:48 pm

MintBean wrote:
Tue Feb 13, 2018 7:42 am
If that's the current state of play, it's broke IMO for a couple reasons:
Yep, it's broke.
MintBean wrote:
Tue Feb 13, 2018 7:42 am
3) The tray icon now becomes useless for all except those who apply all updates. They will now have to open update manager to see if updates are required. I shouldn't have to explain why this is a bad thing.
Exactly.
Image

“If the government were coming for your TVs and cars, then you'd be upset. But, as it is, they're only coming for your sons.” - Daniel Berrigan

User avatar
wallyUSA
Level 4
Level 4
Posts: 465
Joined: Thu Jun 08, 2017 2:31 pm
Location: S.E. USA

Re: What is Mint's current "official" recommendation about updates?

Post by wallyUSA » Tue Feb 13, 2018 10:00 pm

jimallyn wrote:
Tue Feb 13, 2018 9:45 pm

...
Perhaps there should be another color Update Manager icon for "All the stuff you said you wanted updated has been updated" and the green check mark icon could still be used for "Absolutely everything that can be updated has been updated."
...
I hate having to depend on color alone. Some of us (5-10% males) have a color perception problem :cry:

Perhaps some symbom or icon as well?
Tessa 19.1 Cinnamon 4.0.5 Kernel 4.15.0-42 (64 bit) as Guest in VBox.
Please, if your query has been resolved, edit your first post and add [SOLVED] to the beginning of the subject line. This may help others find solutions.

User avatar
Schultz
Level 6
Level 6
Posts: 1361
Joined: Thu Feb 25, 2016 8:57 pm

Re: What is Mint's current "official" recommendation about updates?

Post by Schultz » Tue Feb 13, 2018 10:07 pm

I agree with Cosmo. If anyone forgoes an update, then you're not up to date, period. But I also agree with jimallyn in that there should be a different icon showing what you want updated is updated and also showing there are updates available that you don't want. Maybe something like a yellow or orange circle inside the shield?

User avatar
smurphos
Level 8
Level 8
Posts: 2231
Joined: Fri Sep 05, 2014 12:18 am
Location: Britisher...

Re: What is Mint's current "official" recommendation about updates?

Post by smurphos » Wed Feb 14, 2018 12:36 am

jimallyn wrote:
Tue Feb 13, 2018 9:45 pm
Cosmo. wrote:
Tue Feb 13, 2018 6:53 am
Apply them one by one and reboot between each update.
Gawd, that's as bad as Windows. Maybe worse.

Perhaps there should be another color Update Manager icon for "All the stuff you said you wanted updated has been updated" and the green check mark icon could still be used for "Absolutely everything that can be updated has been updated."

If I find the time to do so, I will probably poke through the code and see if I can figure out how to fix this. Otherwise, I will probably just file a bug report on this.
Clem is definitely of the opinion it is by design - https://github.com/linuxmint/mintupdate/issues/301

It was noted as a feature in the Changelog - https://github.com/linuxmint/mintupdate ... /changelog

The commit that introduced the change - https://github.com/linuxmint/mintupdate ... ab58a8fe5c

Good luck - +1 on the full traffic light idea....

User avatar
smurphos
Level 8
Level 8
Posts: 2231
Joined: Fri Sep 05, 2014 12:18 am
Location: Britisher...

Re: What is Mint's current "official" recommendation about updates?

Post by smurphos » Wed Feb 14, 2018 12:50 am

I guess this is Mint's official recommendation as per the 5.3.2 Help Section.
Update policy

The update manager is highly configurable. You can go in the preferences and fine-tune which levels you want to show and which levels you want to preselect. This is your computer and so you can tune it the way you want.
The first time you launch it, it will try to understand who you are and set these settings for you. To do so, it will show you three update policies and ask you to choose the one you like best.
All policies have this in common:
  • For security reasons, security updates are always visible (no matter what level they are).
    For security reasons, kernel updates (which are level 4) are always visible.
    For stability reasons, level 5 updates are always hidden.
When you choose an update policy, some of the preferences are changed in the Update Manager. You can tune these preferences individually by clicking on the Edit->Preferences menu in the menubar.

Novice users

The first policy is made for novice users in mind. It assumes these users are unable to work around critical issues affecting sensitive parts of their system and tries to minimize their risk to suffer critical regressions.
Bug fixes are optional, so this policy focuses on safe updates (level 1 and 2) with minimal impact on the operating system. These updates are visible and preselected by default.
Security is also important but some security updates (and kernel updates in particular) affect sensitive parts of the system. These updates are visible and novice users are recommended to select them and apply them with caution, in isolation and ideally either with the help of an experienced user, or after they familiarized themselves with the forums and chat channel so they know how to seek help.

Regular users

The second policy is made for the vast majority of people. It assumes these users aren't new to Linux and either know how to solve common problems, or they know where to find help.
This policy shows all recommended updates. Security updates and safe bug-fix updates (level 1 and 2) are preselected by default.
Users are recommended to select and apply level 3 and level 4 updates with caution and in isolation and to seek help if something goes wrong.

Advanced users

This policy is made for advanced users on computers where the risk of critical regressions is acceptable. It assumes these users are able to fix any issue and want to apply all updates all at once.
In this policy, all recommended updates are visible and selected by default.

User avatar
jimallyn
Level 18
Level 18
Posts: 8532
Joined: Thu Jun 05, 2014 7:34 pm
Location: Wenatchee, WA USA

Re: What is Mint's current "official" recommendation about updates?

Post by jimallyn » Wed Feb 14, 2018 12:53 am

smurphos wrote:
Wed Feb 14, 2018 12:36 am
The commit that introduced the change - https://github.com/linuxmint/mintupdate ... ab58a8fe5c
Well, that tells me where to go if I decide to fix this.
Image

“If the government were coming for your TVs and cars, then you'd be upset. But, as it is, they're only coming for your sons.” - Daniel Berrigan

Cosmo.
Level 23
Level 23
Posts: 17824
Joined: Sat Dec 06, 2014 7:34 am

Re: What is Mint's current "official" recommendation about updates?

Post by Cosmo. » Wed Feb 14, 2018 7:31 am

jimallyn wrote:
Tue Feb 13, 2018 9:45 pm
Gawd, that's as bad as Windows. Maybe worse.
I can only guess, what "gawd" means, my English knowledge and my wordbooks cannot make sense of it. But I have an idea, what this wants to express.

If you think so, than you belong to the people, which I addressed already in my previous post:
Cosmo. wrote:Otherwise you have to explain, why you want to get updates displayed, that you will never apply.
Remove them from display and you get what you want. If your system accumulates security holes over time, than blame yourself. But one thing is sure: A displayed, but not applied security update does not make the system only a tiny fraction more secure. It has no practical meaning.

Further more: Quite obviously you do not apply those higher level updates at once. So where is the problem to apply at the end of the day (when you shut down the machine supposedly anyway) one of the remaining updates, the next one on the next day and so on? This gives a delay until you have them all, but with your refusal to apply them you have a far bigger delay.

Fact is: Regressions can happen and regressions do happen! We do not live in an ideal world, where this would not be the case. Another fact is: Security leaks can arise and they do arise. The principle about this situation had been covered by Clem already 4 years ago. This principle has not changed since that time and it will not change in the foreseeable future.

Besides that: There is a simple to use solution: TimeShift. I do not see, what is so bad at all. I have tested TS in the last 2 months and I have tried to make it difficult for this tool. But I came in all tests always to the same result: It simply works.

User avatar
jimallyn
Level 18
Level 18
Posts: 8532
Joined: Thu Jun 05, 2014 7:34 pm
Location: Wenatchee, WA USA

Re: What is Mint's current "official" recommendation about updates?

Post by jimallyn » Wed Feb 14, 2018 9:15 pm

Cosmo. wrote:
Wed Feb 14, 2018 7:31 am
I can only guess, what "gawd" means, my English knowledge and my wordbooks cannot make sense of it.
Same thing as God, but commonly used as "Oh my gawd." Often pronounced rather drawn out, like "gaaawwwddd."
Cosmo. wrote:Otherwise you have to explain, why you want to get updates displayed, that you will never apply.
And somebody needs to explain to me why I am presented with updates that shouldn't be installed. Like kernels, which they say to only install if you have some specific reason to do so. Or has policy on that changed recently, too? Are we now supposed to automatically install every new update and kernel that comes along, regardless of whether we have some reason to do so?
Cosmo. wrote:
Wed Feb 14, 2018 7:31 am
If your system accumulates security holes over time, than blame yourself.
And then who do I blame when I install updates of every level, and my system ceases to function?
Cosmo. wrote:
Wed Feb 14, 2018 7:31 am
The principle about this situation had been covered by Clem already 4 years ago.
Yes, I read that, and it is no clearer to me now than it was after the two times that you "explained" it. And obviously, I am not the only person who is confused by this. Why do we have this "Levels" system at all, if we are supposed to install everything?
Cosmo. wrote:
Wed Feb 14, 2018 7:31 am
Besides that: There is a simple to use solution: TimeShift.
I haven't tried that, but obviously I will have to, now that official policy on what to update and what not to update is spectacularly unclear.
Image

“If the government were coming for your TVs and cars, then you'd be upset. But, as it is, they're only coming for your sons.” - Daniel Berrigan

User avatar
smurphos
Level 8
Level 8
Posts: 2231
Joined: Fri Sep 05, 2014 12:18 am
Location: Britisher...

Re: What is Mint's current "official" recommendation about updates?

Post by smurphos » Thu Feb 15, 2018 1:27 am

jimallyn wrote:
Wed Feb 14, 2018 9:15 pm
Cosmo. wrote:Otherwise you have to explain, why you want to get updates displayed, that you will never apply.
And somebody needs to explain to me why I am presented with updates that shouldn't be installed. Like kernels, which they say to only install if you have some specific reason to do so. Or has policy on that changed recently, too? Are we now supposed to automatically install every new update and kernel that comes along, regardless of whether we have some reason to do so?
All of the update policies display kernels updates (which are always security updates) and other security updates by default. There is always a reason to update - security. All users are encouraged to apply security updates. That is the reasoning for the new icon behaviour - to encourage good security practice for all users from the greenest newb to an old pro. Some respected forum members have historically advised that kernel security updates are generally inconsequential and thus entirely optional and I think many have taken that as official advice - the recent Meltdown and Spectre debacle has put that received wisdom in serious doubt.

It also demonstrated that there were many users, some of them long-time users, who were still utterly green on the basics of kernel management and recovering from a kernel update that conflicts with their hardware and running kernels missing dozens of security updates.
jimallyn wrote:
Wed Feb 14, 2018 9:15 pm
Cosmo. wrote:
Wed Feb 14, 2018 7:31 am
The principle about this situation had been covered by Clem already 4 years ago.
Yes, I read that, and it is no clearer to me now than it was after the two times that you "explained" it. And obviously, I am not the only person who is confused by this. Why do we have this "Levels" system at all, if we are supposed to install everything?
The Levels still give an indication of the 'risk' associated with applying a certain update and thus how much care should be taken in applying it. The in app Help document guides users of different experience levels as to what kind of care they should be taking.

Mint has in the past been criticised in certain quarters for encouraging poor security update practices via the Level system. These criticisms had IMHO some merit. The issues have been addressed by the changes in Mint 18.2 (new Level system) and 18.3 (new Icon behaviour).

It is still possible to use the advanced preferences to change the default behaviour of always displaying security updates and kernel updates irrespective of level preferences. But that is something for the end-user to decide.

I do think it would a be a great idea to have a 3 indicator system for the icon - Updates available (general), Updates available (uninstalled security) and Fully updated.

DAMIEN1307
Level 6
Level 6
Posts: 1219
Joined: Tue Feb 21, 2017 8:13 pm
Location: Alamogordo, New Mexico, USA

Re: What is Mint's current "official" recommendation about updates?

Post by DAMIEN1307 » Thu Feb 15, 2018 5:30 am

hi jimallyn...your not alone...on one of my other systems i use peppermint 8...they use the mint updater system with the exception that all updates 1 through 5 are the default with them...their view of this seems to be, and is peppermint policy, what now seems to be the current view with mint which is to just update everything...so basically thats what ive been doing with mint now myself and havent borked anything as of yet...but rest assured, "i have the torches and pitchforks ready to storm the castle frankenmint" since this has not been adequately explained and appears to be an about face from previous stance and advice given...take note though that anything i found in level 5 that says "beta" is the only thing i will not install so i put it into the ignore list because i just dont believe in anything beta in my linux system...if that was the case i could always just run win 10 as a microsoft windows "insider" ring user and play guinea pig...if this is now what appears to be the present wisdom of updating brought about by meltdown/spectre, then i will have to agree with you that the present tier updating system has become irrelevant as to what is considered "unsafe" and "dangerous" updates...Clem and other developers of mint now need to give some CLEAR direction in this matter...DAMIEN
ORDO AB CHAO

Locked

Return to “Other topics”