Page 1 of 2

Update Manager

Posted: Sat Aug 10, 2019 3:13 pm
by JerryF
Hi all,

Not sure about others in the forum but in Update Manager, I liked having the Levels and inclusion/exclusion of security and kernel updates.

I set my desktop's Update Manager to Automatic Updates and set to install Levels 1-4, show and install security updates, and not show nor install kernel updates. Now kernel updates are automatically being pushed which I didn't want.

:(

Re: Update Manager

Posted: Sat Aug 10, 2019 3:19 pm
by Pjotr
You can still use apt-mark:
https://easylinuxtipsproject.blogspot.c ... html#ID3.1
(item 3.1)

Re: Update Manager

Posted: Sat Aug 10, 2019 3:27 pm
by JerryF
Pjotr wrote:
Sat Aug 10, 2019 3:19 pm
You can still use apt-mark:
https://easylinuxtipsproject.blogspot.c ... html#ID3.1
(item 3.1)
Thanks for that info! It's too bad that we have to resort to Terminal commands to do something that we had already in a GUI.

Re: Update Manager

Posted: Sat Aug 10, 2019 3:40 pm
by Pjotr
JerryF wrote:
Sat Aug 10, 2019 3:27 pm
Pjotr wrote:
Sat Aug 10, 2019 3:19 pm
You can still use apt-mark:
https://easylinuxtipsproject.blogspot.c ... html#ID3.1
(item 3.1)
Thanks for that info! It's too bad that we have to resort to Terminal commands to do something that we had already in a GUI.
Can't say I disagree.... :(

For locking the current version of the kernel and only the kernel, this is the command:

Code: Select all

sudo apt-mark hold "linux-generic*" "linux-headers-generic*" "linux-image-generic*" "linux-signed-generic*" "linux-signed-image-generic*" linux-libc-dev
For undoing it:

Code: Select all

sudo apt-mark unhold "linux-generic*" "linux-headers-generic*" "linux-image-generic*" "linux-signed-generic*" "linux-signed-image-generic*" linux-libc-dev

Re: Update Manager

Posted: Sat Aug 10, 2019 3:52 pm
by gm10
JerryF wrote:
Sat Aug 10, 2019 3:27 pm
Thanks for that info! It's too bad that we have to resort to Terminal commands to do something that we had already in a GUI.
Well, the blacklist is still there, so you can still do it all in the GUI. Just right-click a kernel update and blacklist it for all future updates. What's the problem?

Re: Update Manager

Posted: Sat Aug 10, 2019 6:20 pm
by Pjotr
gm10 wrote:
Sat Aug 10, 2019 3:52 pm
JerryF wrote:
Sat Aug 10, 2019 3:27 pm
Thanks for that info! It's too bad that we have to resort to Terminal commands to do something that we had already in a GUI.
Well, the blacklist is still there, so you can still do it all in the GUI. Just right-click a kernel update and blacklist it for all future updates. What's the problem?
Not quite the same in ease of use.... Unless you know the exact name of the package(s) you wish to blacklist, you need to wait for one to appear in the list of available updates before you can actually blacklist it.

More cumbersome and more prone to human error than the previous lockdown options we had in mintupdate.

Re: Update Manager

Posted: Sat Aug 10, 2019 6:27 pm
by rene
The kernel is one of the few packages which I would not exclude from the normal updates. The updates supplied through update manager are limited to "same version" updates, i.e., say 4.15.0-55 to 4.15.0-56. That last number, the Ubuntu patch level, indicates specific patches usually backported from higher upstream versions, often security related, and exists basically because not everyone wants to update the kernel: the basic, upstream version is kept stable, with only patching deemed crucial (enough) by the Ubuntu kernel team added on top. Unless you pay quite close attention to kernel development yourself it's not a good idea to second-guess their decisions.

Have you ever experienced a regression as a result of a patchlevel-only update?

Re: Update Manager

Posted: Sat Aug 10, 2019 6:34 pm
by Pjotr
rene wrote:
Sat Aug 10, 2019 6:27 pm
Have you ever experienced a regression as a result of a patchlevel-only update?
Yes. Roughly once or twice a year. Counting since 2006 (Ubuntu Dapper Drake).

Re: Update Manager

Posted: Sat Aug 10, 2019 6:35 pm
by JerryF
gm10 wrote:
Sat Aug 10, 2019 3:52 pm

Well, the blacklist is still there, so you can still do it all in the GUI. Just right-click a kernel update and blacklist it for all future updates. What's the problem?
No problem :wink: just inconvenient.

Re: Update Manager

Posted: Sat Aug 10, 2019 6:41 pm
by rene
Pjotr wrote:
Sat Aug 10, 2019 6:34 pm
Yes. Roughly once or twice a year. Counting since 2006 (Ubuntu Dapper Drake).
Very much doubt it. What I do not doubt is that you hear of one or two regressions a year here on the forum, but you are then talking about the entire pool of machines that are out there. Sure, any change can impact a machine, but when limited to patchlevel-only updates we are talking about a very small percentage and, specifically, chances of your/my/his specific machine regressing as a result of a patchlevel update are minute --- and once or twice a year basically non-existent.

Re: Update Manager

Posted: Sat Aug 10, 2019 6:47 pm
by Pjotr
rene wrote:
Sat Aug 10, 2019 6:41 pm
Pjotr wrote:
Sat Aug 10, 2019 6:34 pm
Yes. Roughly once or twice a year. Counting since 2006 (Ubuntu Dapper Drake).
Very much doubt it.
Well, you can believe me or not, that's up to you of course. Cheers. :lol:

The problems I experienced were various: a completely broken X (hello Dapper Drake) to sudden huge increases in boot time or shutdown time, even pieces of hardware becoming unusable etc. Nothing I can't or couldn't handle, but regressions they were.

Caused by kernel updates within the same series. Usually fixed by the next kernel update, but still.

Re: Update Manager

Posted: Sat Aug 10, 2019 6:51 pm
by karlchen
Hm. Actually, this is the same discussion as in this recent thread: Mint Update Missing Level Column.

As a consequence, gm10's advice applies here as well:
gm10 wrote:
Sat Aug 10, 2019 1:46 am
easyt50 wrote:
Fri Aug 09, 2019 8:01 pm
I was wondering if there is a way to make a request to the Mint developers to have the "Level" column re-instated as an option as it was before?
Request away, but your chances of that happening are close to zero I should think.
Regarding the reasoning for the removal of levels, I think karlchen had explained it better than I ever did: viewtopic.php?p=1610045#p1610045
I will never understand why so many of you are so horribly suspicious of software updates, in particular of kernel updates. Reverting to the previous kernel, in case a new kernel should really give you problems, is as easy as can be.
Why is the wrong notion spread so widely that there were less bugs in a fresh new Mint release and that software updates will make things worse?

Re: Update Manager

Posted: Sat Aug 10, 2019 7:03 pm
by rene
Pjotr wrote:
Sat Aug 10, 2019 6:47 pm
The problems I experienced were various
13 to 26 times since 2006 as a result of Ubuntu same-series kernel updates, I take it. Yah...

In any case, not certain if it's on this forum or from somewhere else, but I remember a signature "new bugs baaaad, old bugs gooood!" from somewhere, which would be maximally applicable to these patchlevel updates. For sake of OP, once again, that last patchlevel exists basically so that you do not have to update the kernel; is largely limited to crucial bugfixes, and is unless you do in fact know better than the Ubuntu kernel team really not the best idea to ignore as a matter of automation.

Re: Update Manager

Posted: Sat Aug 10, 2019 7:04 pm
by michael louwe
Pjotr wrote:
Sat Aug 10, 2019 6:34 pm
rene wrote:
Sat Aug 10, 2019 6:27 pm
Have you ever experienced a regression as a result of a patchlevel-only update?
Yes. Roughly once or twice a year. Counting since 2006 (Ubuntu Dapper Drake).
.
IIRC, for the Year of Meltdown & Spectre, it was more like about 8 regressions for 2018, including microcode updates.
....... A few of these buggy or regressing patchlevel-only kernel updates were caught early by Ubuntu, pulled, fixed and reissued = the bugs/regressions were not apparent to most users but affected early-adopters or those who always immediately apply patchlevel-only kernel updates.

Re: Update Manager

Posted: Sat Aug 10, 2019 7:11 pm
by rene
Once again, no, there's not a single machine that regressed 8 times; the fact that N regressions affected all machines does not mean that even more than 0 regression affected any particular machine.

But the point of Michael entering the discussion would seem to be a good point for me to exit it. Hardly the person to harp on "secuwity" as some may have noticed, but automatically ignoring patchlevel kernel updates if you also ignore version kernel updates is still about the worst you could do in that respect.

Re: Update Manager

Posted: Sat Aug 10, 2019 7:14 pm
by michael louwe
JerryF wrote:
Sat Aug 10, 2019 3:13 pm
Not sure about others in the forum but in Update Manager, I liked having the Levels and inclusion/exclusion of security and kernel updates.
.
#MeToo.

Re: Update Manager

Posted: Sat Aug 10, 2019 7:26 pm
by michael louwe
rene wrote:
Sat Aug 10, 2019 7:11 pm
Once again, no, there's not a single machine that regressed 8 times; the fact that N regressions affected all machines does not mean that even more than 0 regression affected any particular machine.
This kind of statement demonstrates inconsiderateness of those minority number affected by the regressions/bugs in such kernel updates.
....... Imagine if the explanation for buggy airbags from Takata is based on a similar kind of faulty statement, ie only a few are affected out of all machines = the airbags can still be used/applied.

Re: Update Manager

Posted: Sat Aug 10, 2019 7:40 pm
by rene
Right-O. The calculus of probabilities will need a stern talking to.

Re: Update Manager

Posted: Sat Aug 10, 2019 8:37 pm
by JerryF
My main point is that OSes, including Mint are GUI and created to be easy to use and not so reliant on commands in Terminal (Command Prompt in Windows).

My other point is that we should have the option as we used to have to disable things like certain updates in an easy-to-use fashion.

Re: Update Manager

Posted: Sat Aug 10, 2019 10:31 pm
by rene
JerryF wrote:
Sat Aug 10, 2019 8:37 pm
My other point is that we should have the option as we used to have to disable things like certain updates in an easy-to-use fashion.
Given that, as also explained by karlchen and as linked by gm10 above, that option ended up doing little more than officially sanctioning behaviour detrimental both to your stability and to your security, no, we should not. Somewhat harder-to-use options are fine for that.