Still no official word on how to get updates again on R4.1
An obscure Forum thread (this one!) is not doing Qubes any good. Given the magnitude of the SNAFU, I consider that a News article, describing what happened and how to get back on track, would be required.
@marmarek The packages that fix the qubes.UpdatesProxy issue should probably be uploaded to the stable repository manually. It looks like they will be uploaded automatically in a few days, but it seems critical that users canât update unless they allow the testing repository on their system.
Set out exactly what template you are using for the update
proxy, which templates are unable to update, and what error message you
see.
Iâd have expected a statement as well, this is critical and many users are puzzled now.
[irrelevant comment retracted]
Thank you Solene! So I think what you are saying is that itâs the testing updates that were pushed through. In that case, if I hold off for some time, the test. updates should become stable and that should work automaticallyâŚ?
Yes, itâs supposed to work like that
hello, just i have updated fedora 39 ( on template ) without problemâŚmiro
At the risk of getting more mildly abusive PMs, I dont follow.
The second post in this thread referred to the GitHub issue, and
referred to workarounds there. So, yes, the process was documented there.
If you follow the link to the issue you see that it was reported on
8th, diagnosed and fixed 9th, with updated package pushed to testing.
This arose from an upstream change, which affected Qubes.
Workarounds were provided and linked in this thread.
It was fixed - âf*ck Yesâ
Well. Yes. This is the level of support this free project gets. You conveniently omit the fact that the github issue was only talking about R4.2.
Perhaps itâs because 4.2 is the latest stable release lol
AhemâŚ
Support for older releases
In accordance with our release support policy, Qubes 4.1 will remain supported for six months after the release of Qubes 4.2, until 2024-06-18. After that, Qubes 4.1 will no longer receive security updates or bug fixes.
I donât think the level of vitriol in this thread is justified. Letâs step back and look at the situation:
- A severe bug was introduced in Fedora.
- The bug was properly reported by a user, and a couple of other users immediately commented on the issue confirming it and offering their own workarounds.
- Within hours, the issue was marked as a blocker (highest priority) and pinned.
- The devs pushed a fix for the issue one day later.
- The fix gets applied automatically without the user having to mess with the command line or any user workarounds from forum threads or GitHub (with the significant caveat that the update has to be applied twice, which Iâll get back to below).
A few remarks:
-
Bugs in software are inevitable. If our expectation is never to experience severe bugs, we will be forever disappointed. The right attitude is not to think that we will never run into problems, but rather to expect them and try to handle them as best we can.
-
The issue was reported, triaged, and fixed in about a day. Thatâs an extremely good response time, especially for such a small project. Multitrillion-dollar corporations routinely do much worse. If you still felt it was too slow, I really think you just need to be more patient.
-
Some people were complaining about the lack of an official news post while the fix was still in testing. I think a news post at that point would have been a mistake for the following reasons:
- Many users never read news posts, so we shouldnât rely on these for critical communications (unless we have no other choice). Even fewer use the forum and mailing lists.
- For every news post, some percentage of readers misunderstands, misinterprets, or gets confused. The more complex the content, the more likely this is to occur.
- Whenever you tell users to follow a set of instructions, some percentage of them will not follow the instructions correctly, accidentally mess something else up in the process, stop partway through because they got distracted, forget to do it at all, etc.
- Whenever possible, itâs much better to make the fix automatic so that users donât have to perform manual steps.
- Most users are probably stable users. News post about fixes in testing arenât relevant to them.
- When people get too many news posts that arenât valuable to them, they stop paying attention to news posts.
- There are different levels of news posts. People subscribed only to qubes-announce wouldnât even see this.
- The point of having a public issue tracker is so that everyone can immediately see whether the devs are aware of an issue and whether they have fixed it. This information is already embedded in the issue itself. Saying, âWe are aware of this issue, and we are working on a fix (or have just fixed it)â would be redundant. Anyone who wants to know that can already see it on the issue.
- The standard procedure for every bug is something like: report â diagnose â fix â put fix in testing â migrate fix from testing to stable â done. Users automatically get the fix depending on whether theyâre using testing or stable repos. There is no need to announce this standard procedure separately for this bug, as itâs the same for every bug.
- A workaround is not as good as a real fix. Itâs a questionable use of scarce resources to take time vetting a workaround and officially communicating that workaround to the userbase when an official fix is only hours behind it. Better to just wait a little bit longer for the real fix. Otherwise, some users will get confused later and try to apply the workaround even after the real fix is already available.
- Many users do not update every day (but rather every 2-3 days or even longer), so they may not even need to be aware of the problem if itâs already resolved before it has a chance to affect them.
-
I think some users felt that the fix was in testing for too long and should have been moved to stable more quickly (or even right away). Maybe. Itâs a judgment call. Sometimes, a fix can break more than it fixes, and testing can catch this before it affects the entire stable userbase. Other times, there may be a high degree of certainty that the fix will be a net benefit. It depends on the nature of the problem, the nature of the fix, and the situation as a whole. It requires expertise, judgement, and experience. In this case, @DVM tagged @marmarek in a comment, suggesting that the fix be manually moved to stable more quickly, which seems to have worked well.
-
Qubes OS 4.1 is, of course, still supported, which is why it has already received a fix for this, alongside the fix for 4.2. In this case, it looks like the level of support was the same for 4.1 and 4.2, as expected.
The main problem I see is that the official fix still requires some manual steps from the user. Quoting @marmarekâs comment:
B) in dom0. This is to unbreak the broken update mechanism of the Template. Does Qubes already have a mechanism for dom0 to apply hot fixes to Templates?
Yes, thatâs exactly why we have our update tool instead calling apt/dnf directly.
One unfortunate thing is the fix will require updating twice:
- run template update once - this will apply the fix, but the update itself will fail, since the fix isnât in sys-net at this point yet
- restart sys-net
- update again - now it will work
Hereâs my comment responding to this:
Itâs a real shame that Salt or the Qubes Update tool canât handle this automatically for users. Canât it at least display a message to users when they try to update, telling them that they have to perform these steps manually? We could make a separate announcement about it, but of course, we already know that far fewer users will see such an announcement compared to a message inside Qubes OS itself. What do you think?
I suppose that whatâs likely to happen (for an affected user who isnât aware of this) is something like the following:
- The user tries to update. The update fails. The user is puzzled.
- Some time later, the user restarts sys-net in the course of normal system usage.
- Some time later, the user tries to update again. This time it succeeds.
I suppose thatâs not so bad. After all, itâs common for updates to fail even in the absence of bugs, especially when updating over Tor (e.g., network or mirror problems). And, when any kind of electronic device malfunctions, a good first step is to âturn it off and turn it back on againâ before trying to use it again, which is exactly what will do the trick in this case. Still, this does indicate that the fix is technically incomplete, since it requires user action to take effect, even though those actions are routine and donât make any special demands from non-technical users (update, restart, update again). Even notifying the user when a completed update requires a system restart wouldnât be enough in this case, though it would help.
I just really wish there were a way for the update tool to say something like, âUpdate partially applied. Please restart [sys-net] and run this Updater again.â (Of course, it would be even better if the fix could be applied automatically without having to restart anything, but even mainstream OSes have to be restarted for most updates.) Letâs see what Marek thinks, but I guess if a news post is our only option to communicate the need for these manual steps, it might be warranted.
thank you very much for your long reply
I think what happens for a bunch of users is the following:
- the user tries to update, the update fails, the user freaks out
- they try to figure why this didnât work or if they got hacked or broke something
A statement pinned on top of the forum âuser supportâ maybe, saying that "if you have issue updating your templates, it will solve itself in a few days would have been good enough IMO.
Not only it broke the updates, but people were unable to install programs as well, so Qubes OS broke temporarily for them.
I think thatâs good for forum users (and, ideally, one of the active forum users in this thread would have flagged it with a message asking the mods to pin it), but most Qubes users probably arenât on the forum (and they definitely shouldnât have to check it), so itâs better than nothing, but still far from ideal solution, IMHO. Iâm still strongly in favor of some kind of notification inside the OS itself.
this would be ideal indeed.
[irrelevant comment retracted]
Perhaps. Iâm sure people vary widely in their reactions and internal mental states.
I donât think that not being able to install programs is synonymous with the system being broken. It depends on what youâre trying to do. You can still do quite a lot with your system when youâre not installing new programs. Also, installing new programs is probably less frequent than updating. But none of this is to diminish the severity of the bug. Again, it was triaged at the highest possible priority. As mentioned above, severe bugs canât be eliminated. All we can do is try to fix them as quickly as possible when we discover them, which is exactly what happened.
But that was just an unofficial workaround you figured out for yourself, not the official fix, wasnât it? Are you saying you also tried the official fix (including the âupdate, restart sys-net, update againâ part), and that still didnât work for you? If so, you should definitely have reported that on the issue (#9025) so that the devs could fix it.
You can see for yourself that packages were pushed both for 4.1 (qubesos-bot comment + qubes-status issue) and 4.2 (qubesos-bot comment + qubes-status issue). So, I can think of a few possibilities:
- You donât have testing repos enabled and havenât gotten these packages yet. (Not sure if theyâre in stable yet, but I donât see a comment from qubesos-bot saying they are, so I guess not.) Can you confirm you actually have the packages with the correct version numbers that are supposed to contain the fix?
- The devs thought they fixed the issue in both 4.1 and 4.2, but for some reason the fix for 4.1 isnât working. In this case, you need to say that on the issue so that they will be aware! They canât fix a problem they thought they already fixed! Any time someone leaves a comment on an issue saying that they tried a fix and it didnât work, we reopen the issue right away (unless we have good reason to believe itâs something else).
- Something unique to your system or user error, e.g,. if the fix works for other people on 4.1 but not for you.
FWIW, no bias here. I personally still use 4.1 exclusively and strongly believe older supported releases should always have full support right up through their EOL dates. (Iâm usually the one arguing against stuff like deleting the older supported release documentation in order to replace it with the newer documentation and arguing that we should instead keep both as long as theyâre both supported.)
Okay, Iâm reopening issue #9025 right now with a link to your comment!
[irrelevant comment retracted]