The warning says “Warning: Updating exclusively with direct commands such as qubes-dom0-update…”. I understand that your suggestion is run the command and terminate its further action (the actual update) before it happens. However, as a newcomer to Qubes OS who is careful not to mess up anything, I would like to ask explicitly: Isn’t running the command this way unsafe as well? I hope you could elaborate in relation to the issues mentioned in that warning.
Do you think it is appropriate to suggest to the developers to include the functionality “show what will be done before it is done” in Qubes Updater itself? Currently that “Details” menu does not provide any detail whatsoever until the process is complete, so one neither knows what will happen, how it is progressing or anything else. What is the proper way to suggest such feature?
Run sudo qubes-dom0-update from the command line.
A window will open in your UpdateVM, and will show you the results of dnf update for dom0.
You will see what packages are to be updated, and how much will be
downloaded.
That window shows for such a short time that I can only see “Fedora…” with some progress indicators and then it closes. The in the dom0 console I read “No updates available”. I also tried the cli option --check-only but it didn’t provide the info I need.
You can do the same in templates.
How exactly?
I hope you don’t mind questions 2 and 3 from my previous reply as well.
I notice that the documentation has changed - the previous alarming security warnings are no longer there (assuming the related issues have been fixed) and now 2 Salt formulae are suggested as command line analogs of the Qubes Updater.
Unfortunately, running any of them does not show how much will be downloaded. In fact, they don’t even show how much has been downloaded after completion. So, no info about the traffic whatsoever.
I hope someone can explain how to achieve what I am looking for.
I can’t find, in the Qubes documentation, how to set this up and use it properly?
Forgive me to point out but this thread has a different topic. I would be interested to know what you are asking too but perhaps in a separate thread. In this way someone looking for info about it in the future will also be able to find the answer easily.
I’ve already explained this.
In dom0 - manually run qubes-dom0-update
In a template - manually run the package tool - perhaps sudo dnf update
or sudo apt update as appropriate.
In both cases you will see the amount to be downloaded. You say “No” at
the prompt, and then can decide whether to update using the GUI updater.
Currently it says “No dom0 updates available”. I will keep checking in next days. One thing is sure: this command dos not give info about how much will be downloaded during the process of checking for updates (refreshing the repository info). It is not insignificant, as I have seen (using vnstat) it downloads about 90 MiB only during this phase. This obviously raises the secondary question: is there a way to block automatic check for updates and do that only manually? (at least until a proper solution for displaying actual update details is found)
In a template - manually run the package tool - perhaps sudo dnf update
or sudo apt update as appropriate.
After reading the docs I see that the correct commands are: sudo dnf check-update (fedora) and sudo apt list --upgradable (debian). None of them shows total or individual package sizes to be downloaded. They only list the upgradable package names and their versions.
I would swear that when there are updates available you are informed how much it takes to download and how much it would occupy space on disk, prompting you with Y/n.
It’s good that you did some research for yourself.
But in this case you should follow what I said instead of what you read.
If you run the command in dom0,(when updates are available), you will see both the package names and how much will be downloaded.
If you run the command I gave, e.g in a Debian template apt update, you will see both the package names and how much will ve
downloaded.
In both cases, as @enmus says, you will be prompted whether to continue.
Say “N” if you want to use the GUI tool.
Although there is a proper solution, if somewhat unwieldy, you can
easily turn off automatic checking. Open Qubes Global Settings. Look at
the “Updater checks” section.
Now that I ran sudo dnf update in the fedora template it shows individual and total download size. So, indeed, this part of the question was answered. Thanks. Thank you for answering the secondary question too.
If you run the command in dom0,(when updates are available), you will see both the package names and how much will be downloaded.
OK. As I wrote, I will keep checking.
If you run the command I gave, e.g in a Debian template apt update, you will see both the package names and how much will ve
downloaded.
For Debian here is what I get:
root@debian-11:~# apt update
Hit:1 https://deb.qubes-os.org/r4.1/vm bullseye InRelease
Hit:2 https://deb.debian.org/debian bullseye InRelease
Get:3 https://deb.debian.org/debian-security bullseye-security InRelease [48.4 kB]
Fetched: 48.4 kB in 4s (11.0 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
7 packages can be upgraded. Run 'apt list --upgradable' to see them.
So, the only size shown is that 48.4 kB. Unless I am misreading this output, this is not the size of the packages that will be downloaded but rather just the size of the “refresh” of the repo info.
At least for Debian you can install Synaptic (you can download package once, transfer it, but do not install in a template, and from a template transfer it each time to a dispVM) in order to get arguably better visual preview according to your needs…
Although, I’m not sure if we are talking about gigs per month here, and each monthly plan should cover much more than that…
Setting a cacher qube would help you to spare bandwidth and it’s simple as
$ sudo apt full-upgrade
Reading package lists… Done
Building dependency tree… Done
Reading state information… Done
Calculating upgrade… Done
The following packages were automatically installed and are no longer required:
xxxxxx
Use ‘sudo apt autoremove’ to remove them.
The following packages will be upgraded:
xxxxx xxxx xxxxx
xxxxxxxxx xxxx
6 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 20.9 MB of archives.
After this operation, 12.3 kB of additional disk space will be used. Do you want to continue? [Y/n]
Are you suggesting that the correct command for Debian is apt full-upgrade and not apt update as suggested by @unman?
And this indeed isn’t Qubes specific…
I believe you. My question is not intentionally a non-Qubes one. I am just struggling with things as I am new to Qubes and through that new to its components too (Debian included).
BTW my earlier question #3 from 2022-08-01 is still valid. I would be glad to know what you and others think about it. Thanks.
You just need to read what is written. If there’s no updates or upgrades, you won’t see anything. If there are updates but no upgrades, you use apt update. If there aren’t updates, but only upgrades you run correspondent command apt full-upgrade. if there are both updates and upgrades you run both commands? Do not forget `dist-upgrade.
Running the command isn’t the same as updating. You have to read what is written. It’s not the command that is “dangerous” but what it does and what you are letting it to do.
It’s not about if it’s appropriate. Anyone is free to suggest whatever feature she would like to. Proper way to do that is on Github,
That’s exactly what I am doing. Thanks for the links too.
My follow up questions arise from the difference between what the docs (including warnings), @unman and you suggest as proper commands.
Running the command isn’t the same as updating. You have to read what is written. It’s not the command that is “dangerous” but what it does and what you are letting it to do.
I understand that running a command and updating can be different (in case the command would ask the user whether to continue) or the same. Being new to the process, I had no way to know which one was the case and as it is a sudo command, considering also the warning in the docs (which I have read), I thought it would be better to ask before doing anything without understanding what the result would be. I hope that clarifies that the reason for the follow up questions.
Considering the obvious need for extra “education” and the additional work one has to do for something as simple as knowing how much an update will download I think it is appropriate to have it as a feature.
apt update gets the latest information from the repositories. apt full-upgrade will start the process of downloading the updates,
but won’t actually do anything unless you say “Yes” when prompted. It
will tell you what packages would be updated and how much would be
downloaded.
I thought I had included both commands, but apparently not.
I’m fairly sure that this is already covered in a GitHub issue.
I never presume to speak for the Qubes team.
When I comment in the Forum or in the mailing lists I speak for myself.
