Having a way to disable offline-updates in GNOME Software, for "immutable" OSes

Hello everyone,

First message here, so, Hi, this is Dario from the openSUSE community.

What I would like to know (and maybe get some advices about) is whether it already possible to somehow disable offline updates in GNOME Software and have all the packages installed “live”? I’m interested in the PackageKit backend/plugin (for RPMs, FWIW).

And if not, can anyone share any info or pointers to docs or code about how it would be best to implement something like this? I have played a bit with the code, putting there hacks like forcing GS_APP_STATE_UPDATABLE_LIVE for all apps --just as an exercise in order to understand how things work and maybe figure out how to do the job properly-- but I couldn’t get it to work, not even in that way.

The context is that on openSUSE MicroOS, which is an immutable rolling operating system, we will soon have PackageKit working. In fact, something like pkcon update done in a shell works already. On MicroOS, when wanting to install or update a package, we create a new (or “enter” in one, if it already exists) BTRFS snapshot, and we install/update the package there. At the next reboot, that snapshot is made to be the default one, which means we will have the new/updated package available in it. And, as said, pkcon already does this in the proper way, so from the “backend” perspective, I’d say we’re good.

As you probably understand, in such a system the problem of “live updates” does not exist, as the snapshot where we do the change is never the one that is actually running. Therefore, we never update the packages in the snapshot that is our current rootfs, which means that we do not need offline updates at all. So, in my mind, our case could be handled just fine by having GNOME Software thinking that it can use what it calls “live update” for all the packages (that’s what I mean when I say “disable offline-updates”). That would trigger (I think?) a regular PackageKit update which, however, since it knows that it is running on MicroOS, it will only alter the new snapshot. After that, the user will get his/hers updates after the next reboot already, i.e., all the systemd-update dance, which makes a lot of sense in general, is just useless for us.

What we were looking for is something like a gsettings key (but of course we’re open for suggestions!) for disabling offline-update mode and make GNOME Software work in “live update” mode only. Is there anything that allows to do that already? If yes, can anyone point me to it? Because I looked but did not find it. If no, I’d appreciate some thoughts and directions on how to start implementing it.

Of course, we’ll be fine with such a key being default off (i.e., default remains offline updates) and hidden so that users cannot mess with it and shot themselves in the foot on non-immutable systems.

Thanks a lot in advance and Regards
Dario

Hi Dario, thanks for getting involved! I’ll try and reply to this soon (it’s a fairly complex question), if nobody else gets there first. Sorry for the delay

Hi! Thanks for replying, and no problem at all for the delay. I also was busy and could not make much progress with my own investigations on this issue… but I’ll keep looking.

And sure, any help, advice or direction will be much appreciated, if/whenever anyone has time.

OK, having read through this a bit, here are my initial thoughts. I could be wrong or have misunderstood, so please correct me if you think I’m going off on the wrong track.

• tl;dr: I think you want to modify PackageKit to support openSUSE MicroOS’s approach directly, so that the concept of live-updateable packages is exposed in a generic way from PackageKit. You’d then modify gnome-software to correctly set GS_APP_STATE_UPDATEABLE_LIVE on MicroOS packages coming from PackageKit.
• The alternative is to implement a new plugin in gnome-software, specifically for MicroOS. It would likely look like a cross between the PackageKit plugin and the rpm-ostree plugin. You would have to maintain it. It will likely not be simple to maintain.
• If you choose to implement this as a new plugin in gnome-software, you will likely have to do similarly for other users of PackageKit (the KDE software centre?).
• aiui, any changes to support this in gnome-software are likely to be in the plugins. The frontend of gnome-software should already support mixed packages where some are live updateable and some only support offline updates — for example in the case of flatpaks on a non-Silverblue Fedora system. Hence there is no big “everything is an offline update” switch.

How does that fit in with your thoughts so far?

(Aside, out of curiosity: now that rpm-ostree can do live updates, how does MicroOS differ from rpm-ostree?)

Hm. PackageKit is deprecated. Fedora is going to retire it as soon as its D-Bus API has been reimplemented by dnf. Ubuntu already does not use it. Seems like a dead end, yes? I was quite skeptical that getting rid of PackageKit was a good idea, but it seems like plans for relying on distro-specific backends in GNOME Software are pretty well set in stone by now?

MicroOS can’t do live updates (well, we’ve had a “kexec update mode” since a while, but it’s still different than rpm-ostree live updates). More important, MicroOS does not want to have live updates, i.e., we plan to stick to the “updates/installations/removal/etc happen in a snapshot and you’ll have to reboot into it to see them”. Live updates can be cool, but once you have them, the risk is IMO too high that the (sort-of) immutable system would just be used as a regular one, or at least that’s my opinion.

In any case, in my view the differences are that MicroOS is not an image based system. It’s, technically, an openSUSE Tumbleweed (so it’s 100% rolling ) with transactional-updates and turned into a single-purpose OS (then, for MicroOS Desktop, we build on top of that by providing only the basic DE rpms and using Flatpaks, etc) . And this is implemented just taking advantage of what BTRFS can do for us, instead to have to deal with, essentially a new (and completely different) package manager, like ostree. Also, any kind of modification you need to do to the system, including filesystem layout, adding or removing stuff, etc, you can just do that, you’re not limited to installing or removing packages (of course, you’ll see the effects after reboot).

Quite obviously, this is very much personal, and what I see as advantages or good things, can be disadvantages or things to dislike for someone else… but since you asked.

Really? Wow, I’m not really much into these “desktop stuff” and this sounds completely new to me. I need to ask to others more familiar with PackageKit than myself… Thanks a lot for the information. We’ve just added the pkcon backend to MicroOS, so I’m thinking that we may live with it for a while, but again, this is not really my field, so I may say things that are completely off!

Hi again!

And thanks again for this other reply.

Yep, that’s in line with my (still limited) understanding of this, and quite similar to what I had started to try doing.

What I still haven’t been able to achieve, is truly and fully push the packagekit-offline plugin out of the window… But I’ll keep trying.

Yes, but I’d very much like to avoid having to do this. It feels wrong/unnecessary (and I probably won’t be able to make it work, with the time that I have for playing with this anyway… )

I’m very ignorant about anything related to KDE, but from my tests, their Discover works already quite well on MicroOS. In fact, when you install/update RPMs from there, it uses the PackageKit backend just fine, and it does not have the concept of offline updates, which in this specific case is a good thing.

Yep, that’s something I need to invest a bit more time in understanding. The hierarchy of the plugins and the dependencies/load order among them…

Anyway, thanks a lot again for the precious hints. I’ll do my best to put something together!

This is not true. PackageKit is used on Ubuntu with GNOME Software (at least since 20.04). As for Fedora, there is no plan to reimplement PackageKit’s interface in DNF. As it is, I co-maintain the DNF backend in PackageKit for Fedora, Mageia, OpenMandriva, and openSUSE.

Plasma Discover supports turning it off or on. Eventually, it will be on by default, but it’s possible to turn it off when that change occurs.

I am guessing you were talking about the Ubuntu/Dnf claims on that quote, but I could see how it could be interpreted as Packagekit not being deprecated as well.

So just to avoid confusion for the rest of the readers here’s the source/post on the why and how Packagekit got deprecated.

I am saying PackageKit is not dead. I still work on it. Others still work on it. Richard Hughes generally doesn’t because he’s focused on LVFS and fwupd these days.

This is not true. PackageKit is used on Ubuntu with GNOME Software (at least since 20.04).

OK, I didn’t know that! For some reason I thought they had their own apt backend.

PackageKit’s D-Bus interface. That really is the plan. Let’s talk about it elsewhere, I guess.

I don’t quite understand why it’s a good plan, because it implies that having individual software management applications separately maintain what could be the same code is somehow better than maintaining the code in one nice abstraction layer that can be shared by everyone.

The underlying issue is that Richard Hughes switched to working on firmware stuff, and this was around the time that people thought Snaps and Flatpaks would take over the world. Now, things are considerably more realistic and the PackageKit codebase has been trimmed of most of its unmaintained backends, with the rest of them getting at least semi-active maintenance. The DNF team knows that as soon as the new DNF v5 API is available, PackageKit will be adapted for it. There is a dnfdaemon and that’s getting rewritten from Python to C++ for clients that need DNF-specific stuff, but it is not expected to replace PackageKit.

What? This is news to me.

Edit: Just noticed the rest of the posts above which run through this.

Not to my knowledge. New plugins are added on a case by case basis if there’s no other way to support that particular distro.

With my gnome-software hat on, I’d prefer it if PackageKit provided the distro abstraction layer, and then we only have to care about making a nice, functional UI in gnome-software. The more plugins we end up with in gnome-software, the more time we have to spend maintaining them and trying to reconcile their differences.

To be clear, I am recommending against writing a new plugin. From the sounds of it, what you want should be achievable without doing that.

Yep, I understood as much, but thanks for clarifying.

Ok, FTR, I’m trying to work on this, although I don’t have anything functional yet.

I can easily hack (for now) things in such a way that all apps are marked as GS_APP_STATE_UPDATEABLE_LIVE. But I’ve just learned that this is not enough, because PackageKit can’t handle such apps. In fact, as far as I am understanding things, support for updating apps live was dropped with 46eca30b6786b66af9c8eeac1f64f1ffdd6fbc0b, “Remove online-update functionality” (in 2013!!!).

For that reason, even if all apps are marked as GS_APP_STATE_UPDATEABLE_LIVE, the gs_plugin_update function of the gs-plugin-systemd-updates plugin is called, and UPDATEABLE_LIVE apps are just ignored.

I am therefore bringing it back the support for updating apps live in the packagekit (not systemd) plugin. Of course, I’ll make sure that this is only relevant for MicroOS. As agreed, this is all happening inside the PackageKit plugin code, and it should be possible to keep it there.

Any thoughts or comments more than welcome.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.