On 09/16/2014 06:33 AM, Richard Hughes wrote:
I've triaged many bugs to do with online and offline update failures,
and if we're going to say that we actually care about the users data,
it becomes increasingly hard to defend the "old" way of doing it. I'm
sure I could find numerous bugs numbers where doing an online update
made the session/terminal crash which of course leaves you with
duplicate packages on your system which may or may not be fixable.
Richard
OK, but this is means that we painted ourselves in the
corner---something is wrong if my Android phone, which I don't have to
reboot for updates, has higher uptime than my computer.
We are in a bind: on one hand, the best security practice is to upgrade
daily to avoid emerging vulnerabilities; on the other hand daily reboots
aren't really a nutritious alternative. Something has to give---which
one do we do:
- create a separate daily security upgrade stream, curated to not
require reboots if at all possible
- follow Microsoft and do a fixed 'patch Tuesday' schedule instead of
ASAP updates
- rewrite Linux or at least Gnome/DBus for safe updates :)
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct