As much as I appreciate the convenience of automatic updates, automatically restarting at 8pm while I’m in the middle of a match in Overwatch is unacceptable. I normally run all of my auto-updating stuff in a “check for updates and notify but don’t do anything until I say so” mode, which does not seem to be a thing in TurrisOS yet. Worse, when I go to run the update.sh script manually, it fails with the message “Updater disabled.”
Is there a way to set this up that I’m not seeing? I suppose I can always enable updates, run update.sh and then disable it again, but that’s a pain and I’d really rather not have to do that.
Also, as an aside, the maintenance page heavily implies that auto restarting will happen after 0 to 10 days if notifications are turned on. Can I turn on notifications without automatically restarting? Why is everything trying to restart my router all the time?
Well, you cannot replace kernel without restarting the device, can you? All other updates actually go quite smoothly without having to restart the router.
@Ondrej_Caletka,
Is kernel-patching/livepatching or whatever it is called, to big for Turris-OS? This is being supported by default since kernel 4.4 so i have heard.
livepatching is currently not supported and frankly it is meant and used just to do critical security updates on servers so you have some time to plan your maintenance window as it might take a while before you get to it. And it has some non-trivial maintenance overhead.
@Pepe
It’s currently set to restart at 3:30am. However, the update system did not seem to care and restarted immediately following the update anyway. So, that’s not really a safe option here (and, yes, the local time is set correctly on the router).
@Ondrej_Caletka
That’s understandable, but let me perform the update manually so I know when it’s safe to restart. I don’t understand why the update process needs to be completely hands off or exceedingly tedious. I feel like there’s a middle ground here that’s being overlooked.
This shouldn’t happen and hasn’t happen to me. Maybe there is some other issue.
You can achieve something like that by keeping updates enabled but disabling the updater cron job. Then you can start updates manually by running updater.sh at your leisure.
The updater already supports modes in which you either need to confirm each update, or in which it gives you some configurable time before proceeding to decide if you want that update. The problem is, only the backend supports it and it’s not even remotely user friendly and it is not much documented.
Hello @vorner,
I have been able to get working Approvals functionality on my TO and I am so happy for this functionality especially when I am not home for weeks and need fully working OpenVPN/DNS/Something that will not be broken by update (just example I am not saying that any update did broke OpenVPN so far).
However I have few questions.
I see I can grant a approval for whole update, but is there any way that I can approve only some of packages listed in /usr/share/updater/need_approval ?
Is there any interface in Foris right now or the email I am getting is not correct right now?
Oznámení o aktualizacích
Updater žádá o autorizaci akcí. Autorizaci můžete přidělit v administračním rozhraní Foris.
In the Debian world, people who subscribe to stable security updates get nothing else. If there are no software version upgrades included in a security update, less things can go wrong and less time will be spent fixing anything that does go wrong.
This is a good way of keeping a system stable. People also have more confidence in this approach and so they do the updates more promptly.
I have the impression it is harder for smaller communities like OpenWRT to maintain a stable release branch, so one way that people can solve this issue may be running Debian on the Turris Omnia.
so far).