Upgrading packaged Ubuntu application unreasonably involves upgrading entire OS

Bug #578045 reported by John King
726
This bug affects 158 people
Affects Status Importance Assigned to Milestone
Ubuntu
Opinion
High
Unassigned
Declined for Lucid by Robbie Williamson
Declined for Maverick by Robbie Williamson

Bug Description

It is easier to upgrade to the newest stable versions of most applications -- even open source applications -- on a proprietary operating system than it is on Ubuntu.

Two examples:

1. Wait for a new version of LibreOffice to be released.

What happens:
* <http://www.libreoffice.org/download/> offers downloadable versions for Windows, Mac OS X, Ubuntu and other systems.
* However, nothing in Ubuntu Software Center, Update Manager, or anywhere in the default system, allows you to install the newest version in a trusted way.

2. Wait for a new Hedgewars version to be released. (Or notice that you are unable to play network games, because the server requires a client version newer than the one packaged in Ubuntu.)

What happens:
* <http://hedgewars.org/download.html> links to an Ubuntu package, but this requires setting up an untrusted "Playdeb" channel.
* On Mac OS X, the new version is advertised by a badge on the App Store icon, and can be installed in a couple of clicks.
* However, nothing in Ubuntu Software Center, Update Manager, or anywhere in the default system, allows you to install the newest version in a trusted way.

Users learn that they shouldn't download from outside trusted repositories or websites as a rule, and it's very true that choosing to install applications from outside trusted places poses a risk to the system. PPAs often provide unstable, development releases which may not run well on the system they're installed on, or pose security risks to the system. GetDeb.net is a reasonably trustable source for now, but a new user may not know about it, and it still may not provide the same level of trust that an Ubuntu sanctioned source would to the user. But if nothing else, GetDeb could be configured as a source for new, stable yet unsupported versions of software and be advertised as such somewhere in the default Ubuntu install.

What should happen:
* On running Ubuntu Software Center or Update Manager, you should be told that you have the option to replace the current version with a newer version.

WHY THIS SHOULD HAPPEN:

    A rolling release, or semi-rolling release system has been suggested in the past and almost always is shot down for various reasons. I don't believe the way I'm suggesting this would constitute a rolling release system, and I don't think it would require any large change to the way things are done now. Ultimately, it would be up to the devs to implement this idea in whatever way they wished if they so chose, but here's why I think the USC should provide the ability to upgrade software easily and safely:

    -Software development stops for no operating system, and Windows users are used to having the newest versions of software as soon as, or soon after they come out. Being able to upgrade easily to newer versions of software, is a rather reasonable expectation of a modern, mainstream operating system.

   -Resources wouldn't be stretched too thin; software would be upgraded to their newest stable version under the stipulation that regardless of their former status of support (main or universe), they may or will be completely unsupported after upgrade. It's better than or at least equal to the alternative; using potentially malicious or unstable untrusted software from unofficial sources.

   -Doesn't it seem wrong that it's easier to have the newest versions of FOSS software on proprietary operating systems than on a largely FOSS one? Ubuntu should showcase the best and newest of what FOSS has to offer, not so much or in a way that makes it look like a Debian-based Fedora, but in a way that if the user wants it, he can get it easily. Sure, you could reasonably argue that if the user cares so much about new software, he/she could go to a distro like Fedora or a rolling release distro, but that'd be kinda like Windows telling it's users that if they want the newest version of say, Windows Media Player (bear with me here xD) they have to upgrade their entire OS to an unstable development release. Ubuntu should be able to offer new versions of software easily, but it doesn't mean that all the core system libraries and daemons have to be upgraded. Simply an option for (at least) commonly used software.

------------

Latest progress:
* For software in the Ubuntu archive:
  <https://blueprints.launchpad.net/ubuntu/+spec/foundations-o-backports-ui>
* For software not in the Ubuntu archive:
  <https://wiki.ubuntu.com/AppDevUploadProcess>
  <https://myapps.developer.ubuntu.com/dev/>

This bug will be marked as Fixed when at least 50% of Ubuntu applications can be updated to a new version without upgrading the operating system.

2012-09-05: 376 applications are published in MyApps and 36 in Extras. So over 10% of Ubuntu applications now be updated without upgrading the OS.

Tags: lp-soyuz
Revision history for this message
Murat Gunes (mgunes) wrote :

Thanks for your time as well, but this is way beyond the scope of the 100 Paper Cuts project. You may want to review https://wiki.ubuntu.com/PaperCut for a definition of what a "paper cut" is.

A better way to propose and drive enhancements of this complexity is to draft feature specifications: https://wiki.ubuntu.com/FeatureSpecifications .

Also note that it's among the future goals in Software Center (https://wiki.ubuntu.com/SoftwareCenter#October%202010) to establish trust level ratings for PPAs and make it possible to add them through a graphical interface, which will provide the mechanism for secure optional software updates from PPAs.

Changed in hundredpapercuts:
status: New → Invalid
Revision history for this message
Omer Akram (om26er) wrote :
Vish (vish)
affects: hundredpapercuts → software-center
Changed in software-center:
status: Invalid → New
affects: ubuntu → software-center (Ubuntu)
Changed in software-center (Ubuntu):
importance: Undecided → Wishlist
Changed in software-center:
status: New → Invalid
Revision history for this message
Matthew Paul Thomas (mpt) wrote :

I'm designing the "What's New" section in Ubuntu Software Center, whereupon I'll pass this on to Gary Lasker. The other big moving part is in Soyuz.

Changed in software-center (Ubuntu):
assignee: nobody → Matthew Paul Thomas (mpt)
importance: Wishlist → High
status: New → Triaged
summary: - It's easier and safer to install the newest versions of popular open
- source software on Windows than on Ubuntu. (Or, why it's high time
- Ubuntu made upgrading to stable versions of software easier and safer)
+ Upgrading packaged Ubuntu application unreasonably involves upgrading
+ entire OS
Revision history for this message
Matthew Paul Thomas (mpt) wrote :

Firefox has now become a bad example, because it is being special-cased by the Desktop team. <https://lists.ubuntu.com/archives/ubuntu-devel-announce/2010-June/000719.html> So this bug report would benefit from rewriting with one or two different examples. (chromium-browser would be a candidate, but it's likely to be special-cased too if it's used by default in UNE 10.10.)

Changed in soyuz:
status: New → Invalid
Revision history for this message
AJ Jordan (strugee) wrote :

You could rewrite it for Thunderbird...?

Revision history for this message
Matthew Paul Thomas (mpt) wrote :

For applications packaged by Ubuntu developers, this is covered by backports.
<https://help.ubuntu.com/community/UbuntuBackports>

For applications packaged by their own developers, this is now specified and being implemented for 10.10 under the direction of Rick Spencer. <https://wiki.ubuntu.com/PostReleaseApps/Process>

Changed in software-center (Ubuntu):
assignee: Matthew Paul Thomas (mpt) → Rick Spencer (rick-rickspencer3)
status: Triaged → In Progress
Revision history for this message
Rick Spencer (rick-rickspencer3) wrote :

This is not a bug, this is the part of the Ubuntu way of handling updates to applications. The default for users is that their experience does not change unless and until they upgrade to a new release. This is very intentional and this stability is part of the core value proposition for users.

In the case where a user would like a more up to date package on their system then the one that is offered in the repositories for that version, these users have some options, including creating or finding a PPA, or using backports.

So, this is not a bug, but rather a proposal to dramatically realign some core principles about how we develop software. It's a good and useful discussion to have, but not in a bug report. Blueprints, the ubuntu-devel mailing list and other forums would be more fruitful for such a discussion. Therefore, I am setting this bug to "opinion".

Changed in software-center (Ubuntu):
status: In Progress → Opinion
assignee: Rick Spencer (rick-rickspencer3) → nobody
importance: High → Undecided
Changed in software-center (Ubuntu):
status: Opinion → In Progress
assignee: nobody → Matthew Paul Thomas (mpt)
Revision history for this message
manny (estelar57) wrote :

Similar to the OP or better explained:

http://www.anandtech.com/show/2816/9

Revision history for this message
Adrian Wechner (adrian-wechner) wrote :

"So, this is not a bug, but rather a proposal to dramatically realign some core principles about how we develop software."

of course it is a bug. If it feels bad, weired, confusing, old... whatever... then it is a bug. The intention of that kind of release is good, but in practice people like to have the newest version of their daily used applications.

All graphic editors, video editors, IDE, Office stuff and browsers must be up to date.

Let me explain why:

1.- Ubuntu wants to be fresh and new - It's in contra of the current release circle
2.- Someone wants to stay with the LTS for stability. That's understandable, but has to wait 2 years for an upgrade of its browser??
3.- You can't expect that everyone wants to upgrade the whole system every 6 month just to get the newsest browser and Office Suite
4.- PPA adding (manual or automatic) is a mess... too complicated in general. A user wants to see that there is the new version of its browsers and to say YES. that's all.

affects: launchpad → null
description: updated
Changed in software-center (Ubuntu):
importance: Undecided → High
Revision history for this message
Jeremy Newton (alexjnewt) wrote :

Well I don't think the key point is to be up to the very date, like a rolling release, but update if the newer version is considerably stable and well only add, not cause unstable behaviour.

For example, Libre office right now has two versions on their site: 3.3.4 and 3.4.3
The former is considered more stable, while the other is considered mostly stable. I would think the LTS should always have the former option updated at least every point release of the LTS.

Another example would be firefox: currently at 7.0. I would think the best idea for firefox would be to release only after a point/bugfix release is made or it's still running strong after a given point in time (say half the release cycle).

Any packages with a LTS source should defiantly not be updated past the LTS version of course, ie the kernel (currently 2.6.32.46).

To further my point, I think it probably should only be done on the LTS because the normal releases expect the user to update regularly anyway. I really don't think this is necessary with normal releases. Maybe every point release of the LTS can get a bunch of updates with it?

Revision history for this message
manny (estelar57) wrote :

@Alexander

Stability is taken into consideration (for example i doubt they will offer alpha or beta software). But the point here is to give users choice.

Like in every other OS, the user is used to choosing which version he wants / needs.

He/she can either stay with what he has, update to the new, or un-install and revert back just in case.

Right now the LTS has software that's almost 2 years old... Hunting down PPAs is not fun, obvious or friendly to new users.

From the blueprints the plans and actions taken will not totally solve the problem of course, but its a good start and should greatly improve the situation if done correctly.

Revision history for this message
John Mills (jmills59) wrote :

Hi all,

I completely agree with this bug report, for example, if I started using Windows XP in 2001 I could still easily install a new build of Firefox, Open Office, Inkscape etc. But with Ubuntu because the backports are not great I have to either compile the source myself or look for binaries. There are not PPAs available for all application in the repos. As the above commentator stated Ubuntu 10.04 is approaching 2 years old now. Why should I be denied the ability to run newer software without upgrading my operating system? Is this really reasonable?

If I want a new version of Blender I have to move off of an LTS release to get it or go to the bother of compiling it myself. And it appears to me non LTS releases are in essence beta versions in testing for the next LTS.

Come on... be reasonable here. If you want to target new users they will want newer versions of their favourite software and they will not want to compile it themselves or hunt around for an unsupported and possibly insecure PPA.

Most new users are scarred to update/upgrade their machines and risk braking their working systems. Simple as. This in my humble opinion is the major failing of Ubuntu and why I can not recommend it to a 'normal' user who wants a computer system with 'up to date' software that they do not have to re-install or upgrade every year.

I hope some one with authority can really take a loot at this issue.

Revision history for this message
manny (estelar57) wrote :

@John Mills

could not agree with you more on this.

>"I hope some one with authority can really take a loot at this issue."

MPT is looking into this issue and am sure he's very aware of the situation.

The "NotAutomatic backports" seems like the first step towards a solution.

The second step can only be to move into longer release cycles or promote the LTS as the only stable release for users and OEMs, while the other releases should be marked or promoted only as "development and testing" releases.

Canonical needs to incentive users, oems and app developers to only use the LTS.

Specially app developers also have it difficult on Ubuntu:
http://www.pcpro.co.uk/news/370171/gnome-creator-linux-has-only-10-great-desktop-apps

"We’ve managed to p*** off developers every step of the way, breaking APIs all the time."....
"Ubuntu from this week is incompatible with the one nine months ago."...

i think canonical has the power to remedy this situation on their platform, but seems to not want to...

description: updated
Revision history for this message
Mike O'Donnell (mikeodonnell) wrote :
Download full text (5.4 KiB)

Ok, my 2 cents worth, from an new, casual user's perspective. I agree this is a bug.

History:

I bought my first computer 3 years ago, and struggled along with Vista for six months, until I was infested with the "conficker worm" http://en.wikipedia.org/wiki/Conficker after going on an online banking institution, April 01.2009. I had all the newest anti-malware applications. My installed version of Kaspersky;s went nuts reporting to me the infection, but became unusable. All the Microsoft anti-malicious software removal sites, for me couldn't contend with it. In desperation I bare-boned installed Hardy ... Great I learn no real concerns about malware in Linux and Ubuntu, if one is cautious. :^). I make a conscious decision to remain with LTS, for being more secure and less chance of things going "screwy" with new code. I start to learn my way around linux and Ubuntu slowly (new and casual user right) and inevitably break it multiple times, winding up re-installing Hardy as last resorts, for lack of knowing how to fix. Theses were complete new installs, a lot of configuring. Now I keep a separate ~/ partition, that save a lot of configuring in new installs, bringing it forward during manual installs. (Starting to learn a bit of the "'nix way"). I learn I need a backup solution in place the "hard way" and finally settle on Deja-dup; for lack of better understanding ... a front-end configuration for duplicity back-end. By this time I have learned to enable PPA's for my preferred and often used apps and do so for "DD". I use DD as it's an Ubuntu featured app in the Software Sources and is going to be included for the next release. Also, the dev (Michael Terry) works for Canonical, I believe. Seems a good choice for a newbie's backup solution. I ran into a problem, with DD and contacted and received help for the concern, at Launchpad. MTerry, in our conversation states:

"So, there is a theoretical concern that if duplicity changed something, you'd want a newer Deja Dup that knew how to handle that change (which you won't be getting from the deja-dup PPA because Lucid's version won't be getting updated, as newer Deja Dups require more modern dependencies). But for the current duplicity, I don't believe that is the case. I believe 14.x can handle the latest duplicity. Also, there are a couple bugs fixed in at least duplicity 0.6.14 that you will really want. They potentially introduce data corruption if a backup is interrupted. I have backported the fixes and would love if you could test them: So I would highly recommend you either install my backports or use the duplicity PPA.

Backports". Well I never used backports because of this warning here: https://help.ubuntu.com/community/UbuntuBackports
"Backports candidates are tested by several Backports developers and community contributors before they are allowed to be placed in the repository. Backports packages are thus safer to use than the development distribution. At minimum the packages should be usable in a manner that the average Backports developer could test. However, given the nature of introducing newer versioned packages from a development distribution into a stable, released distrib...

Read more...

Revision history for this message
manny (estelar57) wrote :

@Mike O'Donnell (mikeodonnell)

about the backports part, i think you're speaking of "Automatic Backports"

so, if you check the blueprints they are trying to introduce something different: "NotAutomatic Backports".

Correct me if am wrong, but i think those will not be updating or affecting your entire system, just explicitly the apps or parts you want/need to update...

Revision history for this message
Mike O'Donnell (mikeodonnell) wrote :

@manny

My concern is not having the aps needed for security or stability of the system a newbie has configured, or in the case I made, the ability to be sure a backup app (is/are) available in the newest and functional format, for a LTS; without having to jump through unknown and possibly impossible hoops for a newbie.

Please reassure me, if indeed, I don't understand this correctly.

Thanks.

Revision history for this message
manny (estelar57) wrote :

A complete fix to this bug would also require adding some features that Ubuntu/APT are still missing as seen on this comparison:

http://0install.net/comparison.html

These should improve the situation for developers and users by leaps and bounds. Making ubuntu the most competitive.

Maybe even get help from the 0install developer himself, since he seems to be an approachable and dedicated expert on the matter.

@Mike
yes, the objective is to make it as easy as possible for a newbie and not have to "jump through unknown and possibly impossible hoops" like you mentioned (hunt down PPAs, dependency problems/conflicts , etc.)

But unless we add the missing features to ubuntu/apt/SC as described above, it may never be as easy as it should be...

Revision history for this message
Michelle Walker (milore55) wrote :

I will put in a comment from a non-techie source. I'm a fairly new user. I'm not a programmer. I really like Ubuntu but it seems to want to keep 'non-programmers' out. I see phrases here like 'look for binaries' or 'back'ported', etc. The average person does not know what these things mean. And if this is something that has to be done just to upgrade, well...you see my point. Upgrading should be simpler. I have 10.04 and I keep it because It's LTS but I'd like to upgrade. I'd like to explore other things Ubuntu has to offer but the last time I upgraded and had problems, the support from the community was not there (which is another topic altogether), so I stayed with 10.04.

I'm glad someone recognizes that there are users who really like Ubuntu but upgrading and getting support for systems that are not LTS is difficult for non-techies like myself. And BTW, I do spend much time in searching out answers to problems I may encounter, so it's not a matter of my just wanting to 'push a button' and have everything fixed for me.
Thanks

Revision history for this message
nerdy_kid (nerdy-kid) wrote :

I reported a duplicate of this bug. Just sharing my idea for a possible solution.

Perhaps splitting the Ubuntu repos into two -- one for the Ubuntu Core (kernel, desktop, system libraries, etc) and one for the applications. The applications repo could then be continually updated as developers update their apps without effecting the core system of Ubuntu. On system upgrade ("distro upgrade"), only the System Repo would be updated to the newest Ubuntu release, making the upgrade process far smoother then the current mess that often results. I am sure there are problems with the above approach, but perhaps there are ways to work them out on a technical level.

Revision history for this message
Matthew Paul Thomas (mpt) wrote :

nerdy_kid, you are basically describing Ubuntu backports. <https://wiki.ubuntu.com/UbuntuBackports> But backports are not used nearly often enough to fix this bug, because (1) issuing them still requires becoming (a) an "Ubuntu member", (b) an Ubuntu developer, and (c) a member of the Ubuntu Backporters team; (2) packaging is hard; (3) the backports process is bureaucratic; and (4) there is no simple UI for selectively installing backports, which lowers the incentive for providing them. Implementing the "Updates" section in USC <https://wiki.ubuntu.com/SoftwareCenter#updates> would fix (4), but the other three probably can be fixed only with a process that does not involve the Ubuntu repos at all.

Revision history for this message
Darik Horn (dajhorn) wrote :

@mpt is correct.

Having a well known PPA with a good reputation is better than being an official project member. You get most of the benefits of being a project member with none of the overhead costs of officially joining.

The community is familiar and comfortable with using Launchpad to get current software. PPAs provide the easy 80% of an app store implementation for Ubuntu.

The has the side-effect of making Ubuntu sticky. People that try to leave Ubuntu often discover that they depend on the convenience of PPA packages. This dynamic probably explains the Canonical Ltd position on the https://bugs.launchpad.net/launchpad/+bug/188564 ticket.

Revision history for this message
manny (estelar57) wrote :

I think there is no one fix for this. But a combination of the backports, PPAs, the USC updates UI, myApps, more promotion right in the software center, crowd-sourcing and a project like getdeb which states that "UbuntuBackports project has a limited scope in comparison. GetDeb extends the official repositories and unlike the official packages, GetDeb packages do not have a predefined release schedule - new software versions are provided as they become available from their authors."

But another factor is that many developers don't feel they have control of when their apps (and specially their app-updates/bug fixes) get included in the software center. They want a wide audience to start using/testing their apps ASAP. They lose motivation and engagement. We need to start changing this perception.

Revision history for this message
nerdy_kid (nerdy-kid) wrote :

@mpt

If I understand correctly, the backports repo contains new versions of software already included in the main Ubuntu repos. What I am suggesting is:

1: Do away with the Ubuntu Backports repo entirely.
2: Create two separate repos: one for Ubuntu applications (and perhaps even commercial applications could be included here, but I'm not sure the legal implications. If not, then split the Applications repo into one for FOSS software, the other for proprietary)
3: and the other for the core Ubuntu system, eg kernel, core libraries and system components.
4: The Ubuntu applications repo would have a rolling release style of updating,
5: while the Ubuntu Core repo would keep it's current 6 month release model.

There would be no overlap of packages in the Core repo, and the Applications repo.

As far as getting software easily into the Applications repo, in order to prevent your first point, why couldn't the community review the software? There could be a "Community Review" site where packages seeking admission to the application repo could be uploaded. Anyone could register easily to the review site and vote on a package's safety. Their voting weight would be in proportion to their reputation. Reputation could be earned by the accuracy of ones votes. Voting "safe" for a package that was eventually turned down as malicious would lower a user's reputation, thus decreasing their voting weight.

Revision history for this message
Darik Horn (dajhorn) wrote :

The subtle and disruptive suggestion in this thread is that the backports and universe sections are unnecessary legacy baggage, and certain important things like the web browser and office suite should not be in the main section.

From the customer perspective, application software is the profit center and the exciting reason to use Ubuntu. Things that are used daily, like the web browser and office suite, should always be current and therefore provided by a rolling channel.

From the customer perspective, everything else is a cost center and hygiene factor. They don't care about the components in main unless their laptop doesn't sleep, or their audio is garbled, or they can't play their favorite flash game.

Furthermore, a smaller and tighter main section might have prevented or mitigated some earlier Ubuntu release mistakes, especially those caused by Canonical staffers wedging unfinished product into distribution to hit bonus targets. Things like MetaTracker and PulseAudio would have been less frustrating if they were quickly iterated in a rolling channel.

Revision history for this message
Matthew Paul Thomas (mpt) wrote :

nerdy_kid, you are now describing MyApps and the Application Review Board, respectively. :-) They will need a lot of process improvements before they can scale to the point where they replace anything.

no longer affects: null
no longer affects: software-center
Revision history for this message
John Mills (jmills59) wrote :

@ Matthew Paul Thomas: Hi Matt, as this bug is assigned to you can you provide an update as to where we are? In your experience will there be any differences in the 12:04 release? I think nerdy_kid is spot on in his suggestions (although not entirely sure about the review process). But I think this could even go further, much like Android versions 2.0, 2.1, 2.2, 2.3 pull from the same software repositories I believe Ubuntu should do the same for application software. In your experience Matt is that possible? Could the Software-center 'sit above' a number of releases with the same applications packages? Wouldn't this make the life of the packagers easier? Certainly some packages can work across different releases, just take a look at Chrome from Google.

The real value to me of Ubuntu comes from the fact that it is FLOSS software and showcases the best that is available in free as in beer and liberty software. But It is very important to me that the applications I use are up to date.

I realise there is rolling distros like Arch but Ubuntu really is the best chance for FLOSS on the desktop. Even SUSE provides the 'Tumbleweed' repository with their releases now.

In comparison if I use the software center in Mac OSX I can be on Snow Leopard or Lion and get the same software and they will automatically keep up to date without me being forced to upgrade my OS every 6 months. I love Ubuntu for what it is but it seems so conservative and behind the commercial alternatives, which is what this bug report is really about.

I have another related question you might know some information on, if I buy a computer that ships with Ubuntu how does Canonical ensure for example that is able to keep up to date with security and application updates? For example I know of some systems that ship with Ubuntu 10.10 and this support will be ending soon. I really believe that giving someone a machine with a non LTS release of Ubuntu is a problem. People are 'scarred' to completely upgrade their systems but ensuring they are on the latest supported version of software must surely be a benefit to everyone involved.

Anyway enough of my ramblings for now.

Thank you Matt

Changed in software-center (Ubuntu):
status: In Progress → Fix Committed
Revision history for this message
Marius B. Kotsbak (mariusko) wrote :

Bjørn: which change do you refer to that is supposed to solve this?

Changed in software-center (Ubuntu):
status: Fix Committed → In Progress
Revision history for this message
Michael Vogt (mvo) wrote :

Please note that for 12.04 we have a new feature that allows viewing/installing software from *-backports.
This will allow the user to opt into the latest software version (if its availalbe in *-backports) easily.

Revision history for this message
John Mills (jmills59) wrote :

Hi Michael,

This is a great start but will this mean that more applications are going to be back ported in the future? If the selection is still very small then I don't see much of a benefit? If the back ports can be synced against the newest versions of software in the future releases of Ubuntu e.g. 12.10, 13.04, 13.10 etc then that will be great. Is there a policy for this? Is there a list of the applications that are on the back port list? I guess the default Office suite and browser / productivity software will be there? Are you aiming at a percentage of software that can will back ported? E.g. 20%, 30% of software in main? Will the back ports be maintained by Canonical or will this be a community effort? Will this be pushed as a feature? This is a good news but the original bug is still valid that installing and maintaining up to date FOSS software is still easier on Windows and OSX.

Thank you for your time and answers.

Best regards,

John

Revision history for this message
oiaohm (oiaohm) wrote :
Download full text (4.5 KiB)

Matthew Paul Thomas the solution to this lays all the way back to when Sun Microsystems Designed ELF. This exact problem was considered. Most Linux distributions have failed to use Elf properly so causing this problem.

Linux ld.so most distributions use is called ld-linux.so. People forget why. On solaris is is called ld-solaris.so and so on.

This allows different applications from different OS systems using elf to have different libraries spat up. Different loader different configuration directory. With Unix systems this is not much of a problem there is min number of releases using the same loader. Linux o boy. We have how many different distributions using the same loader. Are we nuts??? Why is it are we nuts. Because if someone force installs a binary not compadible its going to run and it could cause big problems.

ld-linux used by everyone is a bad idea. Should not have be done. Since now this means we must depend on package manager to keep applications from different time frame from fighting with each other. This leads to dependancy hell were we need a old application because it works with our data and a new application to access something else due to them sharing the same library they cannot be installed at the same time because teh package manager has to refuse because there is only one loader.

Now where is the problem coming from. Linux we have different distrobutions branches and everything is using the same loader so at the active load path there is nothing telling them appart.

Is it possible to change the loader on a prebuilt binary. Yes it is https://github.com/NixOS/patchelf/blob/master/patchelf.1 so dpkg itself could alter the binaries loader. Yes a smarter debsums has to be made allowing for loader change.

If each release uses a different loader you then can use what is designed for multi arch for storing arch differnet libraries except add a release name to it as well as arch. Does anything forbid the dynamic loader being told to try its release then all other releases in a order from newest to oldest to find a missing library in fact no. This allows dependancy hell to be solved since dependancy is now only a distribution branch issue not global once you have a loader per branch.

This is a case of doing stuff against how ELF is designed so its coming back and biting us over and over again.

The interesting effect of distributions using there own loaders or having package manager change loader on binary is the possiblity of Ubuntu binaries running on Fedora and vice veser using as much of the system libraries as compadible. Since Alien Distribution Loader would be able to point to a directory containing its own libraries then fail over to system.

Most of the required design alterations has been done for multi arch support. It is really just a small step forward to multi distribution support. Arch you can tell what it owns to by the arch id in the elf binary. Distribution branch needs to be declaed by loader after that the two problems are very much the same.

Yes with multi arch with emulation using native binary code instead of arch code that is not native can be benificial to emulation ...

Read more...

Revision history for this message
Aleve Sicofante (sicofante) wrote :

tl;dr: decoupling app updates from system updates is so basic I don't know why any project leader would doubt this is a bare need for any desktop to even have a slight chance of succeeding.

Revision history for this message
Gao Shichao (xgdgsc) wrote :

Applications in Software Center now are mostly apps that users want to keep up with the latest version. For these apps in Software Center. I suggest using a similar system like bundles in Chakra Linux. Those bundles are one-click installable archive like in Windows or Mac. And these bundles don't interfere with the existing system since all dependences are packaged into the bundle. This way the base system can be kept stable and apps can be easily updated. This way Ubuntu should support LTS versions even longer and stop release unstable versions every 6 months.
I believe it's an easier option than backporting new version of apps that depend on newer libs that may interfere with existing old version libs.
Hope some developers may take some time and look into Chakra 's bundle system.
If it's too hard to change release model of Ubuntu , I hope someone would implement such feature independently as a new distro based on debian.

Dave Morley (davmor2)
tags: added: ca-escalate
tags: added: ca-escalated
removed: ca-escalate
Michael Vogt (mvo)
tags: removed: ca-escalated
David Pitkin (dpitkin)
Changed in software-center (Ubuntu):
status: In Progress → Won't Fix
status: Won't Fix → In Progress
Revision history for this message
John Mills (jmills59) wrote :

Gentlemen,

Is there an update on the status of this bug? Has anything changed with the status of the request since 12.04 was released?

This crucial topic has been brought up once again on omgbuntu for the release of GIMP 2.8.2:

http://www.omgubuntu.co.uk/2012/08/gimp-2-8-2-released-with-small-bug-fixes

@ Michael: Your statement below indicated that we could expect an easy method to maintain the up to date software on an LTS release, is this now the case? If software is in the 12.10 repositories are we able to now use this as a backport? Is there some emphasis at making back ports for additional software applications?

Michael Vogt (mvo) wrote on 2012-03-16: #28
Please note that for 12.04 we have a new feature that allows viewing/installing software from *-backports.
This will allow the user to opt into the latest software version (if its availalbe in *-backports) easily.

@ MPT: As this bug is assigned to you and it has been 6 months since you commented here on the status of this bug report can you provide an update of any description? Is it still valid for you and Ubuntu? Can we expect any changes or should we still be looking to upgrade to the latest new release every 6 months to get up to date software, such as GIMP 2.8 and Libre Office 3.6?

Best regards and thank you for your time.

John Mills

Revision history for this message
Tormod Hellen (tormod-hellen) wrote :

Just voicing my support for fixing this bug.

Revision history for this message
Ravi Kumar (kumarravi-kumar267) wrote :

We want latest stable release of every software or package via Ubuntu software Center or Update manger because new software often contains many bug fixes and new features! Please fix it soon. I am fed up by adding 100 PPAs or more for every softwares updates......

Revision history for this message
Gao Shichao (xgdgsc) wrote :

I noticed the new backports feature in 12.04. Is there any easy way of requesting backports? Filing a bug at launchpad is not so friendly. I suggest implementing it in software center. Any progress in this bug?

Revision history for this message
Marius B. Kotsbak (mariusko) wrote :

Well, the bottleneck here is probably not reporting requests for backports, but the manpower to do the actual backports, if it can't be done by the third party projects themselves or somehow done automatically or imported from e.g Debian.

Revision history for this message
Gao Shichao (xgdgsc) wrote :

@ Marius Kotsbak (mariusko):
I agree packaging of desktop apps really should be work of third party developers. In order to reduce their work , I think half-year release is too frequent and we should reccommend only LTS versions to developers to support and new users to use. Users and devs usually don't need the features of desktop environment imported every 6 months. They just need it to be stable enough and functional. Two-year release cycle is just fine and time should be enough to sort out all bugs before release. I don' t think 6 months is enough.
After watching this video "UDS N Monday plenary: Getting great applications on Ubuntu" http://www.youtube.com/watch?v=GT5fUcMUfYg , I think Ubuntu developers are well aware of this problem and the progress in usc and myapps is great. Upstream developers should be encouraged and guided to submit apps through myapps and should be allowed to replace the ones in universe repo.

Revision history for this message
manny (estelar57) wrote :
description: updated
Revision history for this message
John Mills (jmills59) wrote :

Hi MPT,

thank you for the update :

'2012-09-05: 376 applications are published in MyApps and 36 in Extras. So over 10% of Ubuntu applications now be updated without upgrading the OS.'

So we have now have 10% of applications that can be updated, but more importantly we still have 90 % that can't. And for these we still need to move from a Canonical advocated version of Ubuntu (LTS release) to a testing release in essence. From the blue print of MyApps I understand this will not include applications in the main archives.

Since these are the applications most often installed then this is not really of much use to a typical desktop user. Do you think that it will ever be possible to stay on an LTS release of Ubuntu but have up to date software without compiling it yourself of using a possibly insecure PPA?

Best regards,

John

Revision history for this message
growingneeds (growingneeds) wrote :

Reading this bug report, I want to thank Matthew Paul Thomas https://launchpad.net/~mpt for his dedication to improving the Ubuntu experience. I hope this situation improves with time. On Fedora 17, users are upgraded to LibreOffice version 3.5.7, but Ubuntu 12.04.1 users are stuck at LibreOffice 3.5.4. Just my 2 cents.

Revision history for this message
Aleve Sicofante (sicofante) wrote :

LibreOffice is stuck on version 3.6.02 (using the LibreOffice PPA) for 12.04.1. Version 4.0 is around the corner, full of bug fixes and much needed features. No one willing to stick to the LTS stable release will be able to use it.

The LibreOffice PPA maintainers say the new LibreOffice is being adapted to Ubuntu using the latest Unity versions which are not available for 12.04.1, (that's how LibreOffice gained proper global menu support in 12.10, for instance) so according to that information, 3.6.02 is the latest LibreOffice version a FIVE YEAR SUPPORT version will ever be able to run (since Unity is not expected to be updated for 12.04 on any point releases). You can't be seriously proposing this to any desktop user.

I just can't put Ubuntu on my customers office's desks and make a full deploy every six months. I was almost decided to move a 20 seats lawyer's office to Ubuntu, then I had to stop when I discovered that not even the PPA would allow me to update LibreOffice for them (which, as you can assume, is the most important app in an office). Sure, if my customers accepted me to re-deploy every six months I'd become rich very soon, but for that very reason (cost), none of them would make the deal, forcing me back to Windows for everyone. In other words: Ubuntu's application updates policy is forcing businesses (and many home users) to stay on Windows!!! That's crazy.

I would suggest you start thinking of keeping deb package management ONLY for system software and move to some self-contained packages, like OS X bundles or Gobolinux recipes, for applications. Check Guix too, for what promises it holds. Or whatever other solution you see fit. What's pretty obvious is that the current model is out of the question for anyone but Ubuntu hobbyists and fans. I'm myself considering going back to Windows until this is addressed and of course I can't offer Ubuntu to my customers when I won't be using it myself. (I try to use the same OS I sell to my customers; otherwise I'll be unable to see the issues for myself and find a fix even before they experience them.)

Honestly: a better performing and featured Unity, the HUD, a better icon design, running on tablets and TVs, etc., etc., etc. all of that is great stuff. But when the user, after six months of use, realizes s/he can't run the latest version of their favorite app, you're screwed. S/he'll be back to Windows in the time it takes to install it (or call me to do it for them). Then they'll let everybody know that Ubuntu is great but has this showstopper bug that won't allow you to install any version of an app but the one provided with the disk or the repositories, which remain static (that's how people will perceive it, no matter what technical reasons explain how all this works. Nobody cares about the meaning of "shared libraries" on home/office desktop computers and PPAs aren't even a solution for simple users who will only see what's available on the Software Center).

Looking at the pace at which this bug evolves, I don't think you realize how serious this is. I hope my words help you realize that this is probably the true bug #1 in Ubuntu, and that it needs urgent attention.

Revision history for this message
Marius B. Kotsbak (mariusko) wrote :

@Aleve, when you see a newer version of Libreoffice in a newer release (e.g. Quantal/Raring) that you want, please run the command "requestbackport" from package "ubuntu-dev-tools". See https://wiki.ubuntu.com/UbuntuBackports#Requesting_a_Backport

Then, in theory at least, the new versions should be able in backports for the LTS, given that it is either easy to backport or that someone does the manual work of making it build and install properly.

Revision history for this message
Gao Shichao (xgdgsc) wrote :

@Marius Kotsbak (mariusko)
The backport team seems never get sufficient members working on backports and it hardly will in the future. The backport volunteers are never the right people to package applications for the operating system. Ubuntu should really consider motivating software developers to package for LTS versions themselves , maybe by providing them with the right and easy to use packaging tools just like Google provided with Android SDK(an IDE plugin).

What @sicofante suggested is really a good point is "start thinking of keeping deb package management ONLY for system software and move to some self-contained packages, like OS X bundles or Gobolinux recipes, for applications". This is the only sane approach that will lead to a vast success of Ubuntu on the desktop. So only core Unity modules should be maintained and released ONLY AFTER sufficient TESTING, the disaster of 11.04 till now with the developing version of Compiz should never happen again. Other applications should only be packaged by the developers themselves with easy tools available for them. Then the Ubuntu dev team could focus on the quality of desktop stability,usability and hardware support. I think two years is sufficient for sorting out most bugs before a core Unity update, 6 months is never enough, so I think releases between LTS should be cancelled or only be marked as BETA and not recommended to users. Software developers thus have to only support LTS releases.

If this bug is resolved, the bug#1 will gain much more possibility to be resolved. Dear Ubuntu devs , time to stop endless package-crash-fix-package cycle and start building a paradise for Application Developers , you just need to provide the stage (a nice framework ) and let the developers dance. On the stage, devs who do endless package-crash-fix-package cycle will finally be abandoned by users and those who do endless package-package_with_new_nice_stable_features_while_compatible_with_old_good_staff cycle will finally win. Their victory is Ubuntu 's victory.

The slow pace of Ubuntu Software Center (both with its evolving speed and usability, both on the desktop and on submission and adopting process) really sucks ! It only is a bit acceptable now with my new SSD. And I don't really remember any significant change since 9.10, what I do remember is almost everytime the layout of USC changes a bit but the slow speed never change.

But what I'm worried is that just like the backport manpower lacks, the company that supports Ubuntu lacks sufficient dedicated developers to design and implement a really well-polished Ubuntu Software Center and lacks resources to reduce application submission-verify-available time. And community members will hardly ever agree on one approach and make some real progress with it. Both will render this issue unresolved forever.

Revision history for this message
Marius B. Kotsbak (mariusko) wrote :

Actually anyone can do the backport, and if it is tested, I guess the chance of it getting into the backports higher. There is a command to do it automatically (in package "ubuntu-dev-tools"), and in many cases just a rebuild is sufficient:

http://manpages.ubuntu.com/manpages/oneiric/man1/backportpackage.1.html

It will upload the built packages to a PPA. I just tried backporting "onboard" from Raring to Quantal, which just required a rebuild (the binary package did not install directly because of wrong python version), before I discovered that it actually was available in a PPA.

Else I agree with you. MS Windows as a comparison hardly changes much more often than every 3-5 years and is thus a more stable target for third party software.

Revision history for this message
John Mills (jmills59) wrote :
Download full text (7.1 KiB)

I just wanted to add these comments from OMG Ubuntu to this thread as I really think this shows the degree of frustration that exists around this bug. The subscribers to this bug repport would obviously like to see a resolution as this both benefits us and Canonical. How can we now escalate this to Mark Shuttleworth directly or the desktop team to really look and understand what this means for Ubuntu adoption long term. This bug report was opened two and a half years ago and is rated as critical, when will we see something finally get done or do we just have to live with this broken update process indefinitely?

http://www.omgubuntu.co.uk/2012/12/vlc-2-0-5-released-ready-for-ubuntu#disqus_thread

James Harking • 5 days ago
Where is the Ubuntu 12.04 support? Surely effort should be made to support the so called 'advocated' release of Ubuntu, you know like Valve are doing with Steam.
11 •Edit•Reply•Share ›

Brandon Watkins James Harking • 4 days ago
I just noticed this: https://launchpad.net/~n-muenc...

For some reason he's got two ppa's, one with quantal/precise/oneric packages and one with oneric/precise packages for some reason only this one seems to have 2.0.5 for precise, even though both ppa's have precise packages.
1 •Reply•Share ›

Joey-Elijah Sneddon Moderator James Harking • 5 days ago
You'd have to ask the packagers who package VLC about that.

If you're on an LTS I suspect you value tried and tested stability over 'assumed stability' of a newer release, in which case sticking with the Ubuntu version is the smart thing to do.
6 1 •Reply•Share ›

Sicofante Joey-Elijah Sneddon • 4 days ago
I stay on an LTS because I value _system stability_, not applications being ancient AND I don't want to upgrade all of the systems I administer (which are a big bunch) every six months.

It's about time we separate the concepts of desktop stability and server stability. A server may happilly live with 2 year old applications. A desktop, hardly. Especially a home oriented desktop like Ubuntu.

I know I sound like a broken record, but someone at Canonical needs to urgently address the decoupling of system updates and application updates. You just can't compete with OS X or Windows and maintain the current situation.
17 •Reply•Share ›

Brandon Watkins Sicofante • 4 days ago
ppa's aren't perfect, but they do the job fine for me. IMO they are what makes ubuntu infinitely more usable than other distros, and are the only reason I can stand sticking with an LTS release. I too am sticking with 12.04 LTS, because I've found gnome 3.6 to be by far the buggiest gnome release I've ever used, especially gnome-shell which has a giant infinately reproducible memory leak /rant. But I've been able to find good ppa's for everything that I want updated in 12.04.

Don't get me wrong I do agree with you, I think this is a problem that needs to be addressed, but at least ubuntu has a good stop-gap solution with ppa's, its a much worse situation in a lot of other distros.

Its worth mentioning that its not as easy as you might think to "decouple" system updates from application updates, due to the way package management works. Linux heavily uses shared libraries, ...

Read more...

Revision history for this message
Matthew Paul Thomas (mpt) wrote :

(John Mills, I appreciate your enthusiasm, but that comment does not help anyone work on this bug -- it is pure noise. Please restrict comments to information that helps solve the problem, and resist the urge to reply to this comment. Thanks.)

Revision history for this message
Mandrit Hoffmann (mandrithoff) wrote :

I'm also confident that Ubuntu and MPT are aware of the seriousness of this problem ("UDS N Monday plenary: Getting great applications on Ubuntu" http://www.youtube.com/watch?v=GT5fUcMUfYg ).

While the lack of separation between system and application parts was noticed as problem several times and years before:
Benjamin Smedberg (Mozilla) "Is Ubuntu an Operating System?" http://benjamin.smedbergs.us/blog/2006-10-04/is-ubuntu-an-operating-system/
Tony Mobily (Free Software Magazine) "2009: software installation in GNU/Linux is still broken -- and a path to fixing it" http://www.freesoftwaremagazine.com/articles/2009_software_installation_linux_broken_and_path_fixing_it
Ingo Molnár (RedHat) "Technology: What ails the Linux desktop? " https://plus.google.com/109922199462633401279/posts/HgdeFDfRzNe
, it can be still fixed. :)

And I would argue that Ubuntu is among all the linux distributions the only one capable, user-focussed and undogmatic enough for doing so. Ubuntu has proved that they are not too afraid to take serious (and sometimes painful) steps to fix long standing architectural problems in the linux world. While shifting long existing mechanisms and habits might be the hardest part, at least several technologies and implementations are already available, just pick one or more (Zeroinstall, Gobolinux, portable linux apps, autopackage, FatELF, nix package manager and many more).

So, please Ubuntu, fix this problem by a consequent step towards a "platform and independent software provider" architecture, I count on you! :)

Revision history for this message
John Mills (jmills59) wrote :

Further to this discussion above regarding separating Application / User land applications from core Ubuntu components I would like to draw the maintainer of this bug report and colleagues tasked with working on it to solution Bodhi Linux currently uses.

http://www.bodhilinux.com/about_bodhi.php

Release Cycle
Evolution of Bodhi

Bodhi Linux is a "semi-rolling" release. This means that we follow the Ubuntu LTS release cycle for the core of our distribution, but in between these major release we backport software to our users so all of their software stays current. This means to stay with the latest release of Bodhi you only need to reinstall your system every two years, while still having current versions of your favorite applications. Bodhi releases are supported/get security updates for as long as the LTS base is supported by Ubuntu, which is five years.

Clearly Bodhi Linux is able to maintain compatibility with an Ubuntu LTS release but provide updated applications to the users of this application. Is it at all possible to take these updated packages from Bodhi and make them available as a possible upgrade path for Ubuntu 12.04 LTS? Perhaps someone at Canonical could test this idea?

The contact details for the developers of this distro can be found at the below URL :

http://www.bodhilinux.com/about_team.php

It would appear that the packager to speak with is :

Rbt "ylee" Wiley (mail address is linked from the URL above)

I hope this shows that an LTS release can have a 5 year support model and have up to date applications. With Fedora likely moving to this model and SuSE offering their tumbleweed repository isn't this an option that Canonical should at least consider?

http://en.opensuse.org/Portal:Tumbleweed

@ MPT : Is there any progress that you would be allowed to 'share' with us here regarding the progress of this bug? Or is there an avenue where those with an interest can help out with this?

Regards,

John

Revision history for this message
manny (estelar57) wrote :

well good news that they might ditch the point releases for a rolling or semi-rolling model:

http://www.phoronix.com/scan.php?page=news_item&px=MTI4MjE

sounds very much like they could do it like chakra does: http://chakra-linux.org/wiki/index.php/Half-Rolling_Release_Model

or post prior to this one.

Revision history for this message
probono (probono) wrote :

Please have a look at AppImageKit, which allows to package applications for multiple distributions following the "1 app = 1 file" philosophy. Since it needs no support from the distribution, it can run already today on Fedora, Ubuntu and the likes. There are some example (32-bit) AppImages at portablelinuxapps.org in case you want to try.

Changed in software-center (Ubuntu):
assignee: Matthew Paul Thomas (mpt) → Nick Thiemann (thiemann-nick)
Changed in software-center (Ubuntu):
assignee: Nick Thiemann (thiemann-nick) → Matthew Paul Thomas (mpt)
Revision history for this message
dobey (dobey) wrote :

This has nothing to do with software-center itself. The only way you are going to make this better is to get the upstreams to do the requisite packaging work and make the packages available as updates through software-center by publishing them via the web site for managing one's applications published to Ubuntu. It is "easier" to upgrade individual applications on those proprietary OSes, because the developers are taking the time to publish those packages through the Apple store, or Google Play, or similar means.

The developers who put together the Ubuntu release every 6 months understand the frustrations with this, but bug reports are not a channel for dumping complaints. If there are specific applications that fall into this category of not being up to date enough on the version of Ubuntu you are using, as shipped in that version of Ubuntu, then you should ask the developers of those applications to help by doing the packaging work to get the app published through the Software Center; in the same way that they are doing that work to publish their apps in the Apple store.

affects: software-center (Ubuntu) → ubuntu
Changed in ubuntu:
assignee: Matthew Paul Thomas (mpt) → nobody
status: In Progress → Opinion
Revision history for this message
Lee (qq510371827) wrote :

I can't agree more!!!
As Mark said on his blog,

 [quote]Separating platform from apps would enhance agility.

Currently, we make one giant release of the platform and ALL APPS. That means an enormous amount of interdependence, and an enormous bottleneck that depends largely on a single community to line everything up at once. If we narrowed the scope of the platform, we would raise the quality of the platform. Quite possibly, we could place the responsibility for apps on the developers that love them, giving users access to newer versions of those apps if (and only if) the development communities behind them want to do that and believe it is supportable.[/ quote]

THANK YOU guys, this is just what our regular users mostly wanted,'rock solid core system with latest(or arbitrary version of software decided by users themselves) userspace software'.PLZ do it.

Revision history for this message
Andrew Smith (asmith16) wrote :

I am the developer of Asunder (an application), and a frustrated user pointed me to this bug. The issues discussed in this bug very much apply to me. I've been carefully going through the various options described in this bug, this one especially looks promising though it's not entirely clear to me how it works currently (or whether it does at all):

https://wiki.ubuntu.com/AppDevUploadProcess

I just wanted to point out that this:

"The only way you are going to make this better is to get the upstreams to do the requisite packaging work and make the packages available as updates through software-center by publishing them via the web site for managing one's applications published to Ubuntu."

is unfortunately unrealistic. When I just started my project I spent a lot of effort building it and some effort promoting it, but never did I seriously consider getting into packaging - it's simply too much work, that needs to be repeated too often for too many different systems. Practically every linux distro has its own packaging standards and/or repositories.

Now I barely have enough time to fix critical bugs, and I feel like I did my good deed for the week just because I took the time to go through this bug :) I'm definitely not going to get into packaging my software, I thankfully rely on other volunteers to do that.

So even though it's tempting to think that the app developers should do this - belive me that's not going to happen on a large scale unless Ubuntu has over 90% of the linux market (which is unlikely to happen in the near future).

Revision history for this message
Dan (daniel-scharon) wrote :

this should be addressed by Snappy: https://developer.ubuntu.com/en/snappy/

Revision history for this message
Martin Dünkelmann (nc-duenkekl3-deactivatedaccount) wrote :

2020 and still a thing, which let me move to Manjaro instead of maintaining PPA's/repositories and requesting LTS backport requests on launchpad.

Btw.
Snap and flatpack are security nightmares like the windows DLL hell.
With these developers can rely on old, buggy, security violated 3rd party libraries, because why should they update them and invest time to change their code for them?
The software will continue to work out of the box with their integrated 3rd party libraries.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.