So a while back I threw Ubuntu 22 LTS on an old Surface Pro 3 and gave it to my Dad.
He loves it, but he’s the type who’s been burnt by updating software in the past, so he basically refuses any whenever prompted.
Been thinking about throwing Debian with Gnome on it for a while, and wondering if it’s stable enough to just let updates happen automatically in the background?
I got no experience with Debian I basically jumped right on EndeavourOS as my main distro when I started using Linux full time.
I’m a debian-er at heart, as much as I’d praise it (and have, in other thread in this post), there’s one issue that might be relevant. Almost all of this has been with Debian 10 and 11, I think it’s been improved in 12, though, but I’m not sure.
See, I have sister to whom I gave laptop with Debian & Xfce. And created normal (non-admin, non-sudo) users for her as well as both of her kids. Now when they login, NetworkManager will refuse to let them use Wi-fi connection, and require them to choose a different (admin) account and type its password.
Unfortunately although I’ve been seeing this issue for years now, I never had an opportunity to test it properly, since it always seems to happen to non-admin users only. Also I’m not sure if NM can properly manage connections if a non-admin user creates it – will it let other non-admin define the same connection? And I spend 99% time on a desktop (mini-pc) with ETH connection, being sudoer, and no Xfce, so I never get to “enjoy” any of these.
(This is also particularly ironic because I always set up wireguard and tell them “if you have any problem, just call me, I can fix it remotely” – and then literally the only problem they ever have is the one I can NOT fix remotely. 😆 )
Also sometimes after login the system will bug them with “unlocking keychain” dialog which can’t be closed, but that could be just side effect of the NM issue and/or just Xfce thing.
I’ve used Debian for years on my personal machines and have never had this problem. According to Debian’s documentation for NetworkManager, a user account must be in the
netdev
group in order to manage system-wide network connections. The initial user account that the Debian installer creates for you is in this group by default, but maybe the accounts you created for your family members aren’t?I can’t verify it now or any time soon, but you might be right.
Thanks for the pointer!
Speaking of which, Debian users, how safe are distribution upgrades?
I just migrated a bunch of servers to Bookworm.
That was the first time ever I had any issues. There was a dependency loop that kept some packages from finishing installation.
Simply running apt dist-upgrade a second time fixed it.That being said, don’t just point your sources.list to the new version and dist-upgrade. It usually works, but for a production system, always read the guide and follow the steps that are relevant for you:
https://www.debian.org/releases/stable/amd64/release-notes/ch-upgrading.htmlI haven’t had any issues ever on stable.
Automatic updates is what to choose if you want someone else to fix your problems. As long as you don’t run into problems introduced by automatic updates, automatic updates should be fine.
I sympathise with your Dad - everyone’s had updates go bad, and it’s easy to assume the “don’t fix what ain’t broke” mantra. But to do so is being willfully ignorant of basic computer security. And to be fair, Debian-stable is one of the least troublesome things to just let automatically update.
Debian and Ubuntu have the unattended-upgrades package which is designed to take a lot of the sting out of automatic updating. I’d recommend setting that up and you won’t have to touch it again.
There’s also the crontab way - “apt-get update && apt-get upgrade” at frequencies that suit you. (A check for reboot afterwards is a good idea).
I understand having updates go south on you, I do use a rolling release on my own PC, Annnnd Windows 10 before that.
But I’m paranoid about security, increasingly so in recent times. So I at least want him on an updated web browser.
You’re right to be paranoid, it’s unrelenting how many and varied are the ways of those wanting to take advantage. I hope you find a good compromise for your dad.
If you install (well more like unpack) Firefox from the official binary tarball, that will update itself.
For the crontab I think maybe: “apt-get update && apt-get upgrade --assume-yes”
But what about flatpaks?
Since we’re talking Ubuntu, I’d add
“flatpak update” and “snap refresh” to the cron
Good call, thanks, although I just use -y normally.
Not a personal fan of flatpacks - I tend to stick to distro packages, but each to their own.
I think Debian with KDE would be better, at least for the current stable as KDE’s LTS release aligns better with Debian’s. I personally like the feel better, especially coming from Windows.
I am a KDE enjoyer and use it on my own desktop. But Gnome works really well for touchscreen devices and my dad has already gotten used to it so.
Ah okay, GNOME is great for touchscreen indeed. I’m just not so sure if it’s a great match for Debian. I have used Debian with GNOME and I don’t think ot’s great at all.
On the other hand, GNOME on Fedora is awesome!
Yes
Debian stable? It’s probably about as safe as you can get for that. Problems are rare. Bookworm is supposed to get security updates until 2028. If they keep on being as stable as they have been in my experience the only one he’s likely to notice is Firefox updating to a new major version once a year.
I’ve been using almost exclusively Debian for over 15 years now, and experimenting with it (not stable) couple years longer. Last time I had issues booting or upgrading was loooong time ago, but I think I was using sid back then. (Yeah, I was young & restless back then! 🧓 🙃 )
Traditionally, the flipside of this was that the packages were sometimes old. Maybe 10 years ago I would still have reasons to complain about some parts being too old but nowadays I have basically no issues. Especially since most such gaps can be filled with flatpak or AppImage. (I rely on flatpak for Signal, Telegram, Minecraft, and AppImage for NeoVim and several other things.)
(My usage is development under i3+alacritty+nvim, browsing using qutebrowser (running directly from git repo), Firefox and Chromium, sometimes gaming, mostly steam or gog.)
One point, though, In my experience Firefox is updating much more often than “once a year”, which is annoying because it basically goes on a strike every time.
I honestly forgot Debian had a none stable version.
He’s not too picky with web browsers as long as it…well browses the web.
I’ll give it a go and hopefully get 4 years away from being tech support. Thanks!
All distros have a non-stable version.
Some have a stable version, too.
On desktop I usually do manual installation of updates(mostly cos I don’t want to get any important running program restarted), in servers I use automatic updates via cron job as part of the automation process, these two work for me.
Isn’t restarting an important running program more of an issue on servers?
In my case not.
Debian is the first choice if you look for stability and the last choice if you are looking for the latest versions of the software.
That’s what I’ve heard just wanted to see if anyone on here had experience just letting it update in the background.
Debian + Flatpaks has been very reliable to me.
I would second that. I currently use nix besides Flatpaks for development environments but also find it somewhat overcomplicated. Looking forward to give toolbx a try.
You misspelled Slackware.
I’ve been running Debian stable with unattended-upgrades on servers for years and have had no issues whatsoever.
How does it handle it when services or the OS need a restart after an upgrade?
Services are automatically restarted. There is no automatic reboot by default, but that can be enabled if you really want to. Otherwise it’ll keep track of whether a reboot is necessary or not.
It’ll try to restart the affected services after updating, but doesn’t always auto restart everything; sometimes it’ll leave services running if you’d otherwise need to deal with dependencies and such. In that case, it’ll touch a reboot-required file that’ll inform you a reboot is necessary next time you log in.
Scheduling a weekly/daily reboot should take care of that, as well as applying kernel updates.
Beware that Surface computers need a custom kernel for some features to work. It depends on the distro and the features you use, but I’d suggest you see the linux-surface project for more info. As for updates, standard Debian has a stable release model, and is one of the more stable Linux distros in general, so I don’t think he would have issues with any automatic updates. I’d just say that you should try to be on standby for tech support, as Linux has many differences and is naturally a bit more prone to issues than Windows.
I’ve been running Debian stable on my decade-old desktop for about 3 years, and on my ideapad that’s just as old for about 5. During that time I had an update break something only once, and it was the Nvidia driver what did it. A patch was released within a three days.
Debian epitomizes OS transparency for me. Sure, I can still customize the hell out of it and turn it into a frankenix machine, but if I don’t want to, I can be blissfully unaware of how my OS works, and focus only on important computing tasks (like mindlessly scrolling lemmy at 2 am).
Luckily the laptop doesn’t use Nvidia.
Hopefully soon my own desktop won’t either >.>
Debian Stable - yes.
Debian Testing or Sid - 😈
I’ve diverged from Debian for desktop use for a few years now (no particular good reason, just for fun) but I have extended family with about the same affinity to updates as your dad.
I think automatic updates for regular end users are nice nowdays, especially if you don’t customise stuff too much (DEs, wm, things like that). And even if some issues ever occur in return you get a continuously up-to-date and safer system (imho worth it). And its not like not-updating os solves the issues, it just postpones them, potentially snowballs them (and in that case I just reinstall it).
I switched my dad to Tumbleweed like 3 years ago & set weekly automatic updates, literally no issues with it.As for serves, Im all for automatic updates in home environment, since my kinda worst case scenario is rolling back to a previous snapshot.
Maybe I could set backup services on a separate node with delayed updates … but I need more motivation (a clusterfuck) for that.