Your submission was sent successfully! Close

Jump to main content

Hold your horses, I mean snaps! New feature lets you stop snap updates, for as long as you need

Igor Ljubuncic

on 15 November 2022

One of the core aspects of the snap ecosystem is the built-in, robust auto-update mechanism. Whenever there is a snap update available in the Snap Store, the snapd service will apply it, keeping your software patched and up to date. Most of the time, this works great. In some scenarios, though, this may not be what the user wants or expects.

For instance, you may not want an application to update while you’re running it and using it. We’ve all witnessed the arguably funny situations where someone’s laptop performs a system update just as they’re about to present to a large audience at a conference. You could be on a metered connection, or your organization has a strict test-before-update policy. While there are workarounds for how to effectively manage snap refreshes, they don’t fully provide the required level of control. A new refresh hold feature, available in the snapd edge channel, now resolves this long-outstanding conundrum.

Refresh hold

The new hold feature allows system administrators and end users to stop or postpone their snap updates for as long as necessary. The hold can be applied to individual snaps or the entire set of installed snaps, for a limited period of time, or – if necessary – indefinitely.

For instance, to pause snap updates for VLC for 3 days, you would run the following command:

snap refresh --hold=72h vlc
General refreshes of "vlc" held until 2022-11-17T12:04:59Z

Similarly, to pause snap refreshes for all snaps for a period of 48 hours:

snap refresh --hold=48h
Auto-refresh of all snaps held until 2022-11-16T12:27:25Z

To stop the automatic refresh completely, and without a timer:

snap refresh --hold
Auto-refresh of all snaps held indefinitely.

The really cool part about the new functionality is that it still allows you to manually run snap refreshes, for either the entire system or specific snaps.

Timing is everything

With the refresh hold active, the end users can now carefully choose when and how to update their snaps. For instance, for those traveling (and presenting at a conference), they may want to disable updates for a few days. If you’re using a snap of a really ancient application (say Mosaic or KompoZer), you may not want to have it updated, as the update may potentially break the software.

On a wider scale, the hold feature allows a tightly controlled integration of snaps within existing system update tooling and configuration management software in businesses and organizations even without the use of a snap proxy. For example, you can use a tool like Puppet or Chef to trigger manual, targeted snap updates in a staggered fashion at very specific timings, but not in between or without rigorous testing. If a particular snap does not use tracks to differentiate major versions, you can use the hold function to make sure nothing goes wrong after a large upgrade.

Summary

The snap refresh hold gives administrators an almost endless range of possibilities on how they can manage their software. They can combine security and compliance policies with carefully timed updates, they can integrate snaps with other tools, stagger updates based on the criticality or complexity of the software involved, and still use frequent auto-updates for remotely managed edge devices where needed. Similarly, desktop users have the freedom and choice to run their applications as they see fit. Most probably, this will be a healthy mix of security and convenience, not at the expense of one another.

Typically, security and functionality are opposing forces. It is quite difficult to provide one without affecting the other. The snap refresh hold should address both, and give everyone the chance to set up their system in a way that provides the highest level of quality and security. We call on early adopters and tinkerers to refresh their snapd from edge and give the hold option a whirl. Please test and let us know what you think via the forum. May the snap be with you.

Photo by NASA on Unsplash.

Newsletter signup

Select topics you're
interested in

In submitting this form, I confirm that I have read and agree to Canonical's Privacy Notice and Privacy Policy.

Related posts

Snaps & better refresh notifications

Automatic updates grant snap users an ability to receive timely patches to their software, both in aspects of security and functionality. This can be rather...

The long ARM of KDE

With over 100 applications available in the Snap Store, KDE is by far the biggest publisher of snaps around. What unifies this impressive portfolio is the...

Behind open DORS – Conference organizers share their thoughts on Canonical, Ubuntu, snaps, and open-source

A Linux conference almost as old as Linux itself. In mid-May, DORS/CLUC hosted its 29th event at the Faculty of Electrical Engineering and Computing in...