Error on auto update

Zitat von mi-hol

why did Linus Torvald bother to integrate atomic Live Patching in the 5.1 kernel?

Live patching has been around longer than that. But since you ask, that is meant for critical systems that can't afford the downtime (think healthcare). It is also something setup and maintained by experienced Linux admins. Why do you think it is not enabled by default on any Linux distro? And unfortunately, it isn't as good as it sounds. Most of the speculative execution patches still require reboots. And while RedHat and Canonical offer decent support (not really free, five systems for Canonical if you have a home account) for this, you don't get that with Debian.

Zitat von mi-hol

technically achievable?

Nope. Did you read my comment about still having to reboot to protect against speculative execution? There is no such thing as a NAS with no additional maintenance effort. You can only have that if you pay someone else to do the maintenance.

Can you buy a car that requires no maintenance? I don't understand why someone would buy an OMV box and expect to do no maintenance. I would likely not have a job if computers could run without maintenance.

Zitat von mi-hol

well KernelCare doesn#t share this view https://blog.kernelcare.com/ke…d-spectre-without-reboots

I'm glad you research little items I mention as exampes instead of the whole picture. Never heard of kernelcare. Not free from the link and not sure I would trust it. And that is only two of the issues that might require kernel reboots. There have been more. Good luck getting this working on an sbc.

Zitat von mi-hol

I know, but there are no longer technical limitations that would prevent such a NAS to be build.

Marketing terms this a "killer" feature. We are talking about a "game changer".

Marketing is a bunch of shit. You need hardware that can do this. I've worked with servers with "self healing" ram and a million other high availability features. What you are dreaming of doesn't happen on an OMV budget.

Zitat von mi-hol

this IT paradigm is about to become obsolete. I worked for companies that are very close already.

Sure. And cars that fly are right around the corner. I have worked with computers for 40+ years. I am impressed by how far they have come but they are nowhere near self-maintenance. You must have worked in the PR department because even fully automated plants need people to maintain the automation. And since I spend a lot of time automating things, I'm not too worried.

Zitat von mi-hol

many new & unrelated topics have been brought up but the basic "what if" question in #22 is still open

Unrelated topics have been brought up because you ignore my answers. I answered the #22 question. If you choose to ignore my answer then I am done here.

Zitat von mi-hol

I've seen LivePatching working and avoiding reboots since 3 years for large scale ORACLE database servers

Good grief man. Now you're being obtuse. We're talking about "home admin's" who may not understand basic concepts like file and folder permissions. Their use of OMV may be their first exposure to Linux. This has already been explained, previously, in so many words.

LivePatching is OBVIOUSLY done by EXPERIENCED Linux admins. The clue there is "large scale ORACLE database servers". LivePatching is NOT something that is trusted to novices, with very little or no experience, or something to be attempted on autopilot. Here is a LivePatching -> tutorial for Developers. (Note that a Developer is NOT a novice.)

_____________________________________________________________

Going against my own better judgement:

Zitat von mi-hol

The comparison with cars and NAS is invalid

And so is your comparison between large ORACLE database servers, that are managed by professionals, and a NAS package intended for home and small business use, being managed by novices and PC enthusiasts. There's NO comparison in that scenario. Further, your proclivity toward "selective reading", in this thread, is accomplishing nothing. If you chose to read selectively, picking out what supports your case while ignoring the remaining context, further communication is pointless.

When it comes to security updates:
A Linux server that is not exposed to the internet has a good security profile. (Meaning no ports are forwarded at the router.) That includes OMV. It is LAN clients AND servers with exposed ports that are a high security risk. Without exposed ports, there are users who are running OMV 2.X servers that are doing fine, because they're running behind a router's firewall.

Here's the bottom line:
With manual updates (security included) if a beginner does an update and something goes wrong during or after the update, they'll know the problem is associated with the update. As things are now, if notifications are not enabled or mis-configured, users may not know that a automated security update occurred. If something goes wrong with the update (this thread has demonstrated that it can happen) it may appear to have happened spontaneously. There won't be an association, just oddball errors or functional issues that will leave a novice scratching their head wondering, "what happened?"

That's when they'll come to the forum looking for support. Since they might not know that the issue came from an update, they won't include that information in the description they give to forum supporters. (And as you noted prior, you'll be no help with that, quote; "Unfortunately no idea.") They may skip the forum altogether and simply dump OMV due to a perceived "instability".

With the support end of it considered, there is no upside to this. That leaves the task of writing something up, telling novice users how to turn this "new feature" off. "That" is going to require getting novice users on the command line. I'll be frank, I'm not happy about that.

With that said, this topic has been belabored with pages of text, yet again, so I'm done here.

Zitat von mi-hol

I've seen LivePatching working and avoiding reboots since 3 years for large scale ORACLE database servers and your view is that reboot are unavoidable.

Do you read anything I type??? I never said live patching doesn't work. The free versions of kernel live patching on Ubuntu need reboots for certain patches. Oracle is a paid product (basically RHEL) with support for live patching that it seems can do that without reboot. Debian does not have this.

Zitat von mi-hol

I'm not saying such a change will be a "piece of cake"

You seem to have no idea what it would take to implement. If it was easy, it would be standard in every distro.

Zitat von mi-hol

could be addressed with a "create support question" script.

Write one.

Zitat von mi-hol

yes I do, but many times it appears to me that what you had in mind to answer has apparently never made it into writing.

What didn't make it into writing? I said Debian doesn't have live kernel patching and you responded that Oracle has it. Who cares if Oracle has it if OMV doesn't run on Oracle.

Zitat von mi-hol

Did you ask yourself, if such an aggressive tone is helpful to have complex, technical conversations that lead to a conclusion at the end?

If you notice, my tone gets more aggressive caused by irritation of you ignoring my comments, your constant insistence on changing things that aren't broken, and/or asking the same question again.