UX/Software Management/SUSE Updater

From openSUSE

General

One of the key advantages of SUSE Linux is its perceived stability and security compared to other systems. To keep a running system stable and secure SUSE Linux needs a integrated update utility. This update utility is part of the new software manager and is available as applet in the applet area of the panel. It should provide three different views on the update process.

• Full automatic mode: This mode downloads and updates the system without requiring interaction. It runs continually as a service deamon and applies patches as they become available in the respective channels. This mode of operation implies that only patches with no impact on computer usage are installed. E.g. a tool for the business desktop, maintained by the system administrator.
• Semi-automatic mode: This mode requires some (but very minimal) interaction by the user, "Easy and fast update with full control...". One may inspect the number of proposed patches and to have a short look onto the amount of MB of downloads. The user can decide to open the detailed view mode where he can deselect patches. In the most cases, the user will only have a short look onto the MB of the download.
  
• Manual mode: In manual mode the user has to start the update utility manually.

Requirements

The update utility's main requirements are:

• Unobtrusive: The utility is unobtrusive and does require only minimal user interaction. In automatic mode, the tool does not show at all.
  Important: In particular, the user is not required to enter the root password at any stage during the update process.
  If the product is used in corporate environments, this solution allows a supervised automated software update for all client installations. The admins can configure different local channels within the environment which host reviewed patches. The IT department can deselect the default channels in client installations. This way, the update utility applies only the patches relevant for the company.
• Different Defaults: Different products have different requirements regarding the default running mode. In all products users can change this setting during installation or in the installed product.
• Safe: When the utility runs without interaction, the default selection has to be safe to apply to a running system. Therefore, it installs only security and recommended patches. The utility does not cover the use case of installing optional software. Users have to use the software manager application for that.

Workflow

The workflow is straightforward. In a default installation, the utility starts as service during boot up and remains hidden. Continually, it checks for available updates in the channels. This background process downloads and installs all safe patches automatically. Optionally, there is a frontend, which, in case of Gnome or KDE, displays a small icon indicating the current status in the applet area. If the system is up to date, the icon shows a green sign. A yellow icon symbolizes a currently active background process (i.e. downloading or installing patches). If the tool is configured to not install patches automatically, the icon shows up as red icon symbolizing pending updates. However, no further action is performed.

Even in automatic mode the update utility has some options that might be changed. These options are available in an options dialog, which is accessible via right mouse click on the systray icon. The options include but are not limited from the situation.

Visibility of the applet icon

Remark: The final appearance of the icon is a task for the icon designer.

• Windows shows a buckler with different colors and emblems to response the status.
• Redhat is using a colored dot (e.g. blue with white checkmark if everything is ok)

We suggest to use a icon design similar to the used one in the SUSE LINUX 9.3 We will have a color scheme and 2 modes of the applet visibility to reflect the current status:

• green dot with checkmark: everything is OK
• yellow dot with spanner: update is working now
• red dot with exclamation mark: action by user is required

Modes

• Mode 1: Applet is always visible -- e.g. SUSE LINUX Professional at home office where the user wants to be informed always.

full-automatic mode:
       green dot 
    -> yellow dot (update is running) 
    -> green dot
semi-automatic mode:
       green dot 
    -> yellow dot (= scann for updates)  
    -> red dot (= updates available - user action required)
    -> yellow dot (= user confirmed download and install updates) 
    -> green dot
manually mode:
       red dot after an installation without online update 
       and switch to 
    -> red dot after one week without update

• Mode 2: Applet is never visible -- e.g. used on a Novell Linux Business Desktop

Applet icon messages and mouse over effects

Please note: The Windows update icon in the applet area only shows the download progress via tool tip during the download of available updates. There is no "reaction" if the user will click onto it. We should avoid such "voicelessness" and provide always a understandable feedback.

The text shown in the feedback messages and in the tool tips needs a final definition list. Here are two suggestions to illustrate the look and feel. The shown design is not final and the current illustration is similar to Windows (many users will be former Windows users). We should add an icon, but we need a standardization here for all messages.

Image:02 info-red.png

Mockup: Applet icon with information message

The applet is running in the semi-automatic mode. The tool will scan for new updates once a day but will not download them automatically. An information is displayed if there are new updates.

Image:03 info-working.png

Mockup: Mouse over effects with tool tip info

The mouse over effect during the run of the update.

An alternative could also be to offer links in the text of the information message.

/-------------------------------------------------------\
| [Icon] There are security and recommened updates  [X] |
|        available. You can                             |
|        - _install immediately_ or                     |
|        - _check the download size and time_ first.    |
\------+   ---------------------------------------------/
       |  /
       | /
       |/

Context menu of the applet icon

Click with the left mouse button

• If the dialog window is not visible, according the setting "condensed vs. expanded view" either the flyout window or the software manager application view will pop up.

Click with the right mouse button

+----------------------------------------+
|Icon| Tile bar of the menu              |
+----------------------------------------+
| Scan Software Repositories for Updates |
| Display Logfile                        |
| Configure                              |
+----------------------------------------+
| Help                                   |
+----------------------------------------+
| Restore Window                         |
| Quit                                   |
+----------------------------------------+

Mockups to illustrate the appearance of the Security Tool during a manual start

It's recommended to keep the system up to date by the automatic mode. In this default case the user will only see some changes in the color of the applet icon and - if necessary a pop up with information and suggestions.

The following illustrations display the manual mode with the following sequence:

• Start via applet context menu or start menu
• Scan software repositories for new updates
• Display number, types and MB of available updates or give feedbak if the system is secure
• Give feedback if the update process is running
• Give feedback after done update with a success message

Image:St it06 desktop-pure-with-menu sh.png

Illustration 1: It is a manual update, the user will start the update via start menu or applet menu.

Image:St it06 searching.png Image:St it06 searching-and-details.png

Illustration 2 and 3: The search for new updates in the software repositories is the first action. User can upfold detailed information if he wants to do so.

Image:St it06 updates-available.png Image:St it06 updates-available-and-hidden.png

Illustration 4 and 5: Message, that security and recommended updates are available.

If hidden updates are active, the system will show this important information in a separate section.

Some words to the concept behind: The goal is, to make it small and simple. The fly out window does not show a list with available updates with checkmarks at a glance. This would not be usable within a system environment with many updates/day or e.g. after installation 50 days after release.

If the user wants to change the selected security fixes that are checked by default he can open the according dialog in the new software manager with one click. There he will see all necessary information in a readable and well formatted list and he can get adequate information about the bug fix or addtional technical details.

Image:St it06 download-download.png Image:St it06 download-install.png

Illustration 6 and 7: The download and the installation process is running.

The mockup above shows a solution with separate download and installation process divided into "Step 1" and "Step 2". This solution could be replaced by a merged download-installation sequence where every rpm will be installed immediately after it's download.

Image:St it06 complete.png

Illustration 8: The download is complete. This is the feedback of the installation process. User has the chance to run the session again.

Menu available in the "Security (Update) Tool"

The discussion about this topic is not finished yet. There are some possibilities:

• No menu bar and no additional dialog element to get extended functionality within the fly out.
• A very minimalistic menu or a few additional links (or buttons) within the interaction area.
• A full menu similar to the menu in the corresponding section of the software manager. BTW: The current concept offers the possiblity to switch between the expanded view (= Software Manager) and small view (= Security Tool). The goal is to provide a consistent menu for both views, but in the tool mode some menu items may be disabled.
• A kind of menu button in the main button area at the bottom at the left side.

Security

The automatic update does not require a root password during normal operation. However, in case there are errors during the process which require interaction such as channel management, the user needs root priviledges to modify the settings. Then, the user will be prompted to enter the root password. Apparently this is not the most elegant way to handle this but seems to be the best compromise given the current situation.

Further Links

SUSE Updater

Current developments of the update workflow can be followed at Updater Applet, where you can find information about the GNOME version and the KDE version.

Other update workflows

For inspiration, review and reference, you can find several reports about how the process of an update(-notification) is handled in other environments. If you have better screenshots and/or more information about the respective processes, feel free to add them!

• Vista Update Evaluation
• MacOS Update Evaluation
• Ubuntu Update Evaluation
• Fedora Update Evaluation