0

Before I get flamed..

I don't want to ignore important security updates or updates for any programs that could be security risks or compromised.

Just programs I use for note taking or music production or what-have-you. Offline programs that don't do any networking, upload or download anything, or connect to anything or receive connections, that I have set up in a very particular way and are working just as I need them to and don't want banjanxed by an update.

And I would like to only see the "Update Available" notification when important things are available like Kubuntu patches or Firefox updates or important things that I absolutely do want. This may include non-critical updates for other programs so I'd prefer not to reduce my notification status to critical security updates only. Just trying to ignore a very small few selectively.

Currently it is always showing and I keep checking it periodically only to see it's updates for offline programs that I don't want messed with.

Thanks for any help in advance

Fatty Wompus
  • 1
  • 1
    Almost all upgrades are security related. Ubuntu (and flavor generally stays with the same packages (programs) for the life of the product, which is the reason for non-LTS releases (so those who want upgraded [later] versions of programs have a means to get them). Outside of some major bug fixes, security patches make up almost all upgraded packages. Next time you get an update, look at the changelog online and confirm this if you wish... (fyi: because a security fix is made to a library; any program that uses that library may also need to be upgraded so it'll continue to run) – guiverc Nov 21 '20 at 10:45
  • So what you're saying is any program updates I see in Kubuntu LTS should be almost exclusively security or stability type updates and not the UI or functionality changes I'm worried about? And I get what you're saying about the shared libraries, that's kind of unfortunate. I guess the smart thing to do would be to find portable versions or snaps of the programs I get tired of reconfiguring over and over and loosing features and customization options. – Fatty Wompus Nov 21 '20 at 11:32
  • Possibly useful: https://askubuntu.com/questions/151283/why-dont-the-ubuntu-repositories-have-the-latest-versions-of-software It's a fair amount of extra work to get thru the SRU (stable release update) process, so most changes occur in the development cycle where SRU isn't required; ie. I get loads of changes with my using the hirsute release, as it's the current development cycle; once a release is released (and stable) very few upgrades occur except important ones impacting many users [ie. server/critical/..] or security – guiverc Nov 21 '20 at 11:34

2 Answers2

0

After a release (like 20.04 or 20.10), Ubuntu rarely updates software. If Ubuntu is released with Foo 1.3, it will continue to use that version for the life of the release. Future releases will have newer versions. This means that you won't get random changes for six months until the next release of Ubuntu...or five years for the life of an LTS release of Ubuntu.

  • Maintainting your workflow (not changing the user interface) is one of the original goals of LTS releases.

Deb package updates in the -security pocket of the Ubuntu repositories are, of course, security-related. These are almost never new releases -- the Ubuntu security team deliberately tries to patch the vulnerability and nothing else.

  • If you don't install these, Unattended Upgrades will install them for you.
  • There are a few exceptions: For example, all releases of Ubuntu get the latest upstream releases of web browsers via the -security pocket.

Deb package updates in the -updates pocket of the Ubuntu repositories are critical (crash or data-loss) bugfixes that are not security issues. Minor bugfixes go into the next release of Ubuntu.

  • If you don't install these, Unattended Upgrades won't install them for you.

Snap packages are designed to update without asking you. The updates can happen at any time, including to new releases. While this is a desired feature for many users, this kind of random-update seems the opposite of what you want. For a stable, unchanging workflow, avoid snaps that are under heavy development or update frequently.

However, stable and well-maintained Snaps have some features that you may find attractive. They avoid the LTS-to-LTS migration cliff. Snaps have clearly defined interfaces that don't change. Snap sandboxing may help keep your system stable by isolating flakier applications. Many Snaps are built and tested by the upstream developers directly.

user535733
  • 62,253
  • Thanks for the info, but it doesn't answer the question of how to disable the ' "Update Available" notifications'. See my answer below. The OP specified it is and LTS version, but the notifications consistently alert the user. Maybe someone can clarify why an LTS version would even be have updates beside critical/security related. Perhaps 'archive' in the repo url indicates it is LTS, but it looks designed for more updates: ##Major bug fix updates produced after the final release of the distribution..deb http://us.archive.ubuntu.com/ubuntu/ focal-updates main restricted. – alchemy Oct 26 '21 at 17:38
  • It's an oblique answer simply because the OP can't clearly define to us which upgrades they want to be notified about. So there is no solid answer without telepathy. In such cases, all we can do is explain in the hopes that the user will learn enough to define their problem more clearly. – user535733 Oct 26 '21 at 18:26
0

I figured it out.. just turn off all but the 'security' labeled repos in Discover>Settings.

This will also comment them off in /etc/apt/sources.list. In my mind that is okay, an LTS version shouldn't be updating except for critical patches.

If a software install requires a package update (again should be unnecessary on LTS), a user can turn these back on and update, perhaps after backing up the working OS. I have had Linux OSes break after updates, hence my opting for LTS. And this finally solves one of the major stability issues with Linux. I can choose whether or not to install the security updates, but I suspect these are not the packages causing previous problems.

Edit: If the OP wants to disable update notifications per application, it looks like there is a way to block packages from updating using Apt: apt hold 'package-name' (or unhold). Or changing the Pin-Priority from 1 to 0 in /etc/apt/preferences. https://www.tecmint.com/disable-lock-blacklist-package-updates-ubuntu-debian-apt/

Edit2: Unselecting in Discover or commenting out repos in /etc/apt/sources.list has the side-effect of blocking installs and searches from apt for corresponding packages. It did stop notifications for non-security updates. But it looks like there is a specific repo called 'updates' which may stop them without blocking apt from finding packages.

alchemy
  • 762
  • Well, the OP specifically said "I'd prefer not to reduce my notification status to critical security updates only" – user535733 Oct 26 '21 at 18:24
  • @user535733 I think they are saying they dont want the notifications, but they want to see what is available in the 'notification status'. It's a reasonable request, one which the Discover devs should listen to, but dont think its possible aside from toggling them back on and running 'check updates' or 'apt update' as I suggested. Rereading yet again, it seems they want to disable update notifications per application. I'll add an idea to this answer. – alchemy Oct 26 '21 at 19:30