The proper way to update Tumbleweed

By Jonathan Corbet
March 22, 2017

Rolling distributions offer a significant advantage over their release-based brethren. By incorporating new packages as they become available, a rolling distribution can always offer current software while avoiding large, potentially traumatic upgrades. On the other hand, they subject the user to many small, potentially traumatic upgrades. One particular form of pain can come about when significant updates force changes in the set of installed packages. Recent discussions around the proper way to keep openSUSE Tumbleweed current illustrate that a certain amount of confusion exists around rolling-release updates.

Recently, a Tumbleweed user posted that "all hell broke loose" after updating a Tumbleweed system with "zypper dup". That led to a somewhat incredulous response:

What, on Tumbleweed?

Why did you not use "zypper dup --no-allow-vendor-change"?

A Tumbleweed user might be forgiven for not knowing that they should use that particular command; documentation on the subject is scarce, and questions on the topic abound. Understanding this response requires a brief digression into how openSUSE systems are managed.

The zypper command, which does package management on openSUSE systems, has two commands that can be used to update a system to current software: update (or "up") and dist-upgrade (or "dup"). The former will update existing packages in place but avoids making changes to the set of installed packages or the repositories those packages come from. The latter, instead, will try to track the current state of the distribution by adding or removing packages as needed.

Debian users will note the similarity with the apt-get upgrade and dist-upgrade commands. There, too, users often seem confused about the difference between the two, and it is not uncommon to see advice to the effect that dist-upgrade should be avoided. Trying to maintain a system on Debian testing, which is essentially a rolling distribution, without dist-upgrade tends to lead to updating difficulties over the long run, though.

With regard to zypper, users reading the man page for information about the --no-allow-vendor-change option will find it in a section marked: "Expert Options: Don’t use them unless you know you need them". Said user could probably be excused for shying away from this option, especially since the man page is not particularly detailed in its description of what it does. It is probably fair to say that most openSUSE users don't think of themselves as dealing with "vendors", among other things.

Those users are often accustomed to using unofficial repositories on their systems, though; the set of packages offered by Tumbleweed, while reasonably large, is smaller than those offered by, say, Debian or Fedora, but openSUSE makes it easy for anybody to set up their own repositories in the Open Build System. Hooking into a few of those repositories is often the only way to get all of the desired software installed without undergoing the indignity of building from source.

Use of these repositories can lead to trouble when using zypper dist-upgrade, though. The normal behavior of dist-upgrade is to search every configured repository for the newest version of each package in the system. That can cause a version of a package from one repository to be replaced by another version from a different repository; this change of source repository is the "vendor change" referred to. If a user added an unofficial repository to get one specific package, they may find, years later, that other packages from that repository have pushed aside the versions shipped by openSUSE — versions that the user might rather have kept.

There are two ways to avoid this sort of repository change. One is to use zypper update, which will not make those changes. But, as Richard Brown explained, this approach is not without its disadvantages:

zypper up is a partial solution, as it doesn't allow packages to change their repos (aka vendor change), but has its own flaws, as it is often too conservative and doesn't tidy up after itself. This can lead to old packages lying around after they've been dropped from TW or your OBS repos, leading to weird dependency chains of old packages lurking around when you should have actually upgraded them all.

That is why the consensus recommendation for Tumbleweed is to use dist-upgrade with the --no-allow-vendor-change option, regardless of whether one is an expert or not.

Of course, using dist-upgrade has its own challenges, in that it can cause significant changes to the system beyond the in-place updating of packages. But experience shows that this is a necessary evil that comes with tracking a rolling distribution. And, face it, it's also part of the fun and the thrill that comes with running such distributions. The result might be an occasional surprise, but the best thing to do is to just roll with it.

The proper way to update Tumbleweed

Posted Mar 23, 2017 1:03 UTC (Thu) by voltagex (guest, #86296) [Link] (6 responses)

Two problems here. One, pulling the rug out from under the user (https://en.wikipedia.org/wiki/Principle_of_least_astonish...). Two, lack of documentation on the "proper" way to do updates.

The proper way to update Tumbleweed

Posted Mar 25, 2017 18:15 UTC (Sat) by gerdesj (subscriber, #5446) [Link] (4 responses)

"Two problems here. One, pulling the rug out from under the user (https://en.wikipedia.org/wiki/Principle_of_least_astonish...). Two, lack of documentation on the "proper" way to do updates."

Tumbleweed is far from alone here. At least with Gentoo all emerge options have an implied "here be dragons" clause associated with them and fixing breakage that would reduce most other distros to instant collapse is the norm. Arch's pacman can leave you in a bit of a state if you don't keep on top of updates but to be fair that is not pacman's fault but the sheer pace of change.

Gentoo and Arch I can understand needing a bit of caution but zypper up|dup or apt upgrade|dist-upgrade int al are not particularly helpful to most end users. I believe that most people expect that issuing some form of "update my system" command should do exactly that and not want to know about the finer points of package management.

In this particular case where you have to use a long double-hyphened modifier switch for a happy outcome seems a bit too close to a rite of passage. Documenting the switch as "this has sharp edges" is a nice twist.

Cheers
Jon

The proper way to update Tumbleweed

Posted Mar 30, 2017 8:34 UTC (Thu) by Wol (subscriber, #4433) [Link] (3 responses)

What (imho) they should do is simply point out the difference! As in "zypper update is conservative, zypper dist-upgrade is aggressive". And tell users that as a general rule they should use update like a minor service on a car, but every now and then they need dist-upgrade as a major service to keep things running nicely. And like all major services, it comes with the potential for nasty headaches, but is needed to keep things running smoothly in the long run.

And as a gentoo user, I haven't yet upgraded to kde5 on my main system. I am, however, expecting major headaches when I do :-) It would be nice, though, if I had more control over when I hit such headaches rather than often being surprised by them :-(

Cheers,
Wol

The proper way to update Tumbleweed

Posted Mar 30, 2017 8:50 UTC (Thu) by gerdesj (subscriber, #5446) [Link] (2 responses)

"And as a gentoo user, I haven't yet upgraded to kde5 on my main system".

It's quite easy but does take a little time - from memory a little less than app-office/libreoffice!

The proper way to update Tumbleweed

Posted Mar 30, 2017 16:01 UTC (Thu) by Wol (subscriber, #4433) [Link] (1 responses)

Except I think my main system has a slight problem with the hardware ... gcc has this nasty habit of falling over :-(

I think it's power and data cables too close to each other or something like that, but when it happens it seems to happen in the same place every time ... so I build binaries on another system and cross-install.

Cheers,
Wol

The proper way to update Tumbleweed

Posted Apr 6, 2017 0:26 UTC (Thu) by nix (subscriber, #2304) [Link]

A crash in the same place every time sounds much more like a bug than hardware problems. (Modern GCC will reinvoke itself on segfaults and notify you of a probable hardware problem if a crash happens once and then goes away the second time.)

The proper way to update Tumbleweed

Posted Mar 30, 2017 15:52 UTC (Thu) by sysrich (subscriber, #103315) [Link]

> lack of documentation on the "proper" way to do updates.

I agree, and as part of the openSUSE Project I feel responsible for that and want to apologise for anyone who agrees with you

and, I would have documented it by now, but I have been rushed off my feet this week

I intend to put the 'correct way to do updates' in the documentation at the wiki

https://en.opensuse.org/Portal:Tumbleweed

If anyone beats me to it..it's a wiki, I will greatly appreciate the contribution :)

The proper way to update Tumbleweed

Posted Mar 23, 2017 10:13 UTC (Thu) by tlamp (subscriber, #108540) [Link]

Thanks for this article, I have a Laptop where I use Tumbleweed as I like to not have the exact same version on all machines (makes me too incompatible with everything else) and like rolling release Distros.

And until today I always updated with `zypper ref && zypper up` as `zypper dup` told me it wants to do stuff which surely wasn't holy anymore.
I always thought a miss-configured repo or something similar caused this, and as it seemed to work with `zypper up` and it is a not often used machine anyway I did not bother to look something up (not even looked in the man page, I must admit).

So thanks for lifting this riddle for me! :)

The proper way to update Tumbleweed

Posted Apr 5, 2017 0:02 UTC (Wed) by subalpine_fir (guest, #114958) [Link]

Great article. I found the part at the end about "zypper up" not tidying up after itself interesting. I'm a fairly new user of Linux and will use this new bit of knowledge across all of my Tumbleweed machines.

The proper way to update Tumbleweed

Posted Jun 25, 2019 22:26 UTC (Tue) by timrichardson (subscriber, #72836) [Link] (1 responses)

In case like me Googles takes you to this old post,
sudo zypper dup
now defaults to --no-allow-vendor-change

The proper way to update Tumbleweed

Posted Oct 25, 2021 14:14 UTC (Mon) by pilky (guest, #154960) [Link]

Woah, THANK YOU for pointing this out!

I decided to investigate, so I looked at /etc/zypp/zypp.conf, which is the "libzypp" backend used by Zypper, YaST and PackageKit.

You are correct. The defaults are to refuse vendor changes when "dup" (which is also what PackageKit uses when doing a "OS Update"), and to refuse vendor changes when installing individual packages. This is fantastic! No need to think about anything manually and no need to fear any tools. All package installation tools behave properly thanks to this being a global config!

##
## EXPERTS ONLY: TUNE DISTRIBUTION UPGRADE (DUP)
## Set whether to allow changing the packages vendor upon DUP. If you
## are following a continuous distribution like Tumbleweed or Factory
## where you use 'zypper dup --no-allow-vendor-change' quite frequently,
## you may indeed benefit from disabling the VendorChange. Packages from
## OBS repos will then be kept rather than being overwritten by Tumbleweeds
## version.
##
## Valid values:  boolean
## Default value: true
##
solver.dupAllowVendorChange = false

##
## EXPERTS ONLY: Per default the solver will not replace packages of
## different vendors, unless you explicitly ask to do so. Setting this
## option to TRUE will disable this vendor check (unless the application
## explicitly re-enables it). Packages will then be considered based on
## repository priority and version only. This may easily damage your system.
##
## Valid values:  boolean
## Default value: false
##
# solver.allowVendorChange = false