Amazing project! It's incredibly well engineered, imo.
It's really nice to read the author's blogposts describing how he forces hardware vendors to get their shit together and either use a standardized update mechanism or create a thoroughly tested open source plugin.
I remember the first time I got a Dell laptop and put Ubuntu on it, GNOME Software immediately prompted me to install a firmware update. I was so amazed by this. It really felt like Ubuntu was finally a first-class citizen. I'm still completely sold on Dell because of this experience. Sadly they still don't upload all the firmware for all machines. I have no idea why though..
Some firmware they may only have reduced redistribution rights to. A modern computer is a giant ball of firmware from many different vendors.
Hence things like Linux firmware updaters that just download the windows firmware file (which they have rights to) and extracting the firmware blob (which they know exactly where it is) so they can avoid the question if they can distribute the blob directly.
As a hardware developer lvfs and fwupd is amazing. It has support for all kinds of standard update protocols. So if you build a product and use a standardized update mechanism, it is super easy to get updates on lvfs.
The other thing that is great is the testing and validation groups allows you to setup target groups so you can fully validate your updates internally before staging rollouts.
Also @hughsient is really responsive at fixing issues.
I am using both a professional Dell latitude laptop and a personal thinkpad on Fedora and both receive firmware updates. And I am pretty sure I saw the Dell USB-C docking station receiving updates through this too.
Not sure this applies also to non Latitude/Thinkpad consumer models though but I tend to never recommend them anyway.
I'm not a huge fan of the kind of laptops Dell sells with Linux on them (thin, poorly ventilated ultraportable donglebooks) or super loyal to the Dell brand or whatever.
However, I will say that their Linux laptops I've used have been fine executions of their concepts, and the Linux support, including for firmware updates, has been problem-free even though I don't run the stock OS.
They're a good choice for Linux laptops if thin and light ultraportables are your style.
Dell has a pretty good record for providing firmware updates without too much hassle. Although it does seem like they ship product with.. a lot of problems.
We bought a 10gbit enabled PowerConnect switch only to learn that the “10gbit” part didn’t actually work until they released a new firmware.
Fedora devs often also develop those components and are among the first to integrate them. Fedora seems like a great desktop for those curious about what's coming next to the Linux desktop stack.
NixOS doesn't curate a default desktop experience like Fedora does, but it's also a great place to enjoy some of this tech early, and in a very risk-free way thanks to declarative configuration and rollbacks. PipeWire has been effortless to set up (and impressively compatible, performance, and unobtrusive in its own right!) on NixOS for some time now.
A rolling release or a cutting edge kind of distro, even with regular releases, can be really nice if you're into exploring this stuff, like you say.
I mean... any distribution is like that, no? Pipewire for example has been in Debian since two releases ago. You would probably not to run it on those releases unless you were building your own up-to-date bug-fixed packages from a custom repo, but that is not out of the question especially with CI/CD being what it is nowadays.
It’s like a package-manager for system firmware. For the devices supported, it feels infinitely better than downloading random files from the various vendor-sites on the internet and running setup wizards and all kinds of bloated inconsistent nonsense.
I’d argue fwupdmgr actually represents something objectively done better on Linux than Windows, and my only complaint overall is that not enough vendors are supporting it.
Don't know much about it yet, and it is undoubtedly is a useful service. However looking at that page boasting telemetry and noticing an always running fwupd process running here as root it looks like this is probably leaking information thru its comm channel.
Does anyone know why this is running 24/7? I don't expect my firmware to be changing minute to minute. I need to get OpenSnitch running to keep an eye on these things, heard it was making it into Debian and hopefully derivatives soon.
> this is probably leaking information thru its comm channel
It's really not. The fwupd process doesn't have any internet access at all -- all communication is done through a socket over DBus. All the telemetry is done with the user explicitly opting in -- we even show the JSON in the terminal that is going to be sent.
> Does anyone know why this is running 24/7
We auto-quit on idle or for low memory conditions -- unless you have hardware that's expensive (either in terms of power, or time) like thunderbolt and synaptics MST. The resident RSS is tiny as we mmap all the data files which can be paged out by the kernel -- we can even run fwupd on the tiny BMC processor as well. I'd be interested in what OpenSnitch says, but the D-Bus interface is the only way in and out. Interesting, the daemon doesn't actually do any policy actions itself; all actions have to be initiated by the front end -- which includes downloading new firmware metadata.
Good to know. Why is it a root daemon and not a command/library if other tools are directing it? If I had to guess, so the end user does not have to elevate to superuser to initiate actions?
I think what yesterday's SSD discussion revealed is that an open database of "leaked" SMART data would be of immense value to users and should have happened years ago. It sucks that privacy derangement vetoes the development of things of real value.
Are you using this to refer to the attitude of companies that want to collect as much data as possible whether or not they have a clear and good use for it, or the attitude of users who are no longer willing to trust large-scale data collection efforts?
I'll decide that for myself, you insensitive clod!
I can imagine your future assault robbery trial. "But your honor, stealing his wallet was good for him! Couldn't get into the bar that night and gave his liver a well-needed break." :-D
On the bright side, you can finally mask it in latest Fedora without Software store going haywire and spamming you with useless error messages about it being unavailable.
Still waiting for that to arrive in next Debian…
I’m sure it’s useful to Dell users, but not much to anyone with DIY setups.
It's even on Raspberry Pi OS and I wonder if it serves any purpose there. Pi firmware is updated via APT unless I misunderstand what I see getting updated (raspi-firmware). Would fwupd handle updates for USB connected devices such as SSDs?
Make sure you open a support ticket asking for LVFS updates -- it's easy to ignore one person, but much harder to ignore hundreds of people asking for the same thing.
With most things I just complain a bit and then go on with my life, but this actually feels like it could work. Samsung does already release some sort of broken Linux livecd for fw updates, seems like LVFS would be easier for everyone.
Readit News
It's really nice to read the author's blogposts describing how he forces hardware vendors to get their shit together and either use a standardized update mechanism or create a thoroughly tested open source plugin.
I remember the first time I got a Dell laptop and put Ubuntu on it, GNOME Software immediately prompted me to install a firmware update. I was so amazed by this. It really felt like Ubuntu was finally a first-class citizen. I'm still completely sold on Dell because of this experience. Sadly they still don't upload all the firmware for all machines. I have no idea why though..
Hence things like Linux firmware updaters that just download the windows firmware file (which they have rights to) and extracting the firmware blob (which they know exactly where it is) so they can avoid the question if they can distribute the blob directly.
The other thing that is great is the testing and validation groups allows you to setup target groups so you can fully validate your updates internally before staging rollouts.
Also @hughsient is really responsive at fixing issues.
We use fwupd at Framework Computer.
I got a Dell laptop from work with Windows on it. Installed Ubuntu and it immediately prompted me to update the firmware. What an amazing experience!
I always recommend Dell to people looking for a Linux laptop. Although I hear Lenovo started to get their shit together too in the last few years.
Not sure this applies also to non Latitude/Thinkpad consumer models though but I tend to never recommend them anyway.
However, I will say that their Linux laptops I've used have been fine executions of their concepts, and the Linux support, including for firmware updates, has been problem-free even though I don't run the stock OS.
They're a good choice for Linux laptops if thin and light ultraportables are your style.
We bought a 10gbit enabled PowerConnect switch only to learn that the “10gbit” part didn’t actually work until they released a new firmware.
Mandatory: I use arch btw :D
[0](https://wiki.archlinux.org/title/fwupd)
https://fedoraproject.org/wiki/Changes/SystemFirmwareUpdates
NixOS doesn't curate a default desktop experience like Fedora does, but it's also a great place to enjoy some of this tech early, and in a very risk-free way thanks to declarative configuration and rollbacks. PipeWire has been effortless to set up (and impressively compatible, performance, and unobtrusive in its own right!) on NixOS for some time now.
A rolling release or a cutting edge kind of distro, even with regular releases, can be really nice if you're into exploring this stuff, like you say.
It’s like a package-manager for system firmware. For the devices supported, it feels infinitely better than downloading random files from the various vendor-sites on the internet and running setup wizards and all kinds of bloated inconsistent nonsense.
I’d argue fwupdmgr actually represents something objectively done better on Linux than Windows, and my only complaint overall is that not enough vendors are supporting it.
Does anyone know why this is running 24/7? I don't expect my firmware to be changing minute to minute. I need to get OpenSnitch running to keep an eye on these things, heard it was making it into Debian and hopefully derivatives soon.
It's really not. The fwupd process doesn't have any internet access at all -- all communication is done through a socket over DBus. All the telemetry is done with the user explicitly opting in -- we even show the JSON in the terminal that is going to be sent.
> Does anyone know why this is running 24/7
We auto-quit on idle or for low memory conditions -- unless you have hardware that's expensive (either in terms of power, or time) like thunderbolt and synaptics MST. The resident RSS is tiny as we mmap all the data files which can be paged out by the kernel -- we can even run fwupd on the tiny BMC processor as well. I'd be interested in what OpenSnitch says, but the D-Bus interface is the only way in and out. Interesting, the daemon doesn't actually do any policy actions itself; all actions have to be initiated by the front end -- which includes downloading new firmware metadata.
I think what yesterday's SSD discussion revealed is that an open database of "leaked" SMART data would be of immense value to users and should have happened years ago. It sucks that privacy derangement vetoes the development of things of real value.
Are you using this to refer to the attitude of companies that want to collect as much data as possible whether or not they have a clear and good use for it, or the attitude of users who are no longer willing to trust large-scale data collection efforts?
I can imagine your future assault robbery trial. "But your honor, stealing his wallet was good for him! Couldn't get into the bar that night and gave his liver a well-needed break." :-D
Deleted Comment
Still waiting for that to arrive in next Debian…
I’m sure it’s useful to Dell users, but not much to anyone with DIY setups.
This is the second comment I've noticed "waiting for it to hit Debian" and I don't understand.
It's even on Raspberry Pi OS and I wonder if it serves any purpose there. Pi firmware is updated via APT unless I misunderstand what I see getting updated (raspi-firmware). Would fwupd handle updates for USB connected devices such as SSDs?Unfortunately it doesn't seem like Samsung is uploading that much firmware. "Is uploading firmware on behalf of other vendors" according to the site.
With most things I just complain a bit and then go on with my life, but this actually feels like it could work. Samsung does already release some sort of broken Linux livecd for fw updates, seems like LVFS would be easier for everyone.
https://wiki.debian.org/Firmware/Updateshttps://help.ubuntu.com/community/BIOSUpdatehttps://wiki.gentoo.org/wiki/BIOS_Updatehttps://en.opensuse.org/SDB:How_update_your_bioshttps://wiki.archlinux.org/index.php/Flashing_BIOS_from_Linu...