Fork me on GitHub
Webconverger wiki/ upgrade

We are designing the upgrade mechanism for:

  • Efficiency - We use next level technology git to manage the entire root filesystem (this is awesome btw)
  • Allow Webconverger Limited the business to move to a subscription model

We are super sensitive about your privacy, yet initially we need to collect some more information from daily build testers to ensure this technique works. Ultimately we want to share our approach here to make the "chroot on git" idea take hold amongst Linux distributions. Therefore the hope is as a developer in the near future you can use our technology to point to your own curated chroot.

The upgrade features requires a hard drive install

Webconverger's install makes several assumptions and uses its own lightweight install script to install onto a writable /dev/sda. This typically is the first hard drive in your PC.

WARNING: Installing Webconverger will irrevocably replace your hard drive contents.

Known issues: No wireless setup on installs, until configured (see updates.sh)

How upgrades might work (ALPHA)

The partition has a /.git/ directory pointing to the same Webconverger chroot maintained publicly on github. Using git gives us several advantages:

  • We can easily check the integrity of the filesystem, good for security
  • Git is fast & efficient for upgrades, also good for security

Upgrade process

Webconverger uses git to maintain the installed filesystem.

Commits tagged with the following format list the known working git refs

  • booted-$(date --rfc-3339=seconds | tr ' ' T)

The update service must:

track the remote branch
while true; do
    sleep 8+rand hours
    if working commit not tagged
        create tag
    if is in sync with remote
        continue
    git fetch updates
    reboot
done

the booting initrd must:

merge those updates into the filesystem
run the scripts in /.git-fixups/*
validate the new filesystem
pivot to the new filesystem

updates.sh and configuration

If enabled (noupdates is omitted) updates.sh is a simple and powerful mechanism to:

  • run signed shell code as root as the machine boots (this should not be normally needed for Community uses, however it will be enabled until we are happy with the install)
  • setup the machine with a custom configuration, for paying users we plan to use the mechanism to maintain their configuration

update logging

We are logging script output with https://github.com/Webconverger/logs

We will make it so that only Webconverger can see the logs atm, however to be clear for privacy, these logs will not contain any personal information.

Currently we plan to use a machine UUID and MAC to track individual machines.

Your feedback and support is much appreciated

We believe we are doing something new and exciting in the operating system space. Over the Web we are hoping to configure and update customers kiosk devices, optionally offering logging and management services.

For the community we will provide an unconfigured secure stock Web kiosk with the default homepage without the updates.sh script that is reliably upto date and publicly accountable to its chroot on github.

If we missed something please kindly let us know: feedback2012@webconverger.com Thank you!

Many thanks to Anselm Garbe for his comments.