SteamOS/Updates

For updates, SteamOS uses a software called RAUC to provide seamless and secure updates^[1]. The update system was a major contribution by Collabora, an open-source consulting company.

RAUC uses an A/B partition system to facilitate a safe, foolproof update process. When the system boots off of Partition A, the updates will be applied to the B partition, and vice-versa. This allows the system to fallback onto another partition if one fails, either during operation or during the update process.

Despite the A/B partitions being read-only, Valve allows users to disable the Read-only Filesystem using a simple shell command. However, after an update, the modifications a user has made to the read-only filesystem are lost unless SteamOS is configured to use a folder in writeable storage to overlay the read-only storage.

RAUC Features^[2]

• Fail-Safe & Atomic
  • An update may be interrupted at any point without breaking the running system.
  • Update compatibility check
  • Atomic bootloader updates (eMMC boot partitions, MBR, GPT)
• Cryptographic signing and verification of updates using OpenSSL (signatures based on x.509 certificates)
• Redundancy
  • Symmetric setup (Root-FS A & B)
  • Asymmetric setup (recovery & normal)
  • Application partition, data partitions, ...
  • Allows grouping of multiple slots (rootfs, appfs) as update targets
• Built-in network streaming mode
• Network delta-streaming mode (using casync)
  • Chunk-based binary delta updates
  • Significantly reduce download size
  • No extra storage required
  • Bundle encryption for multiple recipients
• Independent from update source
  • USB Stick
  • Software provisioning server (e.g. hawkBit)
• Supports data migration
• Network protocol support using libcurl (https, http, ftp, ssh, ...)
• Several layers of update customization
  • Update-specific extensions (hooks)
  • System-specific extensions (handlers)
  • Fully custom update script

References