We want to update a fleet of various Raspberry Pis and other boards that are run by our users using Mender’s update modules, but we cannot use automatic deployments using the Mender server as we require the user’s explicit consent before updating.
I found this example that asks for user’s confirmation before updating, but there are two drawbacks of this approach for our use-case:
We need a sure-shot way that cannot be hijacked to install any update without user consent whatsoever. In the above example, a mender artifact can simply be released without a state script that doesn’t ask for the user’s confirmation before installation.
The user should be allowed to update whenever he wishes to, eg. even 3 months after the update has been released. But Mender’s docs note that “Maximum wait time between
Downloadstate is 24 hours, after this period the update will be marked as failed by the Mender client.” Is there a way we can change this limit?