[lsb-discuss] Some thoughts about the recent packaging discussion
alan at lxorguk.ukuu.org.uk
Sat Mar 1 15:46:15 PST 2008
> refuses to accept the patch, it just means that 3rd party commercial
> ISV package can't be uninstalled on that distro, which makes them no
> worse (but no better) than they are today.
Except you've created a non standard that seems designed to make it less
likely people will solve the real problem and also causes security
problems down the line because most vendor provided installers have not
been audited properly, do not fit into things like SELinux rules (the
rules secure sites run to say things like 'random package installing is
bad'). And we can get onto automated installs, provisioning, smart
backup, security verify checks and the like at which point I think we can
safely say a lot of end users actually want vendors to deliver product
that installs, uninstalls, verifies and integrates.
There is a right way to solve the problem, which is to make it strongly
in the interest of the ISVs to use the standard packaging format on
Linux. There are cases that are a bit weird (like java) but for the
general case the answer isn't to insult everyone and try and make the LSB
dictate standards (which will merely dictate its demise) but to make the
packaging system actually solve the real remaining problems ISVs have.
So instead of insulting Debian people how about making the supporting
tools for rpm format binary packaging simply irresistable. For the LSB
binary side format that means stuff like "zip2rpm" and other things which
are anathema to source/binary control as rpm is used in free software,
and adding pointy clicky "packageme" tools plus makefile scriptable bits
for "add scripts, set description, pack tar file into rpm and ship"
More information about the lsb-discuss