[packaging] Meeting next week to discuss trusted third-party repositories
Yfrwlf
swiftpaw22 at gmail.com
Tue Dec 9 17:03:22 PST 2008
Tortanick wrote:
> On Monday 08 December 2008 07:53:59 Peter Dolding wrote:
>
>> Linux Distributions have always been fighting over there own package
>> formats. Models the Distributions are putting forward are all
>> designed to leave them 100 percent control of providing the runtime.
>>
>
> Good, the distributions are better at it than me. I'm happy to let them do the
> work and just leave a few hooks for me to insert a customisation or two.
>
>
You want to rely on distro companies to repackage your software for you
instead of getting it directly from the programmers? Did a distro
company pay you to say that? I don't know why any sane Linux user would
ever say they'd want something like that, to be essentially locked into
a certain repository and company. Distros have become middle-men, and
they need to be cut from the picture as far as locking users into their
repos. If Red Hat, Novell, or Canonical want to stay in the business of
sponsoring Linux software projects, by all means I hope they keep doing
so. If they want to offer paid development support for a certain range
of programs, by all means keep doing so. However, this model of locking
users into the old, annoying Linux model of keeping users dependent on
distro companies needs to die. Linux users deserve more freedom than that.
Providing Gnu/Linux software bundles or mirrors/repositories of programs
which you can also get directly from the dev's website = OK. Locking
users into those same repositories and not allowing them to "roam free"
= bad.
>> This effective means we stay with the same crap system we have now.
>> Where each distribution customizes there own packages independent to
>> each other and millions of build hours are year are wasted building
>> the same application for multi-able distributions.
>>
>
> Machine time is cheep, what would you have those servers do instead?
> SETI at home?
>
>
If a company CEO heard you, you'd be fired, and I have to say that
response to Peter's comment was in very poor taste. Do you know why
virtualization is popular? That's because it means you can condense
down your physical servers by throwing multiple OSes into VMs if you
need that separation there between OSes as certain businesses do
(hosting providers for example, as well as for other reasons). Having
less wasted CPU time is what companies want. Linux has wasted who knows
how much energy by recompiling everything a million times redundantly
when it only needs to be done once by the original developers, and then
additional times by anyone who wants to look at the code and compile it
for whatever reason, or contribute code to the program themselves. We
want freedom *and* ease of installation and it's very possible to have both.
>> To reform Linux in to something majority useful to ISV's.
>>
>
> Linux is already "majority useful" to me, and I think most Linux users will
> say the same thing, I would not reform something that is very useful and risk
> loseing the current user base to try and attract ISVs.
>
>
It'd be a lot more useful to normal computer users if they could easily
install whatever software they wanted to without being trapped in a
specific company's walled garden. More developers could target Linux.
Not just companies (ISVs), but both open and closed source developers,
working within companies or on their own, i.e. *everyone*, could simply
release one pacakge and be done with it. Supporting and developing
Linux programs would be easier all around, and when there is money
involved, it'd also be cheaper. This means more programs for Linux.
More programs for Linux means even more programs for Linux, and the
snowball effect ensues. All this ends up meaning *you* have more
programs to use, if you use Linux. It benefits everyone in every way.
Except Microsoft and Apple.
>> LSB basically has to break the distribution model completely. Repo idea
>> is all about central source providing of applications.
>>
>
> Were trying to make it easy for ISVs to package software, oppsing
> distributions is not going to work because:
> a) Nearly all Linux users like distributions
> b) If the distributions don't support the LSB, the LSB will have no users. No
> ISV will package for something that has no users.
>
>
They like it? How about that's the *only* way they can get it easily is
in software bundles, which there is nothing wrong with, it's being
locked into repos that's the problem. Users don't "like" it anymore
than they "like" Windows in the past just because Windows provided them
with a semi-functional computer. In other words, no, Linux users like
freedom, and a feature that gives them more freedom is exactly what they
want.
>> ISV's and
>> Distrobutions really need a Distributed package providing system.
>> Think about a Direct X game they ship with a Direct X runtime provided
>> by Microsoft that updates by Microsoft. Advantage of this ISV does
>> not have to take on the maintain cost of Direct X.
>>
>
> The problem is that your not just asking Microsoft to maintain DirectX, your
> asking Microsoft and the user to co-maintain it. DirectX is a bad example
> because its an extreemly popular libary with a major ISV behind it. But if
> you allow distriubted dependencies and a small ISV vanishes taking its
> libaries with it, or they break backwards compatability, then you've created
> dependency hell. Its just not worth the risk.
>
>
Linux already has dependency hell. A better package management system
will thwart it. Direct X came with all the libraries needed for it
other than Windows itself. Here's my idea:
User is on a website. They click a link to download a file, click OK or
whatnot, and download and open it with their package manager. In the
package are the needed GPG keys or whatnot along with URLs pointing to
the actual files. You could contain everything that is needed in the
package itself, or you could have the package be basically a downloader
via the package manager. In either case, you could have URLs that point
to a location for program updates. Now, if the file was small and
simply some URLs and keys or whatnot, the package manager could
intelligently download only those dependencies that it sees it needs.
The packages contain all the information for the manager to successfully
install the software. As long as you have a method to work out name
conflicts, even have a name register or whatnot like for domain names or
just use a simple renaming scheme with a dynamic system that allows
software to know where everything is located, then the package manager
can put files where ever the hell it wants to, where ever it's
configured to. Such a system may require that programs are made to use
the system, but I don't think it'd be too hard, perhaps just make some
special characters or something to represent dynamic locations.
Whatever. It's all doable though, that's all I know, it's just
software, it doesn't control you, you control it. :)
>> Then there are
>> closed source audio frameworks applications could be using and so on.
>> KDE and Gnome have there run-times. There is no reason why KDE and
>> Gnome with means to release direct could not complete directly with
>> Distributions on features and style yet still remain 100 percent
>> distribution neutral.
>>
>
> Go ask KDE and Gnome weather they want to do all that extra work then post
> back their awnsers.
>
>
The KDE and Gnome developers would love being able to compile their
stuff once, and be done with it. Their sites would get a lot more hits
and the Gnome and KDE projects would thus get more exposure than they
are now. When an update came out, especially, users would be flocking
to download or update their software directly from them instead of just
primarily some middle-men companies. Linux users would be finally very
free to easily get their software directly from the sources.
>> Simple fact if other parties get into the configuration game and do it
>> better than Distributions in a cross Distribution way distribution
>> importance could disappear.
>>
>
> Ok then, go out there and create a better system than the distributions, in
> the mean while the easiest way to support ISVs on Linux is to make it easy
> for them to create cross distro packages so I guess that's what the LSB will
> be doing.
>
>
I'm pretty sure that's one reason why he's here, is to see a better
system be created, and one which doesn't require some company's software
repository is best. He was saying that anyone could then provide
software mirrors/repositories that are actually usable by all Linux
users, which would mean distro repos wouldn't have to be depended upon.
More freedom.
>> This also forces Distributions to
>> provide better quality applications since if they hand up poor quality
>> users will be able to avoid the distribution repos.
>>
>
> Nope, distributions have to provide high quality because if they don't people
> will move to the other distributions. That's the beauty of the "infighting"
>
>
And if that infighting happened directly between software like it
should, instead of effort being wasted on recompiling and providing 50
different software packages because there isn't at least one open
standard which has been adopted into the major package managers like
there should be, we'd have better software. If users were free to
install any of the new or "niche" software or whatever versions of that
software they wanted to, regardless of their Gnu/Linux version they were
running, they'd have much more freedom. That's a lot more beautiful
than the current situation.
We (Linux users) want change. I speak for myself and everyone else who
has been subjected to the lovely (sarcasm) software garden wall which
Linux has created because of the distro ecosystem which has arisen,
profiting off their users being dependent on them. That needs to end,
for a plethora of reasons ultimately because *we want it to end*.
You're right that no one needs to ask for permission to fix this mess,
but it does need to be spoken about more. The standards groups like the
ISO, LSB, LF, Freedesktop, etc, need to push for a good, open Linux
packaging standard which the major package management software can
easily adopt (most likely while still keeping their own format
compatibility, at least for a while). If these standards groups don't
want to help in doing that like because they are bought out by distro
company interests or whatnot, we'll go elsewhere. Like to Zero Install,
Klik, or other systems which allow us to have access to the software we
want without having to beg a distro company or try to get it packaged
for their proprietary system.
-Yfrwlf
More information about the packaging
mailing list