[packaging] Meeting next week to discuss trusted third-party repositories

Yfrwlf swiftpaw22 at gmail.com
Wed Dec 10 21:41:29 PST 2008


> ISV's have many issues.
>
>
>   
Those issues are also everyone's, since it effects everyone including 
all developers and users, not just businesses.  Everyone wants to see 
them fixed. :)

> LSB has tried for years to get Distributions to sit down and solve
> this problem.  Berlin Packaging API is simply LSB washing there hands
> of the complete problem and saying to ISV's use what ever you like
> there is the interface.  If distributions end up with a uncontrolled
> mess that is there problem.   Distributions have had 7 years to
> address the problem just from infighting they have not.
>
>   
It's a much better solution than no solution at all!  But you're right 
that it's more of a patch job than truly fixing the problem, that put me 
off it a little at first, but if it's all we have we'll have to make 
due.  Ultimately it would be very nice to see the same kind of rally cry 
for at least one open packaging format/system which existed for other 
things (ODF, Firefox, W3C web standards, etc).  Maybe ISVs will just 
have to start supporting only the Linux package managers and 
corresponding "distros" which have adopted compatibility with some 
packaging format until the pressure drives the bigger distro companies 
to also adopt it.  Could even somehow release patches for adding on that 
feature to the package manager in those distros perhaps, until they 
adopt it themselves.  Hell, they could ship the patched versions of the 
Linux OS with the box if it was for an ISV's store release, or offer the 
OS on their site, though I know that would be a harder sell, at first at 
least.  Imagine Linux coming with the software you bought in a store 
though...maybe Microsoft calling it a virus *was* accurate as that might 
really help it grow fast. :)
> Now question why is YoFankie using a non LSB and non Distribution
> solution.   Simple fact the distribution solutions don't work good
> enough for ISV's.
>
> Now there are things the Distribution needs like Secuirty ISV's also
> want to only have to do that once.  0install does have its flaws as
> well.
>
> Basically if Distributions don't do something soon we could have an
> Linux virus plague.  Stacks of defective applications installed
> without the required security around them nice cause of a failure.
> Do ISV's care about this no they don't they have that with windows
> now.
>
> As I say Users ISV's and Distributions needs must be covered.  Users
> are simple they just want to be able to install the applications they
> need and have stability and security.
>
> The complete idea of Linux being a secure platform is in danger if
> Distributions don't act.  Current models put forward by Distributions
> don't suit ISV's or Users very well.
>
> Peter Dolding
>   
But like Windows, users will use it any way if it means having access to 
the programs they want.  Perhaps that will further convince the distro 
companies to give it up and adopt a format which has that security and 
such that users want, *plus* freedom, by finally delivering an 
API/framework/system/whatever that allows everyone to successfully 
"communicate" to get done what everyone wants.

Linux packaging is like a bad relationship.  All it takes to make things 
better is some communication and cooperation long enough to build a 
bridge with which communication and cooperation can occur.  The problem 
is getting it to happen the first time without everyone getting up and 
leaving.

-Yfrwlf


More information about the packaging mailing list