Simplifying package installation (was: replacing XMMS)

duncan brown duncanbrown at linuxadvocate.net
Mon Apr 26 15:30:40 UTC 2004



Michael Schwendt said:
> On Mon, 26 Apr 2004 09:01:05 -0400 (EDT), duncan brown wrote:
>
>> while i'm on this track, i think rpms need to be able to be installed

> First the software must be made fully relocatable and, for instance,
> find its translation modules and not expect its data files in a location
> that was hardcoded at build-time. And of course, it must ignore a global
> instance installed into the system by the administrator and allow for
> switching back and forth between local installation and system-wide
> installation (e.g. in its configuration data).

(utopian rant warning)

well, in perfect world, things would be coded to not look in predetermined
places, it should be a user variable.   now, if something is configured to
work in that fashion, then there should be a flag in the .spec for the rpm
stating so.

what about chroot style environment that only affects the current user? 
something where the libraries/binaries the user installed for himself are
available, and symlinks to the system's libraries and binaries are located
in the same environment.

> Does this scale? And what about security flaws in the locally installed
> packages?

what security flaws?  there are inherent security problems just letting
people TOUCH a system.  do you mean security updates?  something along
those lines should be based upon the preferences of the ADMIN, not the
user.  if the user's using software with known flaws, the admin should be
able to remove the user's package and have him use the locally installed
one.  now, if you're talking about updates, then the user should update
the package.

maybe in our utopian package management suite we'd have the option to
update our user installed package.

> Assume the following packages (
> http://www.go-mono.com/archive/0.31/fedora-1-i386/ ) install cleanly in
> Fedora Core 1 if they were contained within a repository and you could
> add that repository easily to your favourite package utility.  One of
> the Fedora Project's objectives is "Create an environment where third
> party packages are easy to add and positive encouragement and support
> exists for third party packaging." Common meta data for yum/apt and
> others are one step on the way to making access to repositories easier.
> The jump from a loose collection of binary rpm files offered at some web
> site to a one-click installation is not a small one.

that's exactly what i wrote about previously.  a user should be able to
click on a link on a website or run a downloaded script that adds the
repository to their repository list.  there should also be something the
same for system-wide repositories.

it's not a small task, i know.  and i'm not really equipped to work on
something like this myself (php and bash are about the height of my coding
skills), i'm just trying to throw ideas out as to what i've heard from
alot of people that i've thrown fedora at that either havn't had much (if
any) computer experience and ones who have extensive windows use
experience but no linux... and they all say the same thing about software
installation.

they basically want to install software without going through hassle (all
were impressed with synaptic, though somewhat intimidated)

i think that someone needs to do a usability study, a real FORMAL one.  i
wouldn't mind doing it, but i don't have the resources beyond just giving
people i've thrown fedora at a questionnaire...

the problem here is it's sysadmins and people that aren't intimidated by
computers discussing this.  we need a PHB or a mom's input.

-d

>
>> i don't see how the simplicity of installing a piece of software on
>> windows is an orange to the apple of linux's rpm/deb/etc.  and yeah,
>> you get dependencies, but they're so RARE.  and they need to be able
>> to be non-existant as far as the user having to do research on where
>> to find it and the correct version for their system.  just because
>> windows has a bug^H^H^Hfeature like gui windows notifying you of a
>> dependency, that doesn't mean we need it too.
>
> It's a bad comparison in that with packages created by arbitrary open
> source software projects we face a different dependency scenario, in
> particular if a package contains explicit dependencies added manually by
> the packager, which do more damage than helping the user. For instance,
> a simple version mismatch between the installed version of Python and
> the required version of Python, or a different package name used on
> different Linux distributions, and a package would refuse to install
> (and I don't even cover cross-distribution package compatibility).
> Compare that with a proprietary system.
>
>
> --
> Fedora-desktop-list mailing list
> Fedora-desktop-list at redhat.com
> http://www.redhat.com/mailman/listinfo/fedora-desktop-list


-+(duncan brown
-+(duncanbrown at linuxadvocate.net
-+(http://www.linuxadvocate.net

()  ascii ribbon campaign - against html e-mail
/\                        - against microsoft attachments

Blessed is the man who, having nothing to say, abstains from giving wordy
evidence of the fact.
                -- George Eliot






More information about the Fedora-desktop-list mailing list