Modern Update System

Paul A Houle ph18 at cornell.edu
Tue Nov 29 15:20:35 UTC 2005 

Pete Zaitcev wrote:

>I am quite surprised that it works for Microsoft, because Sun gave it
>a good try. Maybe they just ignore most problems, like what happens
>when you upgrade a well-patched system to the next release.
>  
>
    Microsoft ships a lot less software with Windows than Sun ships with 
Solaris or Fedora ships with Linux.  That's why these comparisons that 
RHEL has 44 security bugs and Windows has 43 security bugs are a big 
joke,  because RHEL comes with 4 CD's of software and Windows only one.

    I think the "incremental patches" could be dealt with in a way 
that's mathematically well defined and wouldn't require thinking on 
anyone's part (it's the thinking that gets you in trouble.)  Imagine we 
have a package with the following history

package-1
package-2
package-3
package-4
package-5

Now,  we can generate something like xdiffs, so we have

package-diff-1-2
package-diff-2-3
package-diff-3-4
package-diff-4-5

these are actual diffs against the files in the filesystem.  When 
somebody installs package-1 out of the box,  and then does an update,  
the system can check that ~all~ files in package-1 are unchanged,  then 
it's safe to automatically download the diffs,  which put the system in 
the exact same state it would be in if we'd just installed package-5.  
If any files in package-1 have been touched,  then we have to do 
something different.

I totally understand why this would be a nightmare for the mirrors,  but 
the current status quo is a disaster in terms of user experience.  Every 
time I do a Fedora install,  I usually end up downloading 2 GB worth of 
ISO images,  and then I run "yum update" and it downloads another 1 GB 
worth of updates.

My experience with RHEL is even worse than that with Fedora,  partially 
because "up2date" scales less well than "yum."  Last time I installed 
RHEL 4,  up2date kept crashing,  and I tried different things until I 
realized I had to do updates to up2date and rpm to make up2date stable 
enough to complete.  I expect to have these problems with Rawhide,  but 
it's particularly irksome when the Red Hat Network (the product that I 
perceive I'm paying a significant annual fee for) is the part of the 
distribution which works the worst.

More information about the fedora-devel-list mailing list