Blog post about package management (aimed at fedora)

[Nicolas Mailhot]

Le vendredi 27 juillet 2007 à 11:28 +0100, Richard Hughes a écrit :

> "Crack" would be a valid comment but obviously, I would prefer more in
> depth and reasoned criticism :-)

I agree with most of your stuff except:

- removing password requirement to install/update is very very stupid
and dangerous (think script-kiddies, visiting kids that click
everywhere, etc)

- auditing tools must be built-in from the start up. The desktop team
likes to replace well-understood and easily verified scripts/CLI
commands with callback-heavy black magic no one understands (sometimes
several layers of black magic because you know it's so much easier to
add a layer than fix the one underneath), without comprehensive doc or
error reporting. This is somewhat acceptable for desktop toys but not
for core stuff like system updates. 

- while a lot of the updating pain is at the GUI level, and no one will
mourn the current GUI update apps, you'll still need work at the yum
level so 
 * it does not barf at the slightest problem (on the CLI the sysadmin
papers over yum ; in GUI mode that's somewhat less easy)
 * updates are done in batches of small transactions instead of a huge
brittle one (every time rawhide is frozen/unfrozen you get a huge 800+
package update transaction which is almost sure to fail halfway)

- you'll need a CLI async client too for some user populations and it
better be a real usable tool not a CamelCase-speaking monstruosity.

- if you go async client/server and allow an update client to remotely
control updates of a pool of systems, you'll make a killing in the
desktop enterprise space

-- 
Nicolas Mailhot
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Ceci est une partie de message num?riquement sign?e
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20070812/141a22e2/attachment.sig>