Slashdot Mirror
OpenPKG 1.0 Released
Ralf S. Engelschall writes: "I'm proundly announcing today the release of OpenPKG 1.0,
the world of cross-platform RPM-based Unix software packaging. A flexible and powerful software packaging
facility, OpenPKG eases installation and administration of Unix software across several
platforms. It primarily targets the Unix platforms FreeBSD, Linux and Solaris, but is
portable across mostly all modern Unix flavors. OpenPKG was created in November 2000 and after
over one year of development it is already a mature technology in production use. It is
available as Open Source and is further maintained by both my development team at
Cable & Wireless Germany and our contributors. For more details visit
openpkg.org and
ftp.openpkg.org."
How very useful. :)
Whilst Solaris does have package management, it's not as good as RPM.
Of course, now all you have to do is convince sun to support it
Let's just say that Ralf is the commited guy for standard packages.
http://www.openssl.org/
http://www.modssl.org/
To say a few.
He's the guy that wrote mod_rewrite back in the old days. Tough guy.
ok, so in a nutshell, no matter what *nix I use, as long as I have openpkg installed, I can install any package?
In other words, I can burn openpackages to a CD, and install the same packages in BSD, Redhat, and Suse?
RPM was created as duplication of effort, because Debian wasn't willing to rush a half-baked dpkg. Now it becomes a standard. Reeks to me of Microsoft Windows-like storyline.
Why not just port and use dkpg, apt and associated tools? They were all created to be portable, and are indeed already used in http://fink.sf.net./, http://debian-cygwin.sf.net./ and the like.
Leandro Guimarães Faria Corcete DUTRA
DA, DBA, SysAdmin, Data Modeller
GNU Project, Debian GNU/Lin
The one true package format: setup.exe
I assume you refer to the standard name of a Windows installer program. Those may become obsolete, as Microsoft and other vendors shift to .msi packages that use the Windows Installer.
Will I retire or break 10K?
Wouldn't it have been smarter to port an existing advanced package management system/format like .deb to other UNIX flavours rather than inventing yet another system? Isn't that some serious reinventing-the-wheel?
Isn't that what open source software is all about? Just as in commercial software, a bunch of different groups work on the same thing in the attempt to be the best, most widely adopted, and thus the standard?
In commercial software, the development and marketing effort goes on only as long as the company can afford it, but in open source it can go on forever as people work endlessly on different versions of the same software that nobody will use! That way you can be forced to have all of the different package managers installed (and keep them updated) so you can use the various software packages you might want to download!
nice try... apt works with RPM. The comparison is rpm <-> dpkg, not rpm <-> apt. In the correct comparison, they're almost equivalent.
WWJD? JWRTFM!!!
errr, compare citrus to citrus, chum: RPM is to APT as .deb is to (e.g.) gnorpm -- .rpm and .deb are package formats, gnorpm and apt are tools for managing those packages (and IIRC one can now use rpms with apt -- Linux Mandrake?)
APT is a tool for managing DEB packages, it is not a packaging format itself.
don't be spreading misinformation ... makes you look ... well, like someone you wouldn't want to look like.
"Oh, I hope he doesn't give us halyatchkies," said Heinrich.
I notice that an openpkg-installed package populates their own RPM database, rather than using one that may already be on the system. While this may be due to the fact that they need to store additional information that a default RPM4 database doesn't allow for, it would seem to be a horrible inconvenience to maintain two separate RPM databases... even if one allowed you more cross-platform control.
Also, I thought it interesting that they favor English as the only language used on Unix machines, and chose not to include NLS support in OpenPKG. And they're not even Americans!
It really surprises me that they decided to use RPM package format. It surprised me even more that they decided to create "Yet another package system", while there are many very stable and advanced one, that are just waiting to being ported to "Yet another Unix".
My personal experience is
RPM = headache.
APT = a lot of relieve.
mjander.
They are pushing the use of source packages,
that would need to be compiled, hence, they can
adapt to each platform. They only advocated
the use of binary packahges when the developement
tools ( mainly gcc, automake ) are not available.
It's basically an RPM based FreeBSD ports tree.
Novel idea.. but am not sure the use of RPM
is the best choice...
We shall see..
I've already seen a number of people saying, "Yeah, great, but why didn't you port an existing system [usually Debian's] instead of writing your own solution? We don't need another package management system." This drumbeat of "don't create multiple approaches" opinion continues to get louder, and as it does so irritates me more and more.
It's *good* that there is more than one way to do it. I'm glad that open source not only provides for the possibility of multiple approaches (the built-in allowances for forking), it has a long history of such.
Don't like sendmail? Write a different mailer, and perhaps like postfix it will become popular. Think that the available desktop managers were built wrongly? Try coding one using your preferred approach. Having diverse solutions can help improve them all, as features from one program are pulled into others.
The OpenPKG folks saw a need and decided to base their solution on RPM. You may not think that was the wisest choice, but they get to choose where they apply their effort. There is no One Approach to bind all open-source programmers, no One Application in any given niche to which all should contribute. One of the beauties of OSS is that I can choose where I wish to contribute.
I dont know about you but that doesnt really inspire a lot of confidence in me. Essentially this reads to me like they wanted to quickly extend an inferior package management system. *shrug*
bleh... real men/women compile ;-)
:-\
come on.. who doesn't like configuring/compiling... it's the best way to install a program... you customize towards your preference... if anything at least use ports instead of RPM
"The ones who dont do anything are always the ones who try to pull you down" -- Henry Rollins
Hmmm, I'm a little skeptical of this theory. The first Red Hat "Mother's Day" release was in 1995. It didn't include RPM, but did include its ancestor rpp. The first releases of Debian which included the primative version of dpkg were around the same time. I don't think one was significantly before the other -- they were basically in infancy together. dpkg certainly didn't seem more "baked" than rpm at the time.
I guess people prefer package managers to tarballs. And I guess RPM is the most popular PM and that is why they have chosen to do it. Mircosofty? Possibly/Probbably - good? that remains to be seen. I think I'll let other people try it before I infect my system with it ;-)
Incidently, does anybody think it strange that when we create something not Microsofty it slowly becomes Microsofty?
The FAQ says that OpenPKG decided to go with RPM over all the others for whatever reasons. What I'm wondering is, why bother limiting yourself in that way? Meaning, isn't it a trivial matter to figure out what package type a file is, and use the appropriate tool to handle it? My point is, I think that rpm, deb, and slackware's format are all mature enough that you can't really argue one over the other without getting into taste. Wouldn't the REALLY smart move be to try to come up with a tool that offers convergence? (not saying that nobody hasn't, but I am saying that I think it's an outdated idea to go with one specific format over any other)
The other road is to develop a meta-package system which "wraps" the existing native package system. This ensures the two package management systems don't stomp on each other, and allows you to interoperate with the native package management system (Sun's pkgadd, HP's depot, SGI's inst, etc). As many of us know it can get extremely ugly when a package management system starts getting out of sync with what is actually taking place on a filesystem.
To put in a shameless plug (I'm only a customer) for some very cool quasi-commercial effort in this area, we use software packaged by The Written Word. (yeah, strange name). Their software is of the latter philosophy.
I say quasi-commerical because while they sell distributions packaged on their tools for profit (and provide support and updates for their software by subscription, allowing me to concentrate on my normal duties, not worrying about recompiling this and that when the latest exploit comes out) they are actively involved in open standards-based efforts to develop a true cross-platform open package management system. And by my understanding are committed to switching their system to an open standard once it is standardized and of a sufficient functionality.
Either way, as Debian users know, the important part is not that you pick a good package system. The important part is that you pick a system that is well maintained, so when the next fix for exploit comes out you know that within a short period of time you can run {apt-get,pkg-inst,whatever) and get a working fix installed.
The biggest problem with many of the other package systems out there (Sunfreeware, Red Hat Contrib) is not that the package system is necessarily bad, it's the fact that the people don't maintain the packages. They're either woefully out of date, or compiled with beta snapshots of gcc or libc, have incorrect or missing dependencies, or simply haven't been tested.
Nice try guys, but no. Unix is already too segmented and this packaging system will not change things one bit. This is a non-NLS supporting, non-GPL'd implementation of an uninspiring packaging system which may or may not support other versions of Unix besides Solaris, BSD, and Linux. Their FAQ even contains the question "OpenPKG breaks with a few things from the good old Unix days. Why?" Thanks, but no thanks.
The problem with this is that is requires the RPM software on all target systems. This won't be popular with a lot of sysadmins because most want to stick with the vendor packaging systems whenever possible so that only 1 install tool needs to be learned and so that dependencies between packages are handled consistently.
RPM's source-centric view (where you have to rebuild everything from scratch all the time, making development of the initial distributions extremely time consuming) is also a major problem, because a lot of packages take a long time to compile (we have one that takes several hours on older hardware), and you may be testing fixes, etc. that only affect a single executable in your package.
Anyways, for people that want something a lot more portable and flexible, see my (also free) EPM software at "http://www.easysw.com/epm/". It does native RPM, DPKG, *BSD pkg, System V pkg, IRIX inst, HP-UX swinstall, Tru64 setld, and AIX installp packages, or so-called "portable" install scripts with tar files, all from the same software description/list files. Utilities are provided to automate the building of the list files from already-installed files/directories (the classic RPM BuildRoot stuff) or by intercepting "install" commands, making it very easy to create and/or maintain them.
I print, therefore I am.
When I read the title I first thought about
openpackages "the new standard for open source binaries"
http://www.openpackages.org
Since FreeBSD can run the huge majority of linux applications that I need/want, i have no need to get into RPM-hell again.
If I need to upgrade a system I use cvsup to apply the necessary patches to my source tree and make the world. If I want to update applications, I cvsup my ports tree and run portupgrade. There's nothing easier and it's very rare anything goes wrong.
So, why build this OpenPKG thing in the first place? VC money down the tubes. I'll keep my ports and packages, but I'll never run RPMs again.
When I started using Linux, there was RPM, but then I found dpkg and apt and have never gone back.
Last week, I tried FreeBSD for the first time. I was very impressed with the ports tree and pkg_add.
What would be the compelling reason to use openpkg on systems with package managers better than RPM?
How is this new system different/better than the FreeBSD pkg_add? When I want to download an install a precompiled binary I just type (as root)
pkg_add -r gnupg
for instance and the binary package gets automatically ftped down, unpacked, and the pieces installed to the correct locations. With thousands of FreeBSD ports already set up, why should I or anyone switch to this new system?
... Linux isn't Unix?
I read the FAQs and scanned the slides, but I didn't see how this differs from RPM. Am I just missing something?
With RPM, I have a single source RPM, and can build that to create a binary on (theoretically) any architecture (assuming my spec file, etc, take quirks into account.)
Oh, I see that OpenPKG offers a way to download a file and install it, without explicitly already having RPM on your system. Nice but I'm sure there are more perks I'm missing, otherwise this just looks like a rebranded RPM to me.
Enlighten me, please.
How is that when MS says "It's cross-platform: it runs on Win98 AND Win2000" we all snicker, but when somebody says "It's cross-platform: it runs on all flavors of Unix" we don't even blink?
To me, true cross-platformness includes the ability to run on AS/400s, S/390s and VMS. Like emacs or slickedit or... perl?
John.
Right, and furthermore it's not RPM that's playing catch up to DEB it's the quality of the available packages, and the standardization of versioning. Too many people make RPMs and assume that beacuse it's an RPM it'll work with any version of any RPM based distribution. This causes huge problems when figuring out dependancies.
The key is to get your packages from one source, where all the binaries are built relative to the other packages in the repository so that the dependancy names and versions are uniform throughout your system. This is what debian does better then everyone else. It has nothing to do with the DEB format, and it has nothing to do with apt either.
I would much rather stick with source installs!
This program takes an _already downloaded_ RPM (that's right, just _one file_, at least at once), and then installs it. It doesn't search a centralized ftp for the RPM and then install it.
The real complaint (which wouldn't have had anywhere near the same oomph) should have been:
"Why did they choose RPM over dpkg?"
(Which is only natural because very few people download a .deb and then install it with dpkg)!
gopher://cramer.plaintext.cc http://cramer.plaintext.cc:70
Congratulations, you just described the FreeBSD ports system.
Expanding a vast wasteland since 1996.
They are pushing the use of source packages,
that would need to be compiled, hence, they can
adapt to each platform. They only advocated
the use of binary packahges when the developement
tools ( mainly gcc, automake ) are not available.
It's basically an RPM based FreeBSD ports tree.
Novel idea.. but am not sure the use of RPM
is the best choice...
We shall see...
I would like to first point out that I am in no way, experience-wise, able to do this myself other-wise I'd do it...Could some-one make one installer which could install ALL these different types? I know there are some coding BADASSES out here at /. who could. This could be one of the big breaks that could help Linux gain a larger footing in the desktop market (You know, a kinder, gentler, Linux for the masses and in the process, saving the rest of us from premature hair greying). Please! I fear XP!
Never trust a bald barber; he has no respect for your hair
"Sourcerer" sounds like a cool name, but it looks like it's been taken.
There is a group out there that has been working on unifying the packaging system across all the *BSDs out there. Open Packages has already been working on this, and much of the work has been to implement something that sort of a cross between FreeBSD's ports system and Debian's apt.
At first I thought that this was an announcement of that, but now I know that this is a seperate project with different goals.
// file: mice.h
#include "frickin_lasers.h"
You dolt! It's the format that's portable, not the package itself. This was created so you can create packages of the same type using the same package management SOURCE on any platform. Not to mention, source packages could definitely be portable as long as the software being packaged had all that was needed for other OSes. It's not trying to do something magical, just practical.
--SuperBug
If you like choice so much, then understand that this is JUST another CHOICE. You've already chosen not to use this it sounds like to me, so there. You're done. Please move on.
--SuperBug
The question should actually be, "Why switch from .pkg?" (The .app extension is an application bundle, while .pkg is an installer archive.)
.tar.gz files (thus meaning the user doesn't have to be technically competent to install the program).
The answer is that if this standard package format were usable under Mac OS X as well, then it would increase the number of platforms a developer could distribute packages for using the same package system. Making that part easier for developers means Mac OS X users might get more software packages in an easy-to-use installer archive format rather than extracting from
Naked.
Mind you, using the RPM system is pretty self-defeating too.
TWW
"Encyclopedia" is to "Wikipedia" what "Library" is to "Some people at a bus stop"
Inquiring /. minds want to know.
--- Will in Seattle - What are you doing to fight the War?
Where you see multiple options, I see what are essentially forks.
Linux is a mess of different systems right now, and that is NOT a good thing. Competition makes things better, I completely agree. However, when you have to compete with your own side along with everyone else.. now that is a problem. Consider that most projects have a team of people who do nothing but build for the different distributions. Right now most projects put out individually packaged versions for:
Redhat 7.x - whatever redhat is at now
Mandrake 7.x - 8.x
Debian
Suse
It is not uncommon for a Linux user to have to choose between 20 or 30 different packages to get the one that is right for their system!
This is a problem of not having a standard. The fact that we have all of these distributions is a problem. The fact that we have two major desktop environments is a problem. All of this is a serious problem because the Linux world is split into lots of tiny factions competeing with each other for the already small number of Linux users out there.
All of this quickly frusturates a Linux newbie.. and all but a hearty few tuck tail and run back to Windows. The reason is simple. Without some standards in place, the entire Linux movement is hopeleslly duplicating a wide variety of projects and aims. I will not argue that this is poor allocation of resources, the open source world doesn't swing that way. I WILL argue, however, that it creates a rather twisted world for the Linux user. Simply because your machine boots a Linux Kernel does not mean that you are priviliged to all of the software that fashions itself as Linux compatible. A windows user can be fairly secure in the knowledge that they can and will be able to run just about anything out there. This is what I want for Linux.
This long winded response does need a disclaimer, however. I do beleive that some measure of competition is good... I see little danger in multiple distributions just as long as Linux in general can standardize on the important things (packaging and desktop for instance). When this has been discussed in the past everyone always said something to the effect of "Eventually the better technology will win out and that will become the standard"
Of course that hasn't (and will never) happened. In the major overlapping projects no clear winner has emerged, no standard has been produced. Instead the waters are as murky as ever and I can not see anything changing that. That leads linux advocates to make this competition is good!!! argument, and tucking away the repurcussions of that competition (a much higher barrier to entry) away..
Turn s60 photos into awesome videos with mScrapbook for all S60 3rd edition phones!
It's *good* that there is more than one way to do it. I'm glad that open source not only provides for the possibility of multiple approaches (the built-in allowances for forking), it has a long history of such.
.deb, and if someone was going to switch from RPM, why not switch TO deb and have a huge base of packages and tons of mirrors to choose from?
Choice is good, yes, but there comes a point where you have to realize that choice that creates incompatibilities is not really choice at all.
RedHat is still going to use RPMs, they won't switch to the new format. Neither will Debian. FreeBSD has ports already, and frankly, it's probably better than this option. OS X has apt, ports, AND its own package format, plus purchasable software.
Why do we need another option just to have another option? The only way to make it truly universal is to make it source, and that basically gives you FBSD.
Sure, maybe i'm totally wrong about what this new package system is like, but I don't really care. It's more confusion thrown into the mix, and yet another package format for people to support. It's not worth it. If people are going to duplicate effort, why can' they write software people will use and care about?
There's no reason for anyone to switch from
--Dan
Gentoo Linux (http://www.gentoo.org) is building a ports-like tree called Portage, based on Python rather than a mix of Makefiles and shell scripts. It combines the features of cvsup (actually, it just calls rsync; the command to update the portage tree is "emerge rsync"), make install (emerge blah.ebuild) and portinstall (emerge blah/blah). Soon, emerge will have the equivalent up portsupdate.
The system can install source, create bzip2'd tar packages, or, as an option. RPMs.
Stating on Slashdot that I like cheese since 1997.
You don't necessarily have to package anything to get dpkg to know about it. Simply use the "equivs" program: % apt-cache show equivs
...
.
... /usr/local, and use equivs to generate a fake deb telling the packaging system the foo library is installed, and thus all your dependencies will work.
Package: equivs
Description: Circumventing Debian package dependencies
This is a dummy package which can be used to create Debian
packages, which only contain dependency information.
This way, you can make the Debian package management
system believe that equivalents to packages on which other
packages do depend on are actually installed.
Thus, you can build something from source, install it in
On that note, though, I honestly prefer having dpkg and apt-get control all the software installed on my Debian systems. Binary package availibility in the "sid" distribution (or "unstable") is usually only a day or two behind releases of actual source. And for those who fear breakages in sid (which does happen from time to time), there is always the "testing" distribution of Debian, which does not include packages known to be bad by implementing a short waiting period and checking bug tracking systems -- and almost never breaks.
But of course the mods can't answer, and nobody appears to want to answer for them. How very unsatisfactory... perhaps /. needs meta-threads as well as meta-moderators?
Come on, if you're doing big patches, it's simple with even the simplest package managers.
#!/bin/bash
/sbin/upgradepkg patch1.tgz
/sbin/upgradepkg patch2.tgz
/sbin/upgradepkg patch3.tgz
(slackware as an example). Why doesn't everyone stop fighting about package managment, and go with something more simple?
RPM doesn't have what it takes to be a mainstream distribution format.
"And we have seen and do testify that the Father sent the Son to be the Savior of the World"
1 John 4:14
cross-platform RPM-based Unix software packaging.
crossplatform:
software, hardware> A term that describes a language, software application or hardware device that works on more than one system platform (e.g. Unix, Microsoft Windows, Macintosh). E.g. Netscape Navigator, Java.
Using buzzwords, is great and everything if you're a marketing droid, but lets try to be a little more precise among ourselves.
I'm not trying to belittle this accomplishment, and I'm sure it is quite valuable, although I personally would give up apt-get only at gun point and to call something crossplatform that only really ones on one 'platform' is silly.
Red Hat Packaging Method version 3 (the latest of which is 3.05) is the Linux Standard Base packaging system and has been some time now.
Debian supports the LSB in this manner via APT - I think that's a nasty solution, and will cause more long term plain tham implementing things like suggested dependencies (and different levels of suggestion), and some other minor things.
Issues like policy, task packages, and APT are already a reality on many RPM based Linux distributions, so I don't see the technical difference between them really being that great.
Of course, that won't stop the people who haven't used one or other system from complaining below that one or the other system doesn't do things it clearly has for a very long time.
if RPM had it's dependancies based on _files_ not other packages...then it would work so much nicer, especially with other package systems. My main complaint about RPM is that as soon as I install somthing (such as X, or a kernel) from source that a lot of things depend on, I have to "force" all packages that need it, cause i know i have it.
I mean, how hard is it to add a nightly cron task (similar to locate) that would make an inventory of your files/libraries that RPM could use for dependacy checks?
Also this would make RPM cooperate nicely with other package systems..The point is, RPM shouldnt care where the files came from, just that they are there.
apt is a general tool for managing dependencies meaning it works with RPMs, DEBs and whatever else you can imagine.