Petreley On Simplifying Software Installation for Linux

markcappel writes "RAM, bandwidth, and disk space are cheap while system administrator time is expensive. That's the basis for Nicholas Petreley's 3,250-word outline for making Linux software installation painless and cross-distro." The summary paragraph gives some hint as to why this isn't likely to happen anytime soon.

Word

"That's the basis for Nicholas Petreley's 3,250-word outline for making Linux software installation painless and cross-distro."

Was it necessary to include the word count? It's hard enough to get slashdotters to read a small article and post intelligently, this cant help...

Re:Word

The article is surprisingly dense for such a word count -- yet is easy to read.

Petreley is undoubtedly getting the grip of this "writing thing"... ;-)

Seriously, though, however smart and logical are his conclusions, one thing bothers me: the installation should be simplified but "right", too.

I mean, there are other objectives besides being easy.

Last week I tried to install Red Hat 8.0 on a Pentium 75Mhz with 32MB RAM (testing an old machine as X-terminals). It didn't work.
The installation froze at the first package -- glibc (it was a network installation) -- probably due to lack of memory (as evidenced by free et al.).

Why? It was a textmode installation. I know from past experience that older versions of Red Hat would install ok (I used to have smaller computers).

My suspect is that Red Hat has become too easy -- and bloated. Mind you, I opted for Red Hat instead of Slack or Debian because of my recent experiences, in which RH showed to recognize hardware better than others.

I hope Petreley's proposed simplification, when implemented, takes size into consideration. The way it is (using static libs, for instance), it seems the other way.

The article as a whole, though, present neat ideas and it's one of the best I've recently read.

Re:Word

It's unclear if you meant "It was a text mode installation" as reason for the failure or simply additional information, but nearly all shell installs open additional consoles for diagnostic and repair. One usually runs as a verbose display of the individual installation processes.

It's the reason I prefer a non-GUI installer. Next time it fails, try Alt-F2, 3, 4 and see if RedHat did the same.

Re:Word

[Libor+Vanek]

I'd suspect that you run out of memory when decompressing the RPM. Did you setup any swap?

Re:Word

I meant "textmode" as non-GUI, like you suggested. In fact, I initially saw no reason why a graphical install would consume much more memory than a non-GUI... Red Hat itself warned me, that as a consequence of the scarce memory, it would:
a) automatically change to a non-GUI installation and
b) activate my swap partition right from the start for immediate use.

Also, I did use other consoles (thats where I used the free command).

Maybe I was in fact unprepared to deal with the lack of memory.

Thanks for helping.

As a sidenote, I could have tested an older RH version, but time was a little pressing. I dropped all that in favour of floppy-based network booting.

Re:Word

[Wolfrider]

Two suggestions:

1. Upgrade your freakin' memory dude!! My P233MMX came with 32MB RAM back in 1995 - did I keep it that low? NO! I upgraded the thing first to 160MB, and just today brought it up to 256. RAM is *cheap* these days man!!!

2. Try Knoppix. knx-hdinstall should work in text mode just fine.

Re:Word

>> I'd suspect that you run out of memory when decompressing the RPM. Did you setup any swap?

Hmmm, it haven't ocurred to me. Probably you're on the right track.

Anyway, Red Hat itself informed me or asked permission to activate at once my 64MB swap partition (for a total of 96MB virtual RAM), instead of the usual activation after installation.

Thanx, pal.

Java

[RighteousFunby]

Yes it should be automated to install software, especially in the case of Java. Anybody wanting to run LimeWire has to download a 20MB file, then mess around in a terminal. Not good. Though Synaptic is close to full automation....

Re:Java

[BenTels0]

>>> especially in the case of Java

Indeed. Although why this should be true is beyond me -- the executable jar system is there for a reason. If only people would use it more regularly....

Re:Java

[ElGuapoGolf]

Well, no.

If you download the .bin file from LimeWire, and you're running one of them modern desktops, you can right click on the file, give it execute, then click it to run it.

A pain, you say? Probably. But it's nice to know stuff you download won't get executed unless you want it to.

Re:Java

I am not wearing my asbestos suit today, so I will post as AC. Ok, I'm an idiot. I haven't been able to get java to run in linux except when it comes with Netscape, and the newest Mandrake distro doesn't contain Netscape. (yes, I tried to download/install NS too.) I downloaded all the jar files and installed them according to instructions. It pretends like it's going to work, but never loads. Same with video players, from Xine to Real. I've gotta say, I'm real tired of fighting Linux everytime I want to install something. Seems like it rarely goes as easy as it should. I am left not knowing if I installed the software incorrectly or if there is some hardware compatitbility problem or ???. I agree that Linux will have a difficult time capturing the desktop market until the installation process is simplified and uniform. You shouldn't have to be a programmer to get Real player or java to work.

Re:Java

[RighteousFunby]

"You shouldn't have to be a programmer to get Real player or java to work."

Indeed, KDE-a DE with a very large user base, if not the largest, won't work AT ALL with RealPlayer in my experience....

Autopackage comes to mind

[Simon+(S2)]

Autopackage comes to mind.

from the site:
* Build packages that will install on many different distros
* Packages can be interactive
* Multiple front ends: best is automatically chosen so GUI users get a graphical front end, and command line users get a text based interface
* Multiple language support (both in tools and for your own packages)
* Automatically verifies and resolves dependancies no matter how the software was installed. This means you don't have to use autopackage for all your software, or even any of it, for packages to succesfully install.

Re:Autopackage comes to mind

[Blaine+Hilton]

That looks like a great project to work on, but right now its still very much in development work. Another possible solution for some situations is LTSP.

Need to create a mySQL table?

Re:Autopackage comes to mind

[spacefight]

Dude. Again, could you please move your goddamn spam into your sig? There is no relation between your webcalc URL and your made comment. thanks.

Re:Autopackage comes to mind

You're a freak.

Re:Autopackage comes to mind

[Mooncaller]

This appears to be a great project. The problem is that it is not optimised for something big like a full distribution. That means things like RPM are'nt going away any time soon. I don't think I like the idea of having some things installed via RPM and some by another method. I've managed to keep my heavily hacked SuSE 7.0 distro RPM pure with the exception of my kernle, which I see little point in packaging. Of course that means I am often building my own packages. The payoff is in having consistancy. On the other hand, using the distro specific packaging system for the base install and upgrades to that base, and a more generic system for add ons might not be such a bad idea. RPMs for one thing can be a real pain ... "You mean SuSE calls it this and Redhat calls it that?". Another point, as most distributions these days come with everything including the kitchen sink and a choice of five toilet seats, there are not a lot of large apps that will be added. Its large apps that benifit from the distro specific system.

Static linking problems

[digitalhermit]

Static linking might be useful as a workaround for the more esoteric distros, but it has its problems. For one, if you statically link your application then anytime there's a security fix or change to the linked library you'll need to recompile the application, not just upgrade the library. This would probably cost more in administration time than upgrading a single library since multiple applications may be dependent on the one library.

Re:Static linking problems

Exactly. Remember zlib?

Re:Static linking problems

[Ed+Avis]

Static linking is a seriously bad idea. Part of the job of a packager is to arrange the app so it doesn't include its own copies of packages but uses the standard ones available on the system (and states these dependencies explicitly, so the installer can resolve them automatically).

Take zlib as an example of a library that is commonly used. When a security hole was found in zlib a few months ago, dynamically linked packages can be fixed by replacing the zlib library. This is as it should be. But those that for some reason disdained to use the standard installed libz.so and insisted on static linking needed to be rebuilt and reinstalled.

(OK I have mostly just restated what the parent post said, so mod him up and not me.)

Quite apart from the stupidity of having ten different copies of the same library loaded into memory rather than sharing it between processes (and RAM may be cheap, but not cheap enough that you want to do this... consider also the CPU cache).

A similar problem applies to an app which includes copies of libraries in its own package. This is a bit like static linking in that it too means more work to update a library and higher disk/RAM usage.

Finally there is a philosophical issue. What right has FooEdit got to say that it needs libfred exactly version 1.823.281a3, and not only that exact version but the exact binary image included in the package? The app should be written to a published interface of the library and then work with whatever version is installed. If the interface provided by libfred changes, the new version should be installed with a different soname, that is libfred.so.2 rather than libfred.so.1. It's true that some libraries make backwards-incompatible changes without updating the sonames, but the answer then is to fix those libraries.

Re:Static linking problems

[Beliskner]

For one, if you statically link your application then anytime there's a security fix or change to the linked library you'll need to recompile the application,

Easily solved, all you have to do is,

1. Go the Bank and change $1 for 5000000 Indian Rupees
2. Hire 1000 Indian programmers with above currency
3. Tell the programmers to recompile all statically-inked applications with the new libraries
4. Hire unemployed American programmer for $20000 to translate the program from Hindi to English
5. Charge large corporations big $$$ for upgrading all their software
5. Profit!!! (Really)

Re:Static linking problems

[mattdm]

Seriously. On my BU Linux 3.0 (Red Hat 9-based) system, rpm -q --whatrequires libz.so.1|wc -l gives me 172. But that's not all: some of those things are libraries themselves -- kdelibs, for example. And what's worse, were everything statically linked, I couldn't use a simple command like rpm --whatrequries to find where the code is used. So I'd basically have to rebuild the whole distro to be safe. Yeah, *that* reduces administrator hassle.

Re:Static linking problems

[Speare]

<AOL>Me too.</AOL>

The malformed zlib attack comes to mind. There's several slightly different static copies in the kernel, nevermind the many static copies in an endless variety of programs. Red Hat Network was shitting errata for a week.

Re:Static linking problems

[Ed+Avis]

Hmm, the kernel has a good reason to statically link zlib but the applications? Red Hat could have made sure they were dynamically linked with zlib when packaging them. This would have reduced the number of errata they had to issue later on.

Re:Static linking problems

[i]

Why can't You "relink" ?
I'm working with mainframes (IBM) and here You never had to recompile any module just because a module has to be replaced. We just relink them.

Thomas

Re:Static linking problems

[Ed+Avis]

Why can't You "relink" ?

You could. If an application were distributed as a bunch of object files then you could relink it. Or if it statically linked with zlib because it had its own copy of zlib in the source tree, you could patch that zlib, type 'make' and effectively do a relink because all the non-zlib-related object files would be reused.

But much easier to build the apps with dynamic linking to start with. Then the program links with its libraries every time it starts, so you just need to replace the library in a central location and the job is done. (OK, restarting some running processes might be necessary if you want to start using the new library *right now*.)

Re:Static linking problems

Ok so when are we going to get libs that aren'd so screwed that apps that are looking for a older version BREAK when the new version is out?

how about making the programmers pull their hads out of their arses long enopugh to stop developing with glibc 9.887 pre alpla 4?

if you cant write your app with the current stalbe libs available in the LAST release of a distro then stop and leave it to a programmer that has real skills.

Re:Static linking problems

[dwillyson]

Nice try!
but 1$ -> 45 Indian Ruppes

So you wouldn't be able to hire 1000 Indian programmers with that exchange rate.

Also your racist comments show how little you know about Indian programmers some of who are big names in the American Computer Industry.

Also almost every Indian programmer is well versed with English language and most of them can understand/write better english than you, so you won't have to hire a crappy american undergrad to do the translation work.

Re:Static linking problems

[greenrd]

More to the point, "recompiling" against a changed implementation of an unchanged interface doesn't involve rewriting any code... just an rpm --rebuild or something.

Re:Static linking problems

[Beliskner]

Also your racist comments show how little you know about Indian programmers some of who are big names in the American Computer Industry

What's racist?

1. Go the Bank and change $1 for 5000000 Indian Rupees
Slightly exaggerated

2. Hire 1000 Indian programmers with above currency
Senior managers at HP sign off $1million invoices all the time, any expenditure less than $1million is not questioned.

3. Tell the programmers to recompile all statically-linked applications with the new libraries
Easy

4. Hire unemployed American programmer [oddtodd.com] for $20000 to translate the program from Hindi to English
Fair enough, with Indian programmers you don't need this step, I retract this particular statement.

5. Charge large corporations big $$$ for upgrading all their software
Or less $$$ than competing US corporations with US programmers paid $30000 for just one programmer.

5. Profit!!! (Really)
The CEO of Walmart is richer than Bill Gates, despite the fact the majority of his US workforce is living on charity and Government aid. Your taxpayer dollars are paying for Walmart's reduced salary, and therefore Walmart's profits. Walmart keeps its salaries low by requiring drug tests and by having patrolling managers who are under orders to stop employees talking (time theft) because "idle talk forms unions"

Re:Static linking problems

It's definitely a dilema. Static linking does leave you open to the bug/security fix not propagating down to every app that uses the code (do you even know what all the library dependencies are for your apps?). But dynamic linking leads to version incompatibility problems, where installing foo 2.7 breaks bar 3.1 by over-writing the library with a new one that's supposed to be compatible--but isn't. Sounds a lot like .dll hell, a place I've visited and never want to return to!

Gentoo

[Tyler+Eaves]

emerge

Doesn't get any simpler than that. Come back in a minute to 12 hours (Depending on the package), and *poof* new software. Ditto BSD ports.

Re:Gentoo

[sirius_bbr]

I tried it (gentoo) some time ago. After two weeks of frustration I moved back to debian.

For me it was more like
1. emerge
2 come back in 8 hours and then:
a. see whole bunch of compilation errors,
b. dependencies were not sorted out correct, so nothing works
c. combination of above

I specially liked (still do) the optimization potential (where debian is stuck at i386), but it didn't work for me.

Re:Gentoo

[bwalling]

Doesn't get any simpler than that

That's if you can get through the complexity of the install, which requires that you do everything yourself.

Re:Gentoo

[Tyler+Eaves]

The Gentoo doc is *VERY* good. I find it hard to beleive someone has trouble with it. Yes, it's doing it by hand, but it walks you through it step by step.

Re:Gentoo

Well its really pretty much flawless these days. For instance i'm running a developement kernel with Andrew Morton's patchset and i still don't know how to patch the kernel ;-p

Very stable even with stupid optimisation flags etc. Perhaps you should grab a live cd and try it again ;-)

Seriously 2.6 is going to be a bit special; especially for interactive performance and the 'wiggle' test. The future of linux is going in this direction as faster hardware will mean extremely short compile times - or just more bloat - oh well.

Re:Gentoo

[the+uNF+cola]

It's not that it's difficult to apply, just tedious. Assuming redhat, freebsd, windows and mac osx installers installed and setup how you like, the interfaces are a lot simpler than gentoo or debian's.

Re:Gentoo

[Ed+Avis]

Emerge is nothing special. 'rpm --rebuild whatever-1.2.3.src.rpm', come back in a few minutes and *poof* a freshly built package.

Although I will admit, you need to have the BuildRequires packages installed - rpm tells you if they're not, but won't download and install them automatically... some tool like urpmi or apt-rpm would be needed for that part.

But some of the problems another person mentioned with emerge can sometimes apply to rpm --rebuild too. That is, a package doesn't state its build dependencies fully, so you try to build it and it craps out for lack of some header file. The package's author should have specified the library used with a BuildRequires: line in the spec file, then this can be checked and reported friendly before the build starts.

Re:Gentoo

[KPU]

Assuming redhat, freebsd, windows and mac osx installers installed and setup how you like, the interfaces are a lot simpler than gentoo or debian's.
I have installed windows, redhat, and gentoo. Yes, windows and redhat have much prettier interfaces. However, I have spent countless hours trying to install windows and redhat because the install tried to do something I didn't want it to do and crashed.
Windows 2000: the box has IDE and SCSI drives. I wanted windows on the SCSI drive as C. I had to take the IDE drive out to get it to let me. I don't even know where to start installing windows 2000 on a box without a CD-ROM drive.
RedHat: Anybody ever try installing RedHat onto a new box using ReiserFS and network install when the card is listed but the module won't load? I gave up and installed a CD-ROM drive.
Gentoo's install does take a long time but I never had these problems. When I was selecting where to install, I just used /dev/sda* instead. Machine doesn't have a CD-ROM drive or network isn't supported? I made a nfsroot kernel, mounted root from another one of my gentoo boxes, and did the install from there.
Slackware has a similar install procedure (all console) but it doesn't compile everything like gentoo.
So the point is, "Assuming redhat, freebsd, windows and mac osx installers installed and setup how you like" is a very big assumption.

Re:Gentoo

Yes it does: apt-get install.

And if you think that you're getting a really optimized system because you're compiling everything, allow me to disavow you of that notion. GCC has not come very far in this arena, and an executable for a certain architecture will be the same no matter what machine it's compiled on. You're just doing extra work because you like to be 31337.

Congratulations. You wait 12 hours for something that installs in 10 minutes for me, and we both operate at the same speed.

Re:Gentoo

[Tony+Hoyle]

Firstly, when gentoo boots you have to wing it to work out how to get online to read the damned thing. Then it tells you to set your USE variables, with *no* documentation about what any of them do (not that it matters, half of the packages ignore them anyway). I also found several factual errors in it (for example stating that files are on the CD that aren't there).

emerge doesn't pick the latest versions of stuff either... you end up installing from source anyway. eg. I need the kerberos enabled ssh to work with my network. I had krb5 in my USE but it didn't build with kerberos. It also built an out of date version. I had to manually go in to the package directory and force it to build the latest version (which emerge insisted didn't exist).. which still didn't build with kerberos, so I gave up on it and ftp'd a prebuilt one from a debian machine.

Also the dependencies suck rocks. I wanted to build a minimal setup and get it working, so I decided to install links. Bad move. It pulled in svgalib (??), most of X and about a million fonts - for a *text mode* browser.

12 hours is also a bit optimistic - On a dual processor machine I had it building for 3 days.. and at the end half the stuff didn't work anyway. Luckily I can get a debian install on in 20 minutes with a following wind, so I got my machine back without much hassle.

Re:Gentoo

[the+uNF+cola]

But that's not the point. The point is, the interface, not the process behind the interface, needs to be intuitive.

I remember back in the BBS days, it took me an hour or too to realize that...

Continue (Y/n):

Meant Y was the default. Not that Gentoo does or doesn't do it. But it's guilty of the same thing OpenBSD does. The interface is very VERY simple. Just not intuitive.

For the general case, win2k and redhat have intuitive install interfaces. Skip the actual working or not working of some driver or some odd setup. It's the clicking of the buttons and the finishing of the process. You can't very well understand what you are doing if the interface is unusable.

Look at DOS. Dos was a very simple interface except for one facet. It used drive letters. Other than that small hurdle, you were fine. That's the problem gentoo has as well. /dev/sda, to someone who doesn't understand taht a / is a file seperator, /dev is where your devices are and sda is where your scsi (I'm not a linu dude, i might be wrong) is a scsi device is a small hurdle as well. But for Gentoo, it's not the only small hurdle. Things like emerge and what to do if a package doesn't compile properly is another. I've had it happen. Just re- emerge.

Linux and *BSD are great under the hood. Quite stable. I'm not a windows user other than at work, and I'm not fond of it. But if your interfaces suck, how can you get anything done?

Re:Gentoo

[brad-x]

PEBKAC

Re:Gentoo

[brad-x]

This is typically a result of a technique known as 'skimming the documentation' and 'thinking you know how to do it yourself'.

People are too quick to blame the distribution (any distribution, even Debian) when something goes wrong.</rant>

Re:Gentoo

[subzerohen]

Ah, so you are running XFree 4.3.0 and a vanilla 2.4.20 kernel and ALSA 0.9.0rc6?

I could care less about the optimizations. That is not why I use Gentoo.

I don't know how good apt-get is since I have never actually managed to install Debian "Sorry, Debian is not perfect." I'll take bash over dselect any day.

Re:Gentoo

well you do see the gentoo zealots say on the net all the time that it's as simple as 'emerge whatever'

Re:Gentoo

so this is the legendary Gentoo community's helpful response? You did nothing to refute this person's problems.

Re:Gentoo

[rtaylor]

Yeah.. FreeBSD ports used to have a ton of compile issues as well. Thats been fixed through various compile farms configured in standard ways on various code lines. (Sparc, IA64, Alpha, i386 on both -CURRENT and -STABLE where applicable).

There are also some post commit tests that will rebuild the port with every change.

I've not run into a compile issue since -- but I also don't install anything by hand.

Re:Gentoo

[ichimunki]

Yeah. Ok. You just keep telling yourself that.

What I know is that Gentoo is perma-beta software. When the hell are they going to stop putting updates in the main release and make it possible to get security-only updates as a default?

The other day I did an emerge -u world and an application I'd just installed the day before broke. With an error message that my current version of the nvidia drivers wasn't current enough, which they were, no less.

And this is common. My entire KDE system broke. And kept getting more and more broken over time. dvd::rip also has gotten more broken over time. Not that I want to see Gentoo go as far off the stability deep-end as Debian (where your stable machines are usually running software that was released forever ago). But it would be nice to be able to filter all non-security updates, on the "if it ain't broke don't fix it" principle.

Re:Gentoo

[NightHwk1]

you should try using "emerge -p" next time, so you know what is going to be installed.
also, the -v option will list the USE variables that a certain package accepts. (and which ones are being used)

if you want to build a package that isn't marked stable by the gentoo team, you need to set ACCEPT_KEYWORDS="~x86" first. I know, I know, this is an area of gentoo that needs a lot of work.

Re:Gentoo

[Ed+Avis]

Also the dependencies suck rocks. I wanted to build a minimal setup and get it working, so I decided to install links. Bad move. It pulled in svgalib (??), most of X and about a million fonts - for a *text mode* browser.

Hmm, this seems to ignore one of the big advantages of an always-build-from-source distribution. If you were using Debian or RedHat and the links package required svgalib, I'd think 'fair enough: it was probably built with the svgalib drivers'. But if you are building from source there should be the choice of using svgalib or not.

Compile-time feature choices aren't handled very well by most package managers. The usual approach is to turn on every possible feature, but this leads to some odd dependencies as you observed (on my Slackware box I needed to install the Enlightenment sound daemon to get gdm working). Maybe a better approach would be to split the features into pseudo-packages. Something like:

% inst links
[builds and installs links with minimal features]
% inst links-svga
[rebuilds links with svgalib support and installs that - also installs svgalib if needed]
% inst links-x11
[ditto for X11 support]
% uninst links-svga
[turns off svgalib support and rebuilds links yet again, so now it has X11 support but no svga]

Alternatively the links package could be split into a bunch of libraries (links_svgalib_driver.so, etc etc) which it checks for at run time. Then the links-svga package would contain that library. But this approach requires changes to the application.

Re:Gentoo

[antiMStroll]

Not what I remember. The install docs are on the CD. Alt-F2 to open a second console, then 'less README.TXT' or 'less README' to view the instructions. The last Gentoo install I did was 1.2, so this may have changed.

Correct, emerge doesn't automatically pick 'the latest stuff'. Which distro does? The true route to madness for any distro designer is to insure all the default installs are cutting edge. Forcing a higher version is simple, use 'emerge explicit-path-to-ebuild'. Typing 'emerge icewm' builds the default, tested and solid verion, 'emerge /usr/portage/x11-wm/icewm/icewm.x.x.x.ebuild' builds whichever one you chose. There are other methods as well. On the other hand, if an exploit is found a new ebuild for the package is up almost immediately.

Regarding svga lib, Gentoo has a large number of default build parameters in /etc/make.profile/make.defaults, one of them being svga support. Links with svga support is awesome, and what I'm using to post right now (links -g). To remove it, add -svga to your USE variables in /etc/make.conf . I always do 'emerge --pretend packagename' before an emerge to see what will be installed.

Lastly, something doesn't jibe between your claim of aiming for a minimal install and a 3 day compile. My 192 meg P2-366 notebook took an evening. KDE and OpenOffice (the latter if compiled from source, instant-install binary versions are also available) are reputed to take days on slower machines.

While the Gentoo install and USE variable configs are complicated and well beyond the capabilities of new users, post-installation upkeep is a dream. It's a hard-core distro more suited to geeks and business environments. Sounds to me as if you simply didn't know enough going in.

Re:Gentoo

I'll take bash over dselect any day.

As will anyone who actually uses Debian. They all use Aptitude, or no front-end at all.

Ah, so you are running XFree 4.3.0 and a vanilla 2.4.20 kernel and ALSA 0.9.0rc6?

No, and my uptime is in measured in eons. I could care less about version numbers. That is not why I use Debian.

Re:Gentoo

[subzerohen]

As will anyone who actually uses Debian. They all use Aptitude, or no front-end at all.

Then why does the installer throw you into dselect?

No, and my uptime is in measured in eons.

Why would I care about uptime for my desktop machine?

I could care less about version numbers. That is not why I use Debian.

Well I care about getting my soundcard to work with ALSA on my integrated vt8233 soundcard. To do this I have to use a newer version of ALSA. Sometimes version numbers actually have significance.

Re:Gentoo

[matvei]

I specially liked (still do) the optimization potential (where debian is stuck at i386), but it didn't work for me.

You can do `apt-get source somepackage` and compile your own packages for the stuff that you really want to compile in a certain way.

Re:Gentoo

alias emerge="CFLAGS='-O3 -march=i686 -mcpu=i686' apt-get -b source "

is a stupid hack that might half-work.

'apt-get build-dep whatever' first could help.

or just find someone who's done all the work already:

Package: apt-build
Description: Frontend to apt to build, optimize and install packages
This is an apt-get front-end for compiling software optimized
for your architecture by creating a local repository with built packages.
It can manage system upgrade too.

Re:Gentoo

[tempest303]

I have just one thing to say to this:

It's time to try The Amazing Gentoo-Linux-Zealot Translate-o-matic!

Re:Gentoo

[axxackall]

When the hell are they going to stop putting updates in the main release and make it possible to get security-only updates as a default?

Immidiately after having on of two conditions:

1. open-source developers will stop develop (aside of security patches);
2. linux users will stop demand new versions (and be happy with only security updates);

Until then you, personally, are free to stick to Redhat-5.2 or Debian or any of BSD.

Gentoo is for user who want to keep up-to date. In fact the success of Gentoo is in satisfaction of user demands to have up-to date software.

BTW, while mnay developers support old versions with security patches, the other many developers fix security bugs in next functional releases. Therefore, you have many chances to end-up to the decision like "to upgrade or not?" even if you motivation is limited to security updates. But once you decide to upgrade - you've got dependency problems. And it's up to you to trace them manually or in Portage.

One of common mistakes, when comparing Linux (or other OSS) distros, is to forget that the distro is integrating software from various 3rd parties. In case of OSS, each party may have own rules and discipline about updates and patches.

---

There are 3 kinds of people, those who can count and those who cannot.

Re:Gentoo

[samhalliday]

the optimisation really only comes in to play if the whole system has been optimised for a particular host. often just changing gcc to a more modern version is enough; changing i386 even to pentium4 with mmx/sse/sse2 has not given me much of a performance increase for everyday use (except in numerical code), but gcc-3.2 (on LFS) was resposible for insane speedups over my old mandrake!

Re:Gentoo

[Unregistered]

just for the record i havne't had a build fail on gentoo in several months.

Re:Gentoo

[Unregistered]

Firstly, when gentoo boots you have to wing it to work out how to get online to read the damned thing. Then it tells you to set your USE variables, with *no* documentation about what any of them do (not that it matters, half of the packages ignore them anyway). I also found several factual errors in it (for example stating that files are on the CD that aren't there).

They make these cool things called printers. You can get one at comp use. it allows you to put documents and web pages on paper. They've been around a while you may want to consider getting one. They even work in linux.

emerge doesn't pick the latest versions of stuff either... you end up installing from source anyway. eg. I need the kerberos enabled ssh to work with my network. I had krb5 in my USE but it didn't build with kerberos. It also built an out of date version. I had to manually go in to the package directory and force it to build the latest version (which emerge insisted didn't exist).. which still didn't build with kerberos, so I gave up on it and ftp'd a prebuilt one from a debian machine.

ACCEPT_KEYWORDS="~x86" this lets you build the latest version in portage. Also if you rename the ebuild to a version not in portage, it'll build it. Had you read the doc, posted to the forums, etc you'd know this. SSH not using USE="krb5" admittadly isn't good, but you can actually get around that pretty easily. As you're not up to using gentoo i won't post specifics, but it's not that hard.

Also the dependencies suck rocks. I wanted to build a minimal setup and get it working, so I decided to install links. Bad move. It pulled in svgalib (??), most of X and about a million fonts - for a *text mode* browser.

I assume you have USE="X svga" and others (they're defaults a default so you'd need to manually turn them off.) Once again read the docs before flaming.

12 hours is also a bit optimistic - On a dual processor machine I had it building for 3 days.. and at the end half the stuff didn't work anyway. Luckily I can get a debian install on in 20 minutes with a following wind, so I got my machine back without much hassle.

Unltss you were building everything known to man, that's a BS time. I've build a gentoo system (w/ X, flux, phoenix-cvs, xmms, gaim, and abiword) in 8 hours on a k6-2 333mkz compaq laptop, so this is an outright lie.

Abviously gentoo is not for you, but if you'd read the docs and made use of the available support before falming, you, yes even you, could have gotten it working.

Re:Gentoo

[ichimunki]

You're not even listening to me. I love being on the cutting edge. But how is it that when I'm updating Gentoo it goes from working software to completely fucked. I gave three examples of software that was fine before "upgrading" that broke as a result of the upgrade. That's not an upgrade. I can do a better job of keeping up-to-date than that by just maintaining everything by hand. How hard would it be for Gentoo to have some way to tag certain updates as security-related and others as simply improvements? And then maybe a way to defer any or all non-security updates for when I have the time to deal with all the broken packages that have seemed to result from each and every emerge -u world I've run? I think they're moving in that direction, actually... so maybe I'll just chime in somewhere appropriate with this sentiment.

Re:Gentoo

[axxackall]

Gentoo leaves you a choice of keeping your system stable or keeping the bleeding edge. If you have stable flags and keyword settings than any instability would be so rare that many gentoo developers will be eager to see why it fails on updates. My observation of my own experience and also of what I see on forums and bugzilla is that in 99% of cases when upgrade is screewd up is b/c the user has installed (or reconfigured) the system to accept risky versions and unstable flags.

Having said that I'd like to add that this comment is not a RTFM, I just try to explain the real situation.

Re:Gentoo

[fferreres]

Gentoo is not easy to a newby, and dependecies while most of the time work right, some times they do not. For instance, when I tried my first (and only) gentoo install, emerge gnome2 would require certain library that was masqued. As a result, nothing worked (yes, I needed a GUI, because I wanted a desktop machine not a server), a specific media library dependency could not be satisfied and that was it.

Skimming though documentation did not help, I just forced the system to install the latest version of the library and edited all the ebuilds that would require such dependency (that was already satistied, but not exactly the ultra-minor revision number that was deprecated).

So no, the techinique you are refering is not the only source of programs when you are using gentoo. I am not blaming gentoo, I really like gentoo, but if you are building from a ports based system, even them most minute error could halt your progress and make you say "what the hell, Red Hat just works...gentoo is too difficult"...

Re:Gentoo

[ichimunki]

I know about the ~arch keyword. I don't think I had that or anything else set that should have put me into unstable territory. I don't recall doing anything that would have interfered with my KDE upgrade. And I'm not a newbie-- either to Linux or Gentoo. Generally I can solve the problems I have. But what I'd like is even more control over what gets updated and what doesn't and why. I suppose I could do emerge -p -u world, check the package list against the security updates to find matches, and then emerge inject anything that I don't really want to update, but that could create real problems later if one of those packages is a dependency for something else. So maybe I just follow the security updates list and never do emerge -u world, instead only updating packages with security updates.

So I will reread the portage docs (again), but I don't think there's an answer in there. Which is why I'm whining here (and please note that I'm the only one whining in this Gentoo thread who actually uses Gentoo and has pointed out real problems with the system). I want to have more control over what gets updated, when and why. It would be nice if there were an emerge switch or a USE keyword that one could use to pick up just the security updates or to intelligently defer some updates. Like so I can not update some packages until another package I do want to update needs that first package updated.

Perhaps it's time for me to give back to Gentoo by participating more fully in Bugzilla and the forums. And maybe I can bribe developers to fix my favorite problems and/or implement some of these ideas. I do get the sense they're working in this direction anyway, which is part of why I've decided to stick with Gentoo for the time being.

Re:Gentoo

[ichimunki]

So just to prove that I did my homework: you can "pin" a version by editing the world file and doing a = before the package name. But I'll have to see how this works out in terms of not causing problems with the dependency tree.

Fallback

Place user applications in their own directories

This single rule alone would eliminate most of the problems. It enables fallback to manual package management, it resolves library conflicts, it avoids stale files after uninstallation and it prevents damaging the system which can be caused by overwriting files during installation and subsequently removing files during uninstallation.

Re:Fallback

You mean, do things the Apple way.

Re:Fallback

Yes, that's what Apple does, plus they hide the directory-contents from the GUI users: The directory IS the application. But I don't care if this is what Apple does. It's a good idea and it would still be a good idea if Apple were not doing it this way.

Re:Fallback

[straycheck]

Use --prefix. It has been a standard configure option for a *long* time. Smart people already do this. Wake up, RedHat et. al. ... The /opt structure even shows up in the FHS.

Re:Fallback

[Malcontent]

I have been reading a lot of these threads, please complain but the answer is already out there. Have you looked at encap?. The macosx/stepwise platforms are also excellant systems, and of course there is always the debian system.

The problem has already been solved it's just that the big players refuse to use them.

Re:Fallback

Agreed. Applications and subsystems are naturally modular, so it makes sense to maintain that modularity throughout deployment.

I began looking at this issue in 1988, as part of a site unification exercise involving a number of research groups which each managed their own file services to a common user community. This was a heterogenous environment consisting of Solaris, IRIX, HP-UX, 4.4 BSD, Apollo, and MacOS servers and clients.

By 1993 we had enough experience to be able to claim a general solution -- that is, one which was suitable for 100% of the application software and 100% of the client platforms in use over the period -- using a hybrid of the "Berkeley" and "System V" directory models.

By the "Berkeley" model, I mean a generalization of /usr/local in which applications external to the operating system distribution are installed in some common, possibly nonlocal, directory tree. The "System V" model is a generalization of /opt in which each application gets its own, possibly nonlocal, directory tree. In our environment, there might be several directory trees of either sort administered by different research groups.

It turned out to be significantly easier to administer this kind of infrastructure when each application was installed in its own directory. This is because critical properties such as version management, interdependencies, and platform transparency could all be made explicit.

Moreover, for those users who preferred it, we could deliver the simplicity of a "Berkeley" style common directory tree merely by creating symbolic links to the "System V" installed applications. The converse, being expressively much less general, does not hold.

I've continued to use this model in a variety of sites. After 15 years of practical experience, I have not encountered a single case where it was not sufficient. That said, I would sincerely welcome knowing of one. Not only do I not personally want to find myself defending a flawed model, I think that none of us do. We want to stand behind solutions that work universally.

I'd also like to direct these comments at developers who are distributing software in RPM or System V package formats. Do not assume, as so many of you evidently do, that your software is going to be installed in /usr. That is extremely naive. You can only get away with that assumption on systems which are (1) isolated and (2) mismanaged. Well managed systems will, at minimum, separate the operating system distribution from both the application set and user filespace. Integrated systems will of course have resources in common.

Exactly how this is done varies from one site to another. You can't predict what form that will take, but you can easily make sure that your software is relocatable. It requires a little forethought to realize that your software might not only be run on isolated systems. Take that as a compliment, and write your distributions for general deployment. It's not hard, but only you can do it!

Re:Fallback

[fferreres]

What if you application may be used by some other application? You need a registry or something? You are switching hells...how are programs supposed to find the binaries? Put everything into the path?

I think a nice solution would be the already invented filesystem with arbitrary attributes. Like if it was a database. So you have the filesystem view, but you also have "packages view". You could for instance (example only) mount /packages, and everything would be arranged in categories by default, and as you entered dirs, you'd be inside specific packages (collections of sofware, be it docs, applications, etc.) and inside there you would find specific revisions. Or you could just make a GUI version to browse that intuitively. I mean, everything should be labeled and possibly versioned. Even text files. It should be easy to use...

I don't know, it should be too clutered or strict that it gets in your way, an easy interface to manage the extra info should not be a problem. And, for instance, every distro should have information and the power to know what's in the system without having to issue -v, --version -V and the endless list of varing names just to know the version of a library/binary.

software reliability == complex install process???

[stonebeat.org]

I have noticed that installation complexity is directly propotional to the reliability of the software.

If a software is extremely complex to install, one can safely assume it is reliable :)

If a software is easy to install, it is not reliable. for e.g. MS products.

But seriously I dont think applications are complex to install, it is just that a learning curve is involved in doing anything.

General bad attitude towards anything easy

[Microlith]

The first obstacle to overcome is the bad attitude many linux users have that if something is easy to install, or easy to use, it is therefore bad.

As I see it, many would like to keep the learning curve very, very steep and high to maintain their exclusivity and "leetness" if you will.

For instance, the post above mine displays the ignorant attitude that "easy to install" by definition equals "unstable software" and has only a jab at MS to cite as a reference.

That's truly sad (though that may just be a symptom of being a slashdot reader.)

As I see it, not everyone finds: ./configure
make
make install

to be intuitive, much less easy, never mind what happens if you get compiler errors, or your build environment isn't the one the package wants *cough*mplayer*cough*, or if you even have said development environment.

Nor does it mean the software is any more stable. Could be just as shitty. _That_ is a matter of the developer of the program, not the install process.

Re:General bad attitude towards anything easy

[Ed+Avis]

'./configure && make install' is not an installation process. It's the first stage in building some sources and making them into a package such as an RPM, Debian package or Slackware .tgz. Then you use your system's package manager to install, and it tracks where the files go so you can easily uninstall later.

People who want to change the build process to make 'installation' easier are barking up the wrong tree. Building the software from source is something that the packager should do, or at least the package manager (rpm, dpkg, Gentoo's emerge) should encapsulate that step in a single 'build' command. Installation means installing the resulting package on your system, keeping track of its dependencies automatically, adding the application to system menus and so on.

True, someone has to do the initial job of making a source package, recipe or spec file. But that is only once per distro or once between fairly similar distros.

Re:General bad attitude towards anything easy

[mattdm]

The first obstacle to overcome is the bad attitude many linux users have that if something is easy to install, or easy to use, it is therefore bad.

Where are these theoretical more-leet-than-thou users? Ok, maybe a few hanging out on IRC channels, but in general, this is a ridiculous myth. Linux users want easy-to-use as much as anyone. However, in general, we don't want to sacrifice ease of use for advanced users just for a questionable gain in ease of use for new folks. I can see how someone in frustration might characterize this attitude as being roughly what you claim, but it's not really fair.

The problem is that many people who are all excited about their new innovative ease-of-use idea are really just dumbing-down the application, and when it comes time to do something more advanced, they'll find themselves reinventing the wheel, probably poorly. Of course there's a pushback against that, but I think you'll find that ease-of-use ideas that are truly improvements across the board are very widely and quickly adopted.

Re:General bad attitude towards anything easy

I'm pretty sure I wouldn't say that Linux is good on the desktop because its [sic] pure bullshit. In fact, most people don't want bullshit on their desktops, so that makes a fairly weak argument.

Re:General bad attitude towards anything easy

[BHearsum]

Who the fuck said I wanted to compete with anybody? I don't give a shit if Joe Schmo down the street can use Linux.

Re:General bad attitude towards anything easy

[samhalliday]

./configure

make

make install

is not JUST a GNU/Linux installion method, that is why it is not completley intuitive to everyone... the "configure" part is cross platform, setting up everything for any variation of UNIX or even for apple/M$ in certain cases.

IMHO GNU did a great job of creating this wonderful "configure make install" method for cross platform compilation, and compilation of programs really would be easy if authors just stuck to this technique instead of writing their own totally weird compilation methods. we do not need a new installion method... we just need authors to stick to the already existing standards!

besides, to most end users, they will only see RPM/DEB files, and lets face it... they are trivial to install; if a program isnt compiled on your version of redhat/mandrake or whatever, just issue an `rpm --rebuild ` and it'll build the file for you. with `man rpm` at hand, you cant get any more intuitive than that. your vendor will even set up galeon/konqueror/mozzy to load the package management tool when you click to download an RPM/DEB file. this article is looking for answers in all the wrong places...

Re:General bad attitude towards anything easy

[antiMStroll]

Microlith, could you do us all the honour of pointing out one of these 'bad attitude' linux users? The post above yours was tongue-in-cheek, doesn't count. It was humour. That's why the last line begins "But seriously..." and it's modded 'Funny'. How many hints do you need? :P

Regarding ease of installation, how's 'emerge packagname' do? Maybe FreeBSD's 'add_pkg -r packagename'? Both find the software on the Internet, download and install it while I'm watching cartoons. No need to even get out of my jammies and drive to CompuWorld.

Sounds like you need to step away from the computer and watch some cartoons too.

Re:General bad attitude towards anything easy

[shellbeach]

As I see it, many would like to keep the learning curve very, very steep and high to maintain their exclusivity and "leetness" if you will.

No, I think it's more like "if it works for me, that's good enough" in many situations. Nobody's paying opensource programmers to make things nice and user friendly, after all!!

No, please

[Yag]

Thats the reason windows servers are more vulnerable to attacks, because they give you the idea that its easy to mantain them... Its the same thing saying that you dont need any pilot on an airplane (and that you can put there anyone) if you make a good autopilot engine... We need more knowledge in system administration, not more automatisms.

Re:No, please

The problem is twofold: First, many installation procedures are unnecessarily complicated. Even if you know exactly what you're doing as an admin, having an application scattered over the whole filesystem is an unnecessary burden if only one user or the system is going to use it. Second, non-admins are using computers too, and even though you can't hide all complexity from the user, the installation procedure should include enough information and guidance, so that an interested user does not wreck his system. And still, many applications are not designed to reduce installation complexity as far as possible. The job isn't done when the program works. An installation procedure without unnecessary complexity is part of usability and must not be omitted.

Re:No, please

[bogie]

So you would deny the use of free software only to those who are experts with their OS?

I say this as a longtime linux user and booster, if installing sofware on Windows was one-tenth as hard as it often is on Linux then everyone would be using Macs.

Ease of use really should be the ultimate goal with all appliances and software. Would it really be some benefit if cars were twice as difficult to use?

To take your example, Windows servers are not more vulnerable because they are easier to use, they are/were more vulnerable because MS shipped its OS with dumbass defaults. Make the same OS even easier to use and setup, but make more sane security choices and its even MORE secure while being easier to maintain.

Re:No, please

[evilviper]

I can't agree with that. There are lots of programs that could add one or two features, and simply no longer require so much human work... XF86 comes to mind immediately.

But, I have to say this article was so far off the mark that it's funny. `Let's take all the ideas from Windows of what an installation package should be, and apply them to Unix.' No, I think not.

RANT:
I dare say the biggest problem is that everyone is going the wrong direction. RPM is the standard, yet it sucks. Binary packages sepearate the `devel' portions into another package, making the system fail miserably if you ever need no compile software. It has piss-poor depend management. Instead of checking if a library is installed, it checks if another RPM has been installed. If it has been installed, it assumes the library is there. If it isn't installed, it assumes the library isn't there... Crazy! To have an RPM depend on a library I've compiled, I have to install the RPM of the library, then compile and install my own over the top of the RPM's files. RPM is like the government system of package management. You have to do everything their way, or it won't let you do anything at all.

I liked Slackware's simplistic packages more than anything else. At least there I could just install the package, and it wouldn't give me shit about dependencies. If I didn't install the dependencies, I got an error message, but it wouldn't refuse to install or try to install something for me automatically. I can take care of the dependencies any way I want. RPMs are supposed to save you time, but instead, because of it's dependency management, it used up far more of my time trying to deal with it's quirks, than it could have *possibly* saved me.

Another thing I find annoying is that there is only one version available. You can only get a package compiled without support for XYZ... Well that's fine if I don't have XYZ, but what if I do? I like the ports system, although it does some things automatically that I don't like (I would rather it asked me), it doesn't step on your toes much at all, it gives you all the customizability you could want (and only if you want it), and it's much simpler and faster than untaring and configure/make-ing everything.

Re:No, please

[Ed+Avis]

You think RPM should grovel around in the filesystem to see whether a library is installed? Well, it's possible, but what happens when you want to remove that library or perhaps install it in a different place (/opt versus /usr/local, or whatever)? Should RPM re-scan the filesystem every 24 hours to check that random files which are depended on by packages are still there and haven't moved? It is surely saner to have the library itself under package management as well.

I see your point - RPM and other package managers are something of a bondage-and-discipline, all-or-nothing system. RPM is rather awkward to use when you want to have a mixture of automatically and manually installed files. But there is always the --force option if you wish to ignore its warnings, install anyway and check the dependencies yourself: it is no worse than unpacking a binary tarball into /usr/local/, anyway. And if you do choose to go the 'RPM way', the dependency tracking can be very useful, particularly for automated or unattended package installation.

Part of your post seems like the common error of blaming the messenger. RPM is telling you that some dependencies are needed: if you choose to ignore it, that's up to you. But using a different means to install packages doesn't make the dependencies go away.

(On Slackware, for example, I installed gdm and it didn't work. I had to install gnome-libs, which is reasonable, and then a whole bunch of other stuff including sound support (on a machine with no soundcard). And I had to find these packages by hand, because the installer gave no help in tracking what libraries were needed by gdm. Personally, I'd rather let the machine do some of the work and catch these problems early, rather than installing a package which then turns out to be broken.)

On the 'only one version' - yes, a problem, but one that's common to most binary-package systems, even Slackware's .tgz. Ports and compiling from source are one way to give more flexibility, but you can also make your own custom spec files for RPM packages fairly easily and build your own RPMs from source. (Whether this is worth the effort depends on whether you have a single machine or a whole network to update, and whether you want to use RPM to track installations or just install manually.)

Re:No, please

[agurkan]

Would it really be some benefit if cars were twice as difficult to use?
I know this is not your point but, you picked the wrong example. Yes! It would be better if cars were twice difficult to use. I would feel more comfortable riding my bike if I knew it really required a skill to get a driver's license in Illinois.

Re:No, please

[evilviper]

You think RPM should grovel around in the filesystem to see whether a library is installed?

Grovel? Even a simple configure script can easilly check if a library is available.

what happens when you want to remove that library or perhaps install it in a different place (/opt versus /usr/local, or whatever)? Should RPM re-scan the filesystem every 24 hours to check that random files which are depended on by packages are still there and haven't moved?

If you move the files for a library, it should work just like a library... ldconfig handles that part like normal. Why would RPM check every 24 hours anyhow? If you installed the library, then a program that depends on that library, both from RPM, RPM would only check up on the dependencies during package installation.

But there is always the --force option if you wish to ignore its warnings, install anyway and check the dependencies yourself: it is no worse than unpacking a binary tarball into /usr/local/, anyway.

Actually, you want the --nodeps option. However, it IS worse than a dumb binary tarball... It's been quite some time since I've used RPM, so I can't recall specifics, but I can tell you that I've had oh so many problems trying to do things that way. RPM is just painful.

Part of your post seems like the common error of blaming the messenger.

I can assure you, I've had very serious problems trying to mix RPMs and source, and sometimes, just a full RPM system can reject the RPMs you try to install. Anyone who has experienced these problems more recently than I have, feel free to post what problems you've had.

I had to find these packages by hand, because the installer gave no help in tracking what libraries were needed by gdm.

That's not the job of the packager. You can always just do an ldd gdm and get a nice list of the libraries it depends on.

On the 'only one version' - yes, a problem, but one that's common to most binary-package systems

I was just stating my preference there. Not another jab at RPM or anything.

In case it isn't obvious, I've been around Unix systems for some time, and know them incredibly well. I've had a couple years of experience with RPM-based systems, so this isn't just some newbie problem, such as I don't know how to use RPMs properly.

Re:No, please

That's a huge confusion you're making right there. RPM does not check dependencies on other *packages*, it checks dependencies on *resources*. Packages happen to be a class of resources, but you can also have libraries and versions of libraries as resources (libstdc++.so.3, provided by libstdc++-something.rpm), or simply abstract resources (kernel-drm, provided by kernel-.rpm). Check some packages on rpmfind.net to find what provides and requires look like.

So package writers can check on installed libraries and list specific libraries in their "provides". You can't blame RPM for some of them not doing that properly.

I'm sick of all the RPM bashing from people who obviously haven't used RPM a lot. RPM is as good as any, it's how you use it that matters. And automatic dependency resolving should be a function of another layer, eg. apt-rpm or red-carpet, not the package manager itself -- once you do auto deps you need online / on-CD repositories and it begins to get quite a bit more complicated.

Re:No, please

[Ed+Avis]

Even a simple configure script can easilly check if a library is available.

True, I guess. But as you know, most configure scripts (especially autoconf ones) do all sorts of devious and complex things to look for libraries. That stuff has its place, but for package installation it seems cleaner to keep track of everything that is installed, and then you can quickly give a yes or no answer to 'is libfoo installed?'. I imagine that if managing a mixed RPM / hand-rolled system had been an explicit design goal of RPM or other package manager, it might have some way of checking these things.

Hang on a minute - ISTR that RPM _does_ have some way to check library dependencies based on filename and not on package name. So you can say 'I require libfoo.1.so' rather than 'I require the foolib package'. Ah, but the trouble is that this check is made against the RPM database rather than the filesystem.

It would be an interesting project to modify RPM so that as well as the package database it could look at the current filesystem to satisfy dependencies. But the trouble is being unable to track them fully. This is what I meant with the 'check every 24 hours' suggestion (which wasn't serious): if RPM did use some file in /usr/local to satisfy a dependency, it has no way of checking that the file will still be there later. Whereas if the library itself is under package management, it won't be removed if there are applications that depend on it. In other words, RPM wants to ensure that if a package is installed then it works and will remain working. Depending on files outside package management would not let you guarantee that property.

In other words I am saying that RPM wants to check dependencies during package installation but also during package uninstallation. OTOH, many users would be happy to do without that if it made life easier for installing mixed RPMs and 'make install' stuff.

That's not the job of the packager. You can always just do an ldd gdm and get a nice list of the libraries it depends on.

Here I must disagree. Just as a reasonable API will document the preconditions that must be met before calling a function, so a well-built package should always state what it requires from the system in order to run. Yes, I could run ldd myself and examine entrails to work out what extra packages to install, but I shouldn't have to - let the machine do the work of downloading and installing the necessary dependencies. And the mythical 'Grandma' certainly shouldn't have to. My feeling is that a package should either install and work immediately, or refuse to install. Installing a package in a broken state is Wrong.

Matrix Reloaded spoiler in parent

[jeroenvw]

WARNING: Stupid Matrix reloaded spoiler in parent, in the middle of the 4th paragraph

Re:Matrix Reloaded spoiler in parent

[the_real_tigga]

Kudos to you, Sir Parent AC.
Very nice.

Can you also decypher which character takes a "surprise" come-back in the movie?

Re:Matrix Reloaded spoiler in parent

How do you know it's a spoiler? The move hasn't even been released yet!

Linux politics...

One of the drawbacks of being so open is politics. In open source, a lot of times a dictatorship is the most efficient way to get things done. Not everyone deserves a say... only the people who are actually doing the coding! (Great job Mozilla in trying to be less democratic. Some of the "bug battles" were getting out of hand.)

OpenStep / OS X frameworks

[pldms]

Did some of the suggestions remind anyone of the OpenStep frameworks idea?

Frameworks (very roughly) are self contained libraries containing different versions, headers, and documentation. Java jar libraries are somewhat similar.

The problem is that using frameworks requires major changes to the tool chain - autoconf et al, cc, ld etc.

Apple shipped zlib as a framework in OS X 10.0 (IIRC) but getting unix apps to use it was very difficult. Apple now only seem to use frameworks for things above the unix layer.

I suspect there are lessons to be learned from this. As another poster said, evolution rather than revolution is more likely to succeed.

emerge maybe easy.

But installing gentoo is still hard.

Insert cd.
login in from the command line
net-setup ethx
cfdisk
mkrieserfs
wget ftp.gentoo-mirror.net/pub/gentoo/stage1.tar
tar xzjdocmnaf stage1.tar
mkdir /mnt/gentoo/
chroot /mnt/gentoo
scripts/bootstrap.sh
(10 hours later)
emerge ufed
edit use flags
emerge system
emerge gentoo-sources
configure kernel, having do lspci and googling obscure serial numbers to find out what modules to compile
install kernel
muck around with it's non standard bootloader
install cron and sysloggers
umount
reboot
spend two days sorting out the kernel panics
wait all week for kde to emerge.
processor dies of over work
huge nasty electricty bill arrives after running emerge for over a week 24/7

in other words, no

Re:emerge maybe easy.

[Blkdeath]

1. bootstrap doesn't take anywhere near 10 hours on a modern machine
2. The stage-x tarballs come on the boot CD ISOs. Wget is not required.
3. If you have to resort to lspci to compile a bootable kernel, Gentoo is not for you (IOW you don't know your hardware well enough). BTW - You could grep the pci.ids datafile that comes with the kernel rather than Googling "obscure" (International standard, unique) PCI IDs.
4. GRUB is a standard boot loader now. If you don't like it, emerge LILO.
5. KDE takes nowhere near a week to compile on a modern machine. (If you're that impatient, emerge any of a dozen other window managers /desktop environments)
6. Processor dies? High electricity bill? What are you, an end-user who boots Windows just long enough to leech a few MP3s and chat on MSN?
7. Most importantly - Gentoo is not designed to be a point-click-forget install. If you're new to Linux or you're that impatient, install RedHat, SuSE, Mandrake, or any other glossy storebought distribution that strikes your fancy.

The trouble with Linux isn't the installation. That procedure should remain somewhat esoteric (else we find ourselves plagued by every Windows user out there who's ever run regedit and thinks he's a sysadmin). The trouble is in package installation, upkeep, and maintainance. With Gentoo, keeping your system up to date with security/critical updates and new features is a breeze. It's so simple and automated, you could set it up as a cron job if it struck your fancy.

"Insightful" my ass.

Re:emerge maybe easy.

[42forty-two42]

Gentoo was nice for a while, but things broke when I tried to go from gcc 2.95.x to 3.x. That's what finally convinced me to go to Debian.

Re:emerge maybe easy.

[Blkdeath]

Gentoo was nice for a while, but things broke when I tried to go from gcc 2.95.x to 3.x. That's what finally convinced me to go to Debian.

You mean {gasp} you replaced the compiler - the centre, the core of your source-based installation, and there were PROBLEMS? Y'don't SAY!

Gentoo is not for end-users. Enjoy your alternatives.

Re:emerge maybe easy.

[42forty-two42]

Yes, but it was to correct a number of ebuilds not linking libpthread (including rsync and samba). I was informed via the bug-tracking system that it was due to an old compiler, so I upgraded. The problem wasn't in the toolchain, but in emerge system - the bootstrap worked fine.

Re:emerge maybe easy.

[Reziac]

"The trouble with Linux isn't the installation. That procedure should remain somewhat esoteric (else we find ourselves plagued by every Windows user out there who's ever run regedit and thinks he's a sysadmin)."

Are you saying Linux should be restricted to use by the expert elite??

In that case, how do you expect it to ever make any serious penetration into the desktop market and user environment, where 99% of users are NOT experts?? Or are you saying linux is only suitable for use in servers and ivory towers??

Re:emerge maybe easy.

[Blkdeath]

In that case, how do you expect it to ever make any serious penetration into the desktop market and user environment, where 99% of users are NOT experts??

I don't. In fact, I'd sooner that it didn't. The end-user market is already bad enough in the way of computer illiteracy and user interface frustration without adding Linux to the mix.

As long as there are people out there who believe "Internet Explorer" is "the Internet" and "Outlook Express" is "e-mail", Linux has no place in the desktop market. No matter how user friendly it may/may not become, it will never be enough.

Re:emerge maybe easy.

Hi! I use Gentoo cause it's hard to use! I'm also the biggest dork in the world, too!

Re:emerge maybe easy.

[sweede]

Things broke yes, but it was a very easy fix (although it required you to re-compile your whole system to get the benifits of gcc 3.x).

what was the fix?? emerge glibc and gcc-config (both which should of been installed in the first place). logout, and log back in.

when they updated gcc to the 3.x versions they created a new path layout and env variables so you could compile applications on either 2.95 or 3.x

What i find funny is you left gentoo because of the gcc upgrade and then went to debian which uses an older version of gcc.

Re:emerge maybe easy.

[bryanthompson]

I think it does have a place in the desktop market. What I see happening, is that elementary and highschools could start installing linux instead of windows to save money. The next generation of solitaire-players and msn-chatters will be doing that stuff on linux at school, so they'll probably want linux at home. Eventually, they might have kids and their kids will learn linux. So, even if they do just use it for solitaire and 'the internet', what's wrong with that?

I think it offends you that the next generation of solitaire players will be doing it on linux. It somehow takes away from your eliteness.

myself, I am burning dozens of copies of redhat 9 for friends and people who have a little interest in learning something new, becuase that's what it's all about.

Re:emerge maybe easy.

[Blkdeath]

I think it offends you that the next generation of solitaire players will be doing it on linux. It somehow takes away from your eliteness.

It has nothing to do with my "eliteness", it has to do with the readiness of the general populous for something as architecturally advanced as Linux.

What will (mark my words; will happen is that people will start logging in as root all the time - for ease of use - and Linux on the desktop will come to a screaming halt as trojan after trojan anhialates desktops all over the world.

I work in a retail environment, I've worked in educational settings. I've dealt with consumers, high school students, elementary school students, and people who are qualified to teach same, and I wouldn't trust the majority of them to be functional on a Linux desktop, partly because they can barely figure out a Windows desktop to save their lives.

Linux, by nature, is more complicated (and powerful) than Windows. The learning curve is steeper and the tolerance for errors (and ability to shoot off one's toes individually and with great precision) is much higher. What do you tell people when their system boots to nothing more than a continuous stream of "LILILILILILILILILILILILILILILILILI", for example? How do they switch from an ATI Radeon to an nVidia GeForce?

Better still, do you pawn [Star|Open]Office on them as a Microsoft Office alternative? Will they understand when web pages tell them their browser is too old/incapable because it's not Internet Explorer?

How do they handle local/root kernel exploits? Up2Date their kernel? Will their system boot afterwards?

Re:emerge maybe easy.

[antiMStroll]

One sentence synopsis: Install's a pain, upkeep's a dream. The RPM version: Install's a dream, upkeep's a pain. Pick your poison. (BTW, funny, funny post. Shame to waste it as an AC.)

Re:emerge maybe easy.

[42forty-two42]

I did that. It was no help.

Re:emerge maybe easy.

With attitudes like this, Linux will always live on the fringe.

Only when we can stop the madness of "well, if its too hard for you then go somewhere else" type mentality will Linux ever be acceptable to the masses.

Kudos to Red Hat, Mandrake, SuSE, etc. for understanding that most of the people in this world are NOT geeks. Microsoft understood this a long time ago.

Re:emerge maybe easy.

[Blkdeath]

Only when we can stop the madness of "well, if its too hard for you then go somewhere else" type mentality will Linux ever be acceptable to the masses.

Nonsense. The more we bow to the userbase, the more the userbase will want us to bow. See below.

Kudos to Red Hat, Mandrake, SuSE, etc. for understanding that most of the people in this world are NOT geeks. Microsoft understood this a long time ago.

No, Microsoft lowered the bar so far that now every Windows 95 toting yuppie thinks he's a qualified sysadmin (the 300k MCSEs in its first year of existance is proof plenty), and moreover, users are getting more dumbed down by the day.

You can already witness this happening with the RedHat, Mandrake, SuSE user bases.

I had one RedHat user tell me excitedly that he'd configured his video card in "text mode!". He was so thrilled he wrote a HOWTO.

Re:emerge maybe easy.

With attitudes like this, Linux will always live on the fringe.

Oh please, we're talking about a source-based distro, something much harder to use than RedHat et al. This is an advanced topic.

Kudos to Red Hat, Mandrake, SuSE, etc. for understanding that most of the people in this world are NOT geeks. Microsoft understood this a long time ago.

You expect to get modded +1, Obvious perhaps?

Again, we're talking about Gentoo, a source-based distro. Of course it's only for experts, and of course we should assume that only experts will use it. And _of course_ that why RedHat et al. are easier to use.

This is a discussion of advanced software, clearly far more difficult to use than Mandrake or the like. On a related note, graduate level CS classes assume that you understand recursion, NASA engineers are expected to understand physics, and jumping into an advanced discussion and saying "hey guys, please dumb it down a little" is just going to get you flamed :)

Re:emerge maybe easy.

[mrjohnson]

It's not restricted to the elite but by god, people should have to learn something to install Linux. They should have to ask questions and participate in forums.

Otherwise we risk never training the next generations in this culture -- we'll lose everything to a bunch of ex-Windows users we have no idea of the history of *nix. The few remaining who do have leetness will be doomed to spending the rest of their careers cleaning up drool.

No, thanks. I really believe in mentoring. We should be spending less time on the drool factor and more time on the actual admins, preparing them and training them about what is unique about *nix. Those who expect it to be just like Windows can go piss up a rope, in my opinion. :-)

As for the users, the idea the software should be an appliance and that anybody who can hold a keyboard can administer that computer -- any computer -- is ridiculous. People pay to have cable boxes installed and to have their VCR hooked up to it, for pity's sake. If they want a computer, they should expect that from time to time, that system will require maintenance by an expert.

Hopefully that expert will be 'leet.'

Re:emerge maybe easy.

[Spunk]

I had the same problem. Lots of other people reported it too. Re-installing from scratch fixed everything, but it's understandable that you don't want to do that.

Re:emerge maybe easy.

[Wolfrider]

>spend two days sorting out the kernel panics
>wait all week for kde to emerge

> processor dies of over work
>huge nasty electricty bill arrives after running emerge for over a week 24/7

--ROTFLMAO

--Good one!

Re:emerge maybe easy.

[heim913]

emerge gentoo-sources
configure kernel, having do lspci and googling obscure serial numbers to find out what modules to compile
install kernel

[root@pdq /]# qpkg -f `which lspci`
sys-apps/pciutils *

you forgot to emerge pciutils.

Re:emerge maybe easy.

[fferreres]

I agree with you 100%, but then again, a semi newby friend of mine stumbled upon MANY problem trying to install gentoo.

1) CD was not working, so he had to rely on a disquette. Gentoo does not have their own intall from net disquettes. So you have to rely on what? A Red Hat or Slack boot disk? tombstr does not work (chroot problem), and is the suggested method (if you managed to reach the part of the forum that explins that it, YES, can be installed from the net).

2) GRUB, he never used grub, he didn't know anyone that could help him with that. I don't use GRUB myself (and it's NOT the standard in any way) but I quickly responded that YES, he can install LILO. But Gentoo does not help you with lilo like every other distro (including slackware, that's supposed to be what...difficult?). It doesn't help you with fstab either. Great to learn, but if you are NEW, I would probably guess that forcing people to write their own fstab is kind of unhelpfull.

3) Kernel. Ok, this was a net install, so your next step is to compile a custom kernel. Well, the gentoo sources failed to produce a working kernel, and it was not his faul. I know because I have the same machine as his does (identical notebook), and only a vanilla kernel did the job.

So he is still trying to get gentoo to work in his spare time, but he certainly isn't thinking gentoo is for the faint of heart.

On the other hand, I totaly enjoy gentoo, though sometimes I relly feel the urge to just drop something in /usr/local/src and install it the unforgivable way. I mean, sometimes I really HAVE to make a lot of changes to the way certain things are compiled, and at those times I feel I am not in love anymore with my gentoo (but the feeling doesn't last much...i totally like gentoo).

Re:emerge maybe easy.

[fferreres]

95% of the people have their machines preinstalled and NEVER EVER try to upgrade it. If they have to, they'd call you or me...or if it is an office, whoever is in charge.

Re:emerge maybe easy.

[Reziac]

You're making my point for me. If linux is all that architecturally advanced (and I don't mean just core OS structure, I mean all about how it interacts with everything else it needs to -- and that includes the user), why does it still have those problems? As it is, linux is like a wonderfully designed house -- that is only built as far as the foundation and some of the framing. No plumbing, no electrical wiring, no roof, no drywall...

Yet we get people here all the time who say Windows is about to die and linux will take over the desktop world any minute now. I'd guess a poll would show about 40% of linux users would agree that Windows is doomed and linux is the future of the desktop. You and I both know, that's not so. (I guess everyone needs an active fantasy life..)

Re:software reliability == complex install process

[xml-doc.org]

I agree with this logic completely. The
fundamental problem with most things (i.e., walking and chewing gum at the
same time, taking out the trash
masturbating) is that they're so easy to do that most any old jomoke can do them
without any "learning curve" being needed.
The rest of the world would be a much
better place if it aspired to the
standards of the free software community:
make things as difficult as possible
for the average person to learn. And if
they can't ever manage to get it figured out, well, (heheheh) too bad for them.

Re:software reliability == complex install process

[MikeFM]

I'd agree that installing Linux software isn't typically that hard once you've done it a while. Red Carpet makes updating/installing RPM files really easy. Apt-get makes the same process almost as easy in Debian based systems. Anything not available as a package just download and compile (which has gotten much easier in recent years).

What needs to be made easier is making good third party packages. It needs to be as easy as making a tarball or using WinZip. Obviously, the distros can't keep up with providing packages for every program that exists. They need to make it so your average sysadmin or developer can package the software he is trying to compile and install so that it works well across all his systems. Sure they can do learn to do it the hard way but obviously most of them are busy. The low number of third party packages is a good example as to the need for such tools.

As for every dick distro having trouble running standard packages it's been my experience they cause these problems by changing things pointlessly. Good packages play nice in any sane distro and distros should be smart enough to leave themselves compatible with those packages. Debian based distros should maintain compatibility with Debian, RedHat based distros with RedHat, etc. Pretty simple.

Executive summary:

[I+Am+The+Owl]

Use Debian and apt-get. No, seriously, could it be much easier?

Re:Executive summary:

[Haeleth]

Well, assuming that you're experienced enough with Linux to be able to get Debian installed and working in the first place (and yes, I know it has a menu-based installer - sorry, it still isn't easy) - assuming that, then yes, apt-get is easy.

Except that not everyone has a direct connection to the internet, you know. Some of us need to download software on other machines, even on machines running different OSS. So for those there's still all the hassle of repeatedly downloading new packages until everything has all its dependencies.

Oh, and not every application is packaged, and of those that are, a lot of packages are outdated. So if you want to do anything out of the ordinary, you're back to compiling your own, or begging someone to package it.

Tired old arguments, I know, but every time installation issues come up on /. we get a dozen Debian advocates shouting "apt-get! apt-get!". Could it be much easier? parent asks. Yes, it could. For most Windows software, you download a single executable file - from the site of your choice, on any machine you like - run it, and your software is installed and works. Now, that's easy.

Re:Executive summary:

[benad]

Yes. Fink, built on top of apt-get.

But that's for UNIX stuff on Mac OS X. We usually install with "drag & drop", as applications are self-contained directories that are flagged in the file system to look like files.

- Benad

Re:Executive summary:

I'd like. But Debian didn't recognize my NVidia Geforce 4... and it's not a X problem, the card is not recognized at the kernel (PCI) level... unknown device etc.

Mandrake, Red Hat, even ELX recognized it.

Any ideas? (besides "use Debian")

And before you flame me, think for a second: why have I tried to install Debian? That's why I want to be able to use it! Duh!

Re:Executive summary:

[mickwd]

Or Mandrake and urpmi.

Re:Executive summary:

You hit the nail right on the head. The problem with all package management systems is that they rely on ONE centralized dependency system. If your distribution has a different idea of package granularity, you need a distribution specific package, one that fits into their dependency system. Installers need to be much more intelligent about resolving dependencies or they have to be more "brute force" about the problem and install everything they need locally, ignoring what's already available somewhere else on the system. Either way, installation packages which include all dependencies, except for an agreed-upon base system, should be available. If one of the dependencies is already resolved, simply don't install it, ok?

Re:Executive summary:

[GlassHeart]

Use Debian and apt-get. No, seriously, could it be much easier?

Funny you should ask that. Yes, it could be much easier. Software Update pops up a window every so often with a list of software for which I don't have the latest versions. I uncheck anything that I don't want to install, and click a button. Minutes later, the software are downloaded and installed, and I'm prompted to restart the computer if necessary. Unsurprisingly, Software Update is a MacOS X feature.

apt-get is a wonderful foundation to build a real user friendly tool on. I used it for a few years, and appreciated its improvements over the old RPM, but it's not the easiest thing in the world, particularly to install for the first time. The autodetection is grossly inadequate for anybody except the most experienced PC users.

Re:Executive summary:

[Malcontent]

"'Yes, it could be much easier. Software Update pops up a window every so often with a list of software for which I don't have the latest versions. "

This only works for Microsoft software. apt works for thousands of software packages.

BTW there is nothing preventing you from putting apt-get update && apt-get upgrade in cron.

Re:Executive summary:

[Malcontent]

Apt is easier then downloading files on windows.

In windows you have to find the program you want to install. Apt knows where the program is.

In windows you have to inswall winzip first (I know windows users don't have any ethical problems with stealing winzip so I am not saying pay for winzip).

So in windows you have to find the program, save it to your hard drive, unzip the archive, install the software.

In debian you just apt-get install the software, all the rest is taken care of for you.

You complain about the age of debian packages but that's a false argument too. You can always subscribe to testing and unstable if you want to run bleeding edge software. Also in windows YOU HAVE TO PAY FOR THE UPGRADES. That's right. If you are running office 97 windows update does not magically upgrade you to office XP when it's available.

Re:Executive summary:

[GlassHeart]

This only works for Microsoft software.

You missed the part in my post where I explained this is MacOS X, but yes, only Apple software has this feature.

apt works for thousands of software packages.

So? We're talking about whether apt-get can be easier. It can.

BTW there is nothing preventing you from putting apt-get update && apt-get upgrade in cron.

Why should I have to do any work? (Remember we're talking about ease of use.)

Re:Executive summary:

[Ian+Bicking]

Software Update is easy, but it's not comparable to apt-get or the Debian package repository.

Software Update -- much like Windows Update -- handles specific software on the computer, and as far as I can tell just Apple software. It is not anywhere close to inclusive, and it seems to have no concept of the computer as a system.

apt-get, OTOH, knows every detail of the software on my system. It upgrades everything, not just the software of a select vendor, or at a certain level of the operating system. It protects me from incompatibilities across all my software.

Sure, Software Update is easier, but it's nowhere near as powerful as apt-get. And it's only slightly easier. It has a GUI. Apt-get has GUIs, though I wouldn't claim they were easier -- but that's because Software Update deals with such a small set of software that it can present the most simplistic interface and get away with it. If every piece of software on your computer was handled by Software Update it wouldn't be so easy anymore.

Apt-get is awesome. I can go to some strange Debian box that I know little about, and (presuming I have sudo or root access) I can safely install software, even trivially small software, without worry -- I know that it will be installed in the proper location, that it won't affect other software on the system, and that someone later can safely and cleanly remove it if they choose. MacOS X can't compare. (Well, maybe with fink :)

Re:Executive summary:

[GlassHeart]

Sure, Software Update is easier, but it's nowhere near as powerful as apt-get.

That's irrelevant, unless you can prove that the two are contradictory attributes.

that's because Software Update deals with such a small set of software that it can present the most simplistic interface and get away with it.

Care to back it up with a few examples? All you've done is repeatedly assert that.

Here's where Debian's apt-get (the process, not necessarily the program) can be improved to make it easier to use:

• Explain to me what improvements I'm getting when I upgrade.
• Explain to me which of several equivalent options is best.
• Let me know how much longer it will take to finish the download.
• Notify me when new versions of software are available, particularly if it's security related.
• Don't bother me, by default, what additional packages I'm required to install.

Now, do you think these things will make apt-get easier to use? Does any of these suggestions render apt-get less powerful?

If every piece of software on your computer was handled by Software Update it wouldn't be so easy anymore.

Apple uses Software Update to upgrade kernels, daemons (Apache, Samba, BIND, and Sendmail are recent examples), libraries (OpenSSL, several times). It's not just used to upgrade a few Apple applications. I have no reason to believe they cannot update the entire OS (except third-party apps) with it. Do you?

Now, one important difference is that Apple doesn't supply every software package under the sun. Debian's strength in this area is also its weakness.

I know that it will be installed in the proper location, that it won't affect other software on the system, and that someone later can safely and cleanly remove it if they choose. MacOS X can't compare.

Are you familiar with the MacOS X "application bundle"? Bundles can be copied anywhere in the system, so there's no question of "installed in the proper location". They are self-contained, so they don't affect other software. Cleanly remove? Drag it to the trash can.

Re:Executive summary:

[Ian+Bicking]

Apple uses Software Update to upgrade kernels, daemons (Apache, Samba, BIND, and Sendmail are recent examples), libraries (OpenSSL, several times). It's not just used to upgrade a few Apple applications. I have no reason to believe they cannot update the entire OS (except third-party apps) with it. Do you?

The granularity of Software Update is extremely crude. It doesn't update BIND or Sendmail, it has an "operating system" update. That's nothing like what Debian provides. It's just a big fat updater like Microsoft uses. The result is probably something on the order of 1/100th of the number of discrete packages as Debian.

I'm not saying apt-get has a great interface. Specifically, the repository needs to have more editorial annotations -- that's probably one of the big things Lindows adds. That, combined with an interface that knew a little more about what to hide (e.g, the installation of lib* packages), would be a nice system. That does not change the fact that apt-get/dpkg provides a foundation that is far more powerful than Software Update, and yes, to the point that Software Update's interface would fall apart when trying to present everything that apt-get provides.

Are you familiar with the MacOS X "application bundle"? Bundles can be copied anywhere in the system, so there's no question of "installed in the proper location". They are self-contained, so they don't affect other software. Cleanly remove? Drag it to the trash can.

That works okay for large, monolithic, proprietary applications. File paths are a way (on Linux) that software finds out about the system, about itself, and about other software (on Windows it would be the registry -- which is just as static as the Linux file system, only it's flawed in that it's not managed). OS X applications that want to become part of a larger system must also hook in at some point -- either in specific places in the filesystem (probably the Unixy part of the filesystem), or as in Windows using registry-like facilities (netinfo, I think).

Debian packages work together beautifully. Only with tight organizational cooperation does this happen in the proprietary world, like among the Apple iLife applications, or MS Office. Arranging this requires introspection and standards that bundles cannot provide.

Re:Executive summary:

[GlassHeart]

Try to follow the thread. I didn't say that Software Update is some ultimate package manager. I said it was easier to use, because somebody was asking if there was anything easier than apt-get. Some of the ease comes from simplifying, and some of it comes from providing better documentation. Either way, Software Update is easier to use.

I'm not saying apt-get has a great interface.

So what are we arguing about? :)

The granularity of Software Update is extremely crude. It doesn't update BIND or Sendmail, it has an "operating system" update. That's nothing like what Debian provides.

You need to ask what difference that makes to the user. As long as I'm not forced to re-download the entire BSD-land every time I update the "operating system", why would I care? Not having to care, easy.

What else does the computer need to know other than I want package X installed? Do I really have to personally approve additional packages Y and Z, without which X won't even install? Having to care, hard.

Now, as I repeatedly said, apt-get is a wonderful foundation. But it's not easy to use, so stop telling me how powerful it can be if nobody needs that power at least 99% of the time. Most of the time, I apt-get update, apt-get upgrade, answer a number of questions I've already answered before, and hope none of my config files get clobbered. Why do I have to do all that work? Because it is hard to use.

[Application bundle] works okay for large, monolithic, proprietary applications.

Uh, no, they work very well for various little games and utilities.

How about this

[Fluffy+the+Cat]

The complaints are, almost entirely, about libraries. But there's already a robust mechanism for determining that a library dependency is satisfied - the SONAME defines its binary compatibility. So if stuff is breaking, it's because library authors are changing binary compatibility without changing the SONAME. How about we just get library authors to stop breaking stuff?

No no no!

[FooBarWidget]

First of all, RAM and disk space are NOT cheap. I spent 60 euros for 256 MB RAM, that's is not cheap (it's more than 120 Dutch guilders for goodness's sake!). A 60 GB harddisk still costs more than 200 euros. Again: not cheap. Until I can buy 256 MB RAM for 10 euros or less, and 60 GB harddisks for less than 90 euros, I call them everything but cheap.

What's even less cheap is bandwidth. Not everybody has broadband. Heck, many people can't get broadband. I have many friends who are still using 56k. It's just wrong to alienate them under the philosophy "bandwidth is cheap".
And just look at how expensive broadband is (at least here): 1 mbit downstream and 128 kbit upstream (cable), for 52 euros per month (more than 110 Dutch guilders!), that's just insane. And I even have a data limit.

There is no excuse for wasting resources. Resources are NOT cheap dispite what everbody claims.

Re:No no no!

[RealityProphet]

Well, when you spend 60 euros PER HOUR on system administrators, spending 60 euros on a memory chip seems cheap to me!

Re:No no no!

[FooBarWidget]

I'm not a corporation. I don't have a paid sysadmin.
Corporation who *do* have a paid sysadmin should use the RPMs or whatever provided by their vendor. RedHat's up2date resolves dependancies automatically, provided that you're using RPMs made by RedHat. Of course, all you *should* use is RPMs made by RedHat anyway if you're a corporation, because those packages are supported by RedHat.

Re:No no no!

Where can I buy gold-plated 60GB harddisks and DIMMs?

Re:No no no!

[Zakabog]

Wow you're getting ripped off. Where are you buying this stuff?

256 megs of good ram is 35 euros or less or 25 euros for some cheap PC100 ram. If you can't call that cheap, let me remind you that years ago it was $70 (62 euros) for 8 megs of ram. And a 200 gig Western Digital drive is less than 200 euros on New Egg which is a very good computer hardware site. 60 Gigs is like 50 euros. I'm sorry you have to live in a country where hardware is so expensive, but where I live it's incredibly cheap.

Re:No no no!

[Ed+Avis]

More than 120 Dutch guilders? Wow! It's a good job you didn't express the amount only in those obscure euros.

Re:No no no!

Yes, RAM, processing power, and hard drive space are cheap. You got ripped off horribly if you paid that much for those components.

Besides, you missed the point. When he says RAM is cheap, he is saying that it is okay for an application to waste a few hundred kilobytes if it is necessary for it to work properly. RAM, processing power, and hard drive space all cost next to nothing in these tiny amounts, though the components themselves may be more expensive.

Re:No no no!

[FooBarWidget]

> Wow you're getting ripped off. Where are you buying this stuff?

In the store. Heck, I checked out several stores, and even advertisements in computer magazines! The DIMM modules I bought in Vobis was actually the cheapest modules I could find.

This is The Netherlands. I don't know where you live.

Re:No no no!

[FooBarWidget]

"Yes, RAM, processing power, and hard drive space are cheap. You got ripped off horribly if you paid that much for those components."

No I didn't. I checked out several stores. I read lots of advertisements in computer magazines. Nowhere can I find DIMM modules that are compatible with my VIA motherboard and are cheaper.

Re:No no no!

[vrt3]

I don't know about the memory since I don't know exactly what kind you need, but your HD is extremaly expensive. Checking out the website of a Flemish computer shop, I can get a 80 GB HD for 95 euro. The most expensive HD in that particular shop is a Seagate Barracuda V 120 GB which costs 164 euro.

Re:No no no!

[10Ghz]

First of all, RAM and disk space are NOT cheap. I spent 60 euros for 256 MB RAM, that's is not cheap (it's more than 120 Dutch guilders for goodness's sake!). A 60 GB harddisk still costs more than 200 euros. Again: not cheap. Until I can buy 256 MB RAM for 10 euros or less, and 60 GB harddisks for less than 90 euros, I call them everything but cheap.

Whoa! That IS expensive! Let me quote some prices:

256MB DDR266 CL2: 44e (could be had for 34e if you want generic brand)

Western Digital Caviar SE 120GB EIDE 8MB cache: 175e

These are the prices in Finland (more precisely, in www.verkkokauppa.com). So I think it's fair to say that you are getting ripped off.

Re:No no no!

[FooBarWidget]

Again, I'm not getting ripped off. I've checked out several stores as well as lots of computer advertisements. All the prices are more or less the same: too expensive.

Re:No no no!

[pommiekiwifruit]

1 euro ~ 1 US dollar. This is intentional. Whether it will stay that way is another matter.

Re:No no no!

[vadim_t]

*shudder* Here I bought a 512MB DDR ECC CL2 module for 85 euros.
According to the shop's price list, 186 euros is the price of a 160GB disk.

In case you're interested I'm buying at Alternate, their site is alternate.net, I think.

Re:No no no!

[FooBarWidget]

> Checking out the website of a Flemish computer shop,

We don't have Flemish computer shops in this country.

Re:No no no!

[sheldon]

"Resources are NOT cheap dispite what everbody claims."

Considering back in 1992 I paid US$300 for an 80 Gig drive, and RAM was $50 a megabyte...

Resources *ARE* cheap.

Re:No no no!

MOD PARENT UP

This is EXACTLY the point, god knows how the original post got +5.

Re:No no no!

[vrt3]

No, but you have (assuming you live in the Netherlands, because of your reference to Dutch guilders) for example www.alternate.nl, with HD's much cheaper than what you said. Unless of course you mean SCSI instead of IDE, in that case you're absolutely right.

Re:No no no!

[10Ghz]

It could be that there are no cheaper alternatives in the Netherlands. But if products are considerably cheaper in Finland, where just about everything costs an arm and a leg, I would say that the Dutch IT-retailers are collectively ripping you off.

Re:No no no!

[FooBarWidget]

Not here. One should not alienate people from other countries just because resources in his own country is cheap.

Re:No no no!

I don't remember 80gig disks in '92!

Re:No no no!

[KFT]

Perhaps you should check vergelijk.nl before buying hardware in Holland next time. Their hardware search function is excellent to find low prices (even when compared to tweakers). Unless you were speaking about SCSI-disks and some higher-end memory, you really could come out a lot cheaper than that here.
(I'm way too lazy to search for some example prizes for the hardware you mentioned)

Re:No no no!

[moncyb]

I see your point about wasting resources. When I first loaded GNOME, my computer started smoking. Then my CPU, kernel, and init daemon leaped out covered in flames. They ran around the room yelling and screaming until they fell down as charred bits of black soot. I still have nightmares to this day. ;-)

But why can't you order hardware on the internet? Don't they have "ecommerce" in the Netherlands? Do they have weird import restrictions where you can't buy computer hardware from foreign sources? Computer magazines and retail stores usually don't have the best prices.

Re:No no no!

[neo]

Resources are NOT cheap dispite what everbody claims.

I'm not sure that claim has ever been that resources were cheap. What has been said is that resources are cheaper (than they have ever been.)

There was a necessity in Unix to make things small. Smaller components meant your program was also smaller. This was very important when programs were meant to fit in under 64K.

We don't live in that world anymore. The restrictions on program size have change dramatically, but unix is still stuck in it's roots (no pun intended.)

Re:No no no!

[Troll_Kamikaze]

There is no excuse for wasting resources.

Yes there is. Resource allocation is often a compromise, not an "either/or".

Do you ever travel by car? If so, don't you know that you're "wasting" fossil fuel resources that would be saved if you rode a bicycle instead?

What's that? You don't have enough time to ride a bicycle everywhere? My point exactly.

Human resources are just as deserving of conservation as material resources. The key is compromise.

Re:No no no!

[craigwilkie]

Considering back in 1992 I paid US$300 for an 80 Gig drive, and RAM was $50 a megabyte...

Bloody hell, that was cheap.

Oh, wait you meant 80 Meg drive didn't you...

Re:No no no!

[antiMStroll]

No one designs systems targeted at the past. The recommendations are for the next gen, not the last. Graph speed, storage capacity and computational power per $ vs. time and you'll realize you and your freinds will soon be in the tiny minority.

Re:No no no!

[JewFish]

RAM: PC3500 DDR 256MB = 33 USD = 29.3908 EUR
HD: 60.0GB 7200rpm ATA/133 = 69 USD = 61.4535 EUR

Sounds like your getting screwed over in Europa, you should check pricewatch.com more often to see what us yanks are paying. All price conversions wre done on XE.com

Re:No no no!

[Some+Dumbass...]

Wow you're getting ripped off. Where are you buying this stuff?

People seem to be missing the point. Even if this guy could have bought cheaper parts in The Netherlands, how much do computer parts cost in, say, India? How much income do people have? The point is that everytime someone says "RAM/HD Space/Bandwidth are cheap" they are presumably talking about themselves, and they are almost always living somewhere with high incomes and cheap merchandise. Somewhere, someone reading SlashDot on a 486 is not amused.

Re:No no no!

[FooBarWidget]

I don't have a credit card and my parents are afraid of credit card fraude.

Re:No no no!

[FooBarWidget]

> Do you ever travel by car?

I don't. :p
Really, I either use my bike or public transport. But I use my bike more often than public transport.

Re:No no no!

[Troll_Kamikaze]

Really, I either use my bike or public transport. But I use my bike more often than public transport.

That's cool; I wish I could do the same. Where I live, however, there's no such thing as public transport, and the distances that must be traveled to reach much of anything are quite far (I have to drive 1.75 hours just to reach a community college, for example).

Re:No no no!

[don.g]

At least here in New Zealand we have a reasonable number of small, cheap online computer part shops - and most of them accept cheques. NZ$63 for 256MB of PC2100 DDR RAM and so forth.

Re:No no no!

[don.g]

You are of course ignoring the fact that many US online shops *don't ship outside the US*, and when they do, shipping costs tend to get rather large.

Petreley should do it

He's got time, motivation, money and computer. Sounds like the right guy for the job!

It is not just the ease but the language...

[terraformer]

It is not just the ease of installation but also the language used during that installation that is foreign to many users. Having a nice point and click interface on linux installs is a major leap forward but these still reference things like firewalls, kernels, services, protocols etc. Most people, when faced with new terms become disoriented and their frustration level rises. These setup routines have to ask users what they are looking to accomplish with their brand spanking new linux install.

• Would you like to serve web pages? (Yes or No where the answer installs and configures Apache)
• Would you like to share files with other users in your home/office/school? (Yes or No where the answer installs and configures Samba)

Etc...

Re:It is not just the ease but the language...

True, as long as the installation tells more advanced users what is actually going to be done.

Re:It is not just the ease but the language...

[groomed]

The argument could be made that somebody who doesn't know what Apache is really shouldn't be serving webpages.

Apart from that, there are other problem with the dumbing-down approach; for instance, it promises things that it cannot make good on. When you instruct the computer to "share your files", but then you can't share files with the AppleTalk Macs, that's confusing. When you instruct the computer to "serve web pages" but instead your server gets hacked, that's a disaster.

Language need to be consistent, and terms need to be explained. But never dumbed down. People aren't idiots. They don't buy a "program to manipulate images". They buy "Photoshop".

Re:It is not just the ease but the language...

[TeknoHog]

Users who need easy point n' click installations should not be installing servers.

Moreover, your scenario is the complete antithesis of choice, which is a major driving force for using Linux. People choose Linux or another OS for a variety of reasons, and they choose their applications accordingly. For example, when choosing Linux because it performs well on slower hardware, you'll also want to choose leaner applications. If we didn't have choice we could just as well consider this:

Would you like to use a computer? (Yes or No for installing the one and only OS)

Re:It is not just the ease but the language...

[terraformer]

Yes, I am not suggesting otherwise. I am simply stating the "Easy" installation path should be more like this and less like the expert path.

Re:It is not just the ease but the language...

[terraformer]

...your scenario is the complete antithesis of choice...

This is absolutely absurd. If anything it is promoting choice by providing people who would otherwise unable to choose another OS over Wintel and Mac OSX the choice of Linux. What I am suggesting does not in anyway mean that there would be a lack of an "expert" setup that provided all of the options (no matter how obscure and arcane) you would expect and demand of an open source project. In fact, it may even provide greater granularity in the setup process since it would provide enough of a simple interface to handle most non-techies and therefor allow the expert interface to blossom un-hindered. Plus, your definition of server does not fit todays world. A machine running Samba could be a server but it also could be a client as well. I think most would agree that a Win98 machine would not classify as a real server. Yet, it serves files.

This goes to the heart of the problem, people could give a shit less if it is classified as a server or client. They simply want to access their files on one computer from another computer in the other room. In other words, they want results.

Re:It is not just the ease but the language...

[Beryllium+Sphere(tm)]

This is good.

People trying your installation for the first time will also want to know whether they're painting themselves into a corner with their choices. Therefore a good thing to have in the dialog is "You can always turn on this feature later by -mumble-".

A default server installation for a non-expert should also have most features turned off, both for security and for managability.

Also, anyone writing an installer should do a dataflow analysis and make sure the installer is only going to ask the user for things the user has a chance of knowing.

"To configure the software, enter the name of next year's Academy Award winner." "click click click" "please wait." -- Dilbert

I'm Glad It Isn't Easy

[fire-eyes]

I'm glad it isn't easy. I like a challenge, even if it takes longer, even at work.

I'm glad it isn't brainless. I'm glad it's different across distros. Then I can pick and choose what I like.

The less each distro is like any other, the happier I am.

This is why I enjoy Linux.

Re:I'm Glad It Isn't Easy

>I'm glad it isn't easy. I like a challenge,
>even if it takes longer, even at work.

But what if you have to be productive?

Seriously.

Not too big an issue

[rsilvergun]

I was just talking with my brother about this. My take is since a linux install comes with just about anything you need to use a computer (networking and comminucation software, office software, media players, etc), it really doesn't matter if there's tons of old software you can install. Especially since your probably not paying too much (if anything) for your licenses. Backwards compatiblity was a lot more important when your wordprocessor costs $500 and you don't want to buy the new version :).

Not that it wouldn't be nice to find a 5 year old config tool somebody wrote that'll make my job easier and be able to run it.

Gentoo is not the only source based distro

[Drasil]

In descending order of (my) preference:

• Lunar Linux
• Sourcemage
• SGL
• uOS

Please heed this warning

[Sits]

Your post came too late for me :( Looks like the moderators are listening as it is falling down the page. I guess that's what I get for reading new stories...

Apple has it right

[wowbagger]

From what I am given to understand of the way the Mac OS 10.* handles such things, Apple got it more closely to right.

As I see it, the following things need to happen to really make application installation be very clean under any Unix like operating system:

1. All apps install in their own directory under /usr/[vender name]/[app name] - the reason for including the vender name is so that when two venders release different apps with the same name (Phoenix comes to mind) you can still dis-ambiguate it. Also allow apps to install into ~/apps/[vender name]/[app name] to allow for non-root installation.
2. Under an app's directory, create the following subdirs:
   • [arch]/bin - any binaries that are OS/CPU dependent.
   • bin - shell scripts to correctly pick the right [arch]/bin file.
   • man - man pages for the app
   • html - help files in HTML, suitable for browsing
   • [arch]/lib - any shared libraries specific to the app.
   • system - desktop icons and description files, perferably in a WM-agnostic format, MIME type files, magic files (for the file command, and a description of each program in the app, giving the type(s) of application for each binary (e.g. Application/Mapping; Application/Route Planning).
   
   
3. Shells and WMs are extended to search under /usr/*/*/bin for programs, /usr/*/*/man for man pages, etc.
4. Programs shall look for ~/.{vender]/[appname] for their per-user storage area, and will create this as needed.
5. The system must provide an API for asking if a given library/application/whatever is installed.
6. The system must provide an API for installing a missing component - this API should be able to *somehow* locate an appropriate package. The requesting app will provide a list of acceptable items (e.g. need libfoo.so.0.1.6,libfoo.so.0.1,libfoo.so.0)
7. This is the biggest item, so I'm really going to stress it:
   

   PACKAGE CREATORS MUST BE HELD ACCOUNTABLE FOR BEING OVERLY ANAL-RETENTIVE ABOUT WHAT PACKAGES THEY REQUIRE

   
   Too damn many times I've tried to install FOO, only to be told by the packaging system "FOO needs BAR". But FOO doesn't *need* BAR, it just works "better" if BAR is present (e.g. the XFree packages from RedHat requiring kernel-drm to install, but working just fine (minus accelerated OpenGL) without it).

Were venders to do this, then a program install could be handled by a simple shell script - untar to /tmp, run script to install needed pre-reqs, move files to final location.

The system could provide a means to access the HTML (a simple, stupid server bound to a local port, maybe?) so that you could browse all installed apps' help files online.

As a final fanciness, you could have an automatic process to symlink apps into a /usr/apps/[application class] directory, so that if you wanted to find all word processing apps you could
ls /usr/apps/WordProcessors
and see them.

Re:Apple has it right

[mickwd]

Thanks for the informative post. It looks like Apple have done a very good job.

As regards 1, I believe the intention of the /opt directory was similar (although sub-dividing by vendor seems new).

3 - Great. I always wondered why this hadn't been done before on popular unixes. The two reasons I came up with were a) search times; b) possible command-line security implications and search ambiguities (i.e. it doesn't do you any good having /usr/VendorX/SpiffyApp if it's possible to install /usr/VendorNew/SpiffyApp which gets called instead).

Do you happen to know how OS X deals with these problems (particularly the second one) ?

7 - Yes, I think this is one reason why RPM gets so much flack (particularly when people don't realise that it's a tool upon which higher-level tools can be build (such as Mandrake's urpmi, or Ximian's Red Carpet).

Actually, Mandrake (and I assume RedHat too, and probably other Linuxes as well) achieve something similar with the use of /usr/share/doc/PackageName. However, it would be extremely useful if these directories provided pointers to all the help files associated with the applications concerned - including HTML man pages. For example, konqueror under KDE can display man and info pages using the "man:ls" or "info:gdb" URIs (I imagine Gnome has something similar). Imagine how much simpler it would be to have these as clickable links from the relevant directories.

Re:Apple has it right

[ilctoh]

1. All apps install in their own directory under /usr/[vender name]/[app name] - the reason for including the vender name is so that when two venders release different apps with the same name (Phoenix comes to mind) you can still dis-ambiguate it. Also allow apps to install into ~/apps/[vender name]/[app name] to allow for non-root installation.
[...]
3. Shells and WMs are extended to search under /usr/*/*/bin for programs, /usr/*/*/man for man pages, etc.

What consequences of the solution you proposed in #1 have on the actions described in #3? If you have 2 programs with the same name, only the one whose vendor name come first alphabetically would be executed if no path was provided. So, what you proposed doesn't really help anything, other than perhaps better organization.

Re:Apple has it right

[Strike]

PACKAGE CREATORS MUST BE HELD ACCOUNTABLE FOR BEING OVERLY ANAL-RETENTIVE ABOUT WHAT PACKAGES THEY REQUIRE

Just a note, but debs already have these in the form of their "weak-dependencies" (namely, "Recommends" and "Suggests"). Of coures, as a user it's up to you to decide whether or not to install these packages, but you at least have them readily available (and some nice frontends to apt, like aptitude, allow you to choose to install these by default if you choose). In fact, some may argue that this often leads to a counterargument that package maintainers are too anal-retentive about exotic situations where things that don't require one or more dependencies forces the dependency into a weak dependency instead. For example, a package that I work technically CAN work without a database but it's not incredibly useful without one. As a result, we have it in a weak dependency (Suggests), even though for most users will probably want to use the DB dependency (of course, this is all in the README and whatnot, but since when do users read those?). So, this system does have its quirks as well, but I still vastly prefer it to stupid dependencies that aren't really truly "dependencies" in the real meaning of the word.

Re:Apple has it right

[benad]

Do you happen to know how OS X deals with these problems (particularly the second one) ?

This problem doesn't really exist in Mac OS X. Shared library are "Frameworks" outside the application's directory, so applications can basically be installed anywhere you want without forcing any other application know where it resides.

If there is a "real" install (i.e. stuff installed in /usr/bin and so on), information about what was installed is kept by adding a *.pkg file in /Library/Receipts/. This is needed to "uninstall" and "update" the software, though good Mac OS X apps don't use this feature.

Applications are identified with some names like "com.apple.iTunes" so that setting files don't overwrite each other (all setting files are in ~/Library/Preferences) and to interact with the application with AppleEvents (so only the OS "knows" where the app is installed), but doesn't impose anything about the path of where the binary is placed.

Oops. I guess I just made it more confusing...

- Benad

Re:Apple has it right

[Ed+Avis]

I dunno - in a way, being 'anal-retentive' about packages required is a good thing, it's good to list every itty bitty thing that is needed for the package to work, because you know that otherwise somebody somewhere will try to install on a system that doesn't have /bin/true and the package will break. This is the same principle as checking the return value of every system call, yea, even though the checks triple the size of thy code and produce aches in thy typing fingers.

But I see your point about specifying a package as 'required' even though it is just 'nice to have'. Debian works around this with its weak dependencies. But another approach would be to split off these extra features into separate pseudo-packages. So you could install 'XFree86' which doesn't have many dependencies, and the pseudo-package 'XFree86-drm' requires XFree86 and kernel-drm, and turns on OpenGL acceleration.

Re:Apple has it right

I agree all application should have ./lib/myshared.so

rpm -Uvh myapp.rpm

Creates a bunch of symlinks: ./lib/libmysh1.2.0.so -> /usr/lib/libmysh1.2.0.so

No space disk problem, no duplicate problem.

if any of that fails just install:

rpm -Uvh myapp-libs.rpm ./lib/libmysh1.2.0.so (a real file)

Is that TOO complicated to implement!

Could everyone start using

libname-major.minor.revision.so

I still have trouble with
cryto, db2, qt and other libs that
are heavilly dependant on old version
but the new version doesn't work for them.

Re:Apple has it right

[mperrin]

This is at most a side issue, rather than a fundamental flaw in the basic concept (which I admit is something that's far overdue in Linux!). Presumably if you're intentionally installing two applications with the same name, you can simply "alias foobar /usr/XXYYZCorp/bin/foobar" and be sure to get the one you want.

And that's only the blindingly-obvious 5 second solution. Presumably if you're hacking the shell to have this search order, then you can also hack it to have various options for configuring the order that directories are searched or overriding certain results. You could even code up a nice GUI for configuring the shell search options while you 're at it.

My point is, there's lots of things that can be done about this point. It's nowhere near a fatal flaw, and the idea is a damn good one.

Installation is only the first step

[HidingMyName]

I don't install that often once I pick a distro/version combination that meets my needs. However, the real problem lies in keeping control of installed packages during upgrades and doing routine systems administration. Unfortunately, this is the place where most fracturing of linux distributions have occurred. I really wish that there was some tool that the distributions would support and standardize on (e.g. linuxconf, although any good tool would do). We use redhat 7.3 in my lab (mainly because of its popularity) but the admin tools leave a bit to be desired.

Instances don't really matter for static linking

[Skapare]

Nicholas Petreley writes:

The following numbers are hypothetical and do not represent the true tradeoff, but they should serve well enough to make the point. If libthingy is 5K, and your application launches a maximum of 10 instances, all of which are statically linked with libthingy, you would only save about 45K by linking to libthingy dynamically. In normal environments, that is hardly worth the risk of having your application break because some other build or package overwrites the shared version of libthingy.

Linking libthingy statically into application foo does not preclude the sharing. Each of the instances of application foo will still share all the code of that executable. So if libthingy takes up 5K, and you launch 10 instances, that does not mean the other 9 will take up separate memory. Even statically linked, as long as the executable is in a shared linking format like ELF, which generally will be the case, each process VM will be mapped from the same file. So we're still looking at around 5K of real memory occupancy for even 1000 instances of application foo. The exact details will depend on how many pages get hit by the run-time linker when it has to make some address relocations. With static linking there is less of that, anyway. Of course if libthingy has its own static buffers space it modified (bad programming practice in the best case, a disaster waiting to happen in multithreading) then the affected pages will be copied-on-write and no longer be shared (so don't do that when developing any library code).

Where a shared library gives an advantage is when there are many different applications all using the same library. So the "shared" part of "shared library" means sharing between completely different executable files. Sharing between multiple instances of the same executable file is already done by the virtual memory system (less any CoW).

The author's next point about sharing between other applications is where the size of libthingy becomes relevant. His point being that if libthingy is only 5K, you're only saving 45K by making it a shared (between different executables) library. So that's 45K more disk space used up and 45K more RAM used up when loading those 10 different applications in memory. The idea is the hassle savings trumps the disk and memory savings. The situation favors the author's position to use static linking for smaller less universal libraries even more than he realized (or at least wrote about).

For a desktop computer, you're going to see more applications, and fewer instances of each, loaded. So here, the issue really is sharing between applications. But the point remains valid regarding small specialty libraries that get used by only a few (such as 10) applications. However, on a server computer, there may well be hundreds of instances of the same application, and perhaps very few applications. It might be a mail server running 1000 instances of the SMTP daemon trying to sift through a spam attack. Even if the SMTP code is built statically, those 1000 instances still share unmodified memory mapped from the executable file.

This is the price to pay..

[DuSTman31]

One of the greatest strengths of the UNIX platform is its diversity..

Package installation is a simple prospect on the Windows platform for the simple reason that the platform has little diversity.

Windows supports a very limited set of processors.. So there's one factor that windows packaging doesn't have to worry about.

Windows doesn't generally provide seperately compiled binaries for slightly different processors ("Fat binaries" are used instead, wasting space).. So the packaging system doesn't have to worry about that. On linux, on the other hand, you can get separate packages for an athlon-tbird version and an original athlon version.

On an MS system, the installers contain all the libraries the package needs that have the potential to not be on the system already. This could make the packages rather large, but ensures the user doesn't have to deal with dependencies. Personally, I'd rather deal with dependencies myself than super-size every installer that relies on a shared object..

Furthermore, on windows there arn't several different distributions to worry about, so the installers don't have to deal with that either.

All of these point confer more flexibility to the unix system but have the inevitable consequence that package management can get to be rather a complex art. We could simplify package management a great deal, but it'd mean giving up the above advantages.

Re:This is the price to pay..

I thought the price you paid for using Linux was having to read articles by Nicholas Petreley.

You're telling me the situation is worst than that?

crap

Re:This is the price to pay..

[Ed+Avis]

Package installation is a simple prospect on the Windows platform for the simple reason that the platform has little diversity.

WTF? Package installation on Windows is anything but simple. Every app has its own installer, which is a program you have to run (so there's no way to unpack an untrusted package to inspect the files in it, for example - you just have to run the .exe and trust it won't trash your system). The installer can do any strange thing it likes and often will. There are two separate install destinations to keep track of, the filesystem and the registry, and if you delete the files from one you probably won't remove the app from the other.

Microsoft has taken steps to fix this with its own Windows package format, I think. And there is now a common 'uninstall software' part of Control Panel - but I think that is again just a wrapper around a different executable for each application.

And finally, the differences between Win95 and Win2k are rather greater than those between most modern Linux distributions. Although I admit that many of these differences will not affect installers, because they are more under the hood.

LeetLinux distro

[Skapare]

If a bunch of Linux geeks want to have a hard to install Linux system in order to raise the leetness level, they can always put together their own "LeetLinux" distribution. We can't (and shouldn't) stop them. There shouldn't be a requirement that all distributions be "easy". This even applies to the BSD's. I personally find the command line install of OpenBSD more flexible (and even easier anyway) than the menu driven install of FreeBSD. But as I use Linux mostly, my preferred leetness distro is Slackware. Many will also find Gentoo and Linux From Scratch suits their desires.

Re:There are some good points but...

[You're+All+Wrong]

"""
I think evolution is better than revolution.
"""

Where possible, yes. One thing that stuck out in the article as much as your use of "revolution" above was the following:
"""
The software-installation process should be distribution-agnostic
"""
i.e. All distributions must understand the new installation process.
i.e. all distributions must change what they currently do to conform to the new one true installation mechanism.
i.e. Get rid of incompatabilities by making everyone change.

That ranks alongside Stroustrup's naming of C++ header files with no extension, so that all of the ".h", ".H", ".hpp", ".hh", ".hxx",
".h++" camps were left in an equal state of needing to change.

However, on the whole it looks like most of what he says could be slowly adopted on a piecemeal basis, and perhaps that means only partially, so that even teh distributions that dont want to conform, can still minimise their differences.

YAW.

Not just a linux problem

[jd142]

This same problem occurs in the windows world as well, dll hell as it is often called. Here's how it works for windows. Say your program needs vbrun32.dll. You have a choice. You can put the dll in the same folder as the executable, in which case your program will find it and load the right dll. Or you can put it in the system or system32 dll in which case your program and others can find it and load it. However, if vbrun32.dll is already loaded into memory, your program will use that one. I remember we used to have problems with apps only working if loaded in the right order so the right dll would load.

As with Linux, if there's a bug in the library you have to update either one file or search through the computer and update all instances. But, as with linux, the update can mess up some programs, others might be poorly coded and not run with newer versions of the dll. I've seen this last problem in both windows and linux; it looks like the programmer did if version != 3.001 then fail instead of if version 3.001 then fail.

If everyone is forced to use the same library, you get these problems and benefits:

--1 easy point of update
--1 easy point of failure
--older software may not run with newer versions
--programmers may insist on a specific version number
--updates to the libraries can benefit all programs; if kde or windows gets a new file open dialog box, then all programs that link to the common library can have the newer look and feel by updating just one library.

On the other hand, if you let each program have its own, you get these problems and benefits:

--difficult to update libraries when bugs are found
--can run into problems if a different version of the library is already loaded into memory (does this happen with linux?)
--guarantee that libraries are compatible with your app
--compartmentalization; everything you need for an app is in it's directory. Want to uninstall? Just delete the directory. No need to worry that deleting the app will affect anything else.
--no weird dependencies. Why does app X need me to install app Y when they clearly aren't related at all. The answer is shared libraries. Which is why many people like Gentoo and building from source.

Microsoft has waffled back and forth on the issue. Under dos, everything just went into one directory and that was it. Windows brought in the system directory for shared dll's. Now the latest versions of windows are back to having each app and all of its dlls in one directory.

Personally, I think compartmentalization is the key, provided we get some intelligent updaters. If libthingy needs to be updated, the install procedure should do a search and find all instances of the library, back up existing versions and then update all of them. This wouldn't be that hard to do.

Re:Not just a linux problem

[Reziac]

I know DLL Hell has become an anti-Windows buzzword, but frankly I've not seen the issue at all since the Win3.1 era (and not often then), not by lack of opportunity -- my WinBoxen wind up loaded to the gills with software from every era, and usually multiple versions of the same programs to boot. My clients install all sorts of random crap, and they don't get any version conflicts either.

Re:Not just a linux problem

[jd142]

Yeah, the worst offenders were under windows 3.1, that's true, but because of the mix of apps our users install, we still see it occassionally. They like older versions of WordPerfect, like 6.0, 6.1 and some old proprietary research apps that weren't well written. Because they are still in use, we still see problems now and again. But not nearly as bad as we used to. "Ok, just remember that you always have to start WordPerfect 6.1 *before* you start Eudora 3.0, otherwise WP won't work right." And even now WP 8 and MS Office don't play well together, and you can't have WP and 10 on at the same time either.

Re:Not just a linux problem

[Reziac]

M$OfficeXP's voice recognition component disables some WP functions. There's even an article about it in the M$ KB. Somehow this wasn't regarded as a bug or problem, so I have to consider it as left deliberately unfixed. On WinXP, even going back to a restore point before OfficeXP does not fix the problem -- OXP is allowed to clobber system files.

Back in the Win16 day, M$Office/WinWord didn't play nice with anything if it could avoid it. The trick was to install M$Office or WinWord *first*, because otherwise it would disable any other word processors it found (observationally, I'd say this was deliberate, but that was during the height of the OS/Word Processor wars, too.. remember the DRDOS and Win3.11-not-Workgroups vs OS/2 debacles?) So long as M$O/WinWord was installed *first*, nothing else ever had a problem coexisting with it.

WPWin6.0 wasn't anyone's idea of well-made, but Novell's incarnation of WPWin6.1 was pretty well fixed (tho you need the POUPDT* patch to make it play nice with Win32). I used WP6.1 extensively on my WFWG system (which was so loaded up that WFWG was maxed out, I could not install any more software!) without any problem, and I think running every program you own all at once is "normal" :)

"... you can't have WP and 10 on at the same time either" -- Did you mean WP8 and WP10? simultaneously installed or running? As a WP user who owns just about every version since 4.1, such things are of great interest. :)

If merely "installed" -- could be an .MSI issue, depending on the Windows version under it. .MSI on Win98 doesn't clean up after itself, and leaves stuff in half-baked condition. The WP10 installer knows about the problem and has a repair option, but OmniPage10 and some others don't -- when after a couple uses the shortcuts stop working, you have to fix 'em by hand.

Re:Not just a linux problem

[Ed+Avis]

If an application needs a particular version of the library, it can say so. The package can say 'I need libfred1-1.8 or later'. Then if a new release of libfred is not compatible with that version, it gets packaged as libfred2, libfred3 and so on. There's no need to resort to multiple library copies just for this. Let the machine do the work - let the package manager install several libfreds if they are needed.

'If libthingy needs to be updated, the install procedure should do a search and find all instances of the library, back up existing versions and then update all of them.' - this sounds crazy to me, if you start ferreting around and updating libraries, even those that 'belong' to applications, then you might as well have used a central location to start with.

Re:Not just a linux problem

[jd142]

Wow, didn't think other people still ran wp. We've found that having 8 and 10 installed at the same time can cause some problems. I think there were issues with the spellcheck and picture insert, but can't remember exactly. 95% of 8 works, but there are a few things that don't. It was a good excuse to force people to upgrade so we didn't have any stragglers still using 8.

Re:Not just a linux problem

[Reziac]

As many of my clients as I can corner run WP, too :) I loathe Word, it's like being crippled and blind.

WP8 is my fave of the Windows versions, tho I have 8, 9, and 10 installed rather randomly, depending on which version was the most recently acquired, concurrent with when a new machine needed it. And they ALL get WP5.1 for DOS, which I can't live without :)

I'll have to look into the 8 vs 10 thing -- maybe someone in the Corel ngs knows a fix. I'd like to have both available on my main WinBox, which right now only has 10. I did have the thought that pointing both at the same speller files etc. might solve the problem, if it's ultimately a "which registry entry did you say I should obey again?" type of issue.

Re:Instances don't really matter for static linkin

[FooBarWidget]

Yes if you start the same app twice, they will share memory. But that isn't the problem.
If your entire GNOME desktop is statically linked to GTK+, and you launch panel, nautilus and metacity, then you're loading 3 seperate copies of GTK+ into memory that don't share any memory at all!

Building your own packages is not always the way

[Skapare]

Basically your suggestion amounts to building a binary package from a source package as a stage to having it actually installed. While that is something I actually do (using Slackware package.tgz format), and even recommend it to many people, it's not necessarily suitable for everyone or every purpose. I still run an experimental machine where everything I install beyond the distribution is installed from source. That's good for quickly checking out some new package to see if it really does what the blurbs imply (quite often this is not the case).

Building your own binary packages in whatever is your preferred package format is definitely a plus when managing lots of computers. And this way you have the plus that the MD5 checksum of all the binary files will be the same across multiple computers, making it easy to check for trojans.

As for making the recipe or spec file, I've actually figured out a way to do that when I build source packages into binary packages. It's slow but it works. I first construct a subdirectory consisting of a copy (never a hard link or bind mount) of the system root tree (or just enough to accompish the building). Then I scan that directory modifying every file object to some weird date way in the past. For symlinks which cannot have their date changed, I just note the current time as all new symlinks will have a timestamp after this. Then the installation is executed under chroot and thus will be installed within the subdirectory (as long as the package author didn't slip in some program to crack out of the chroot, which can be done easily). A rescan compares everything against the previous scan. Every file and every symlink changed or created will be detected. It's not perfect in theory (if the source package elects to not install something because it already exists in your root template, then you'll miss it), but so far I've been totally successful with it.

But he doesn't

But he doesn't. Dumass!

Re:Instances don't really matter for static linkin

[Skapare]

GTK+ is probably not a good example because of it's general usability. And GLIB is probably even more so because its usability goes even further. And we wouldn't suggest statically linking libc (or at least I wouldn't). The point is more of concern to library writers (besides those who do libc, GLIB, etc) who do libraries that are either smaller, or are used in fewer applications, or both. How likely are you to have several different applications loaded at the same time that need the 84K of, say, libext2? More likely only a small few tools will need it, and you'll probably be using only one of them at a time. Statically linking to that library would be a plus for those few applications (while still dynamically linking to libc, etc).

Re:Building your own packages is not always the wa

[Ed+Avis]

For well-behaved packages, your method shouldn't be needed: you can just tell them 'make install DESTDIR=/tmp/aaa' and then look at what is in that directory.

Not always a problem

[Simon]

Just want point out that problems with shared libraries aren't universal. Years ago AmigaOS had shared libraries that basically worked without significant administration problems, or a 'dll hell'.

Important features of the way AmigaOS libraries worked:

* All libraries were versioned, but not on the file system level. Each library contained a version number in it's header.

* Versions of the same library were always backwards compatible. This was Law. Software using an old version of a library must continue to work on future versions. This also meant that developers had to think out thier library API beforehand (because you would have to maintain that API). Libraries could be extended though with extra functions.

* Application programs had to 'open' libraries before using them. When opening a library an application would specify the minimum version that it required of the library. (If no matching or later version was found then the program would have to exit gracefully).

* There tended to be few (compared to Linux anyway) libraries. Libraries tended to be biggish. A few big libraries instead of many tiny libraries. This made them manageable.

* The backwards compatibility rule/law for libraries meant that software could bring it's own version of a library and update the existing version of that library, but *only* if it was a more up-to-date version.

As a previous poster pointed out, a lot of the problem would disappear if people (library writers) maintained compatible interfaces for the same library soname. I'm pretty sure that this is the way it was designed to work.

anyway, a FYI.

--
Simon

Re:Not always a problem

[jd142]

The AmigaOS solutions sounds great (and windows and linux have some of your points already) but I don't know if either windows or linux could enforce the Law of backward compatibility. Too many people writing too much software.

Re:Not always a problem

[Ed+Avis]

a lot of the problem would disappear if people (library writers) maintained compatible interfaces for the same library soname.

Or at the very least, updated the soname when the interface changes. If a library author doesn't want to provide stable APIs (and there can be legitimate reasons for this, as when a library was originally part of an application and then other people started using it 'clandestinely' - I think rpm itself had a library like this) then at least they can bump the number with each change to the header files.

On the whole I think library authors do maintain backwards compatibility within a major version number, it's not that bad. There's certainly no reason for an app to statically link or include its own private pile of shared objects.

Re:Not always a problem

[Simon]

Well, I think that technically Linux probably has everything neccessary already. It's really a policy issue. I just browsed the Program Library HOWTO, and although binary compatibility is briefly mentioned, and what is meant to happen when you break it. The whole idea that libraries have APIs that should only be broken as a last resort, is simply not explained, let alone handed down as Law...

That's not to say that things are not changing. The KDE project for example, aims for maintaining binary compatability during the same major series. Also Mandrake at least, now seem to understand that different major numbers should indicate different libraries. Which is why most of library packages now have the major number in thier names (eg libpcap0, libpng3). Idea being that you can install different versions side by side if needed.

But there are still problems. For example, RPM, when building a package likes to list the library dependancies for the software in the package, but also the libraries that that libraries depend on. (Which is why sometimes you see packages with a dependancy on libopenGL.x or so. That lib is not on most people's machines. It's a case of RPM picking up a dependancy on part of the nVidia drivers installed on the build machine.) You code to the interface, not the implementation!

(IIRC, windows has DLL versioning too. It's optional (!) and of course no-one bothered to use it... sometimes laws have to made.)

--
Simon

Re:Not always a problem

[Ed+Avis]

For example, RPM, when building a package likes to list the library dependancies for the software in the package, but also the libraries that that libraries depend on. (Which is why sometimes you see packages with a dependancy on libopenGL.x or so. That lib is not on most people's machines. It's a case of RPM picking up a dependancy on part of the nVidia drivers installed on the build machine.)

Must be a bug in the 'find-requires' script that comes with rpm. I wonder if Red Hat knows about it?

Re:Not always a problem

[fishbowl]

"Versions of the same library were always backwards compatible. This was Law."

And that Law is bundled with an entirely new class of problems, and is an obvious deterrent to development progress.

Re:Not always a problem

[Simon]

"Versions of the same library were always backwards compatible. This was Law."

And that Law is bundled with an entirely new class of problems, and is an obvious deterrent to development progress.

I certainly don't remember hearing anyone complain about it. Seeing the alternative (Windows 3.1 at the time) people quickly realised how much better off we were by doing things this way.

What "new class of problems" are you worried about?

--
Simon

Re:Not always a problem

[roskakori]

Software using an old version of a library must continue to work on future versions. This also meant that developers had to think out thier library API beforehand (because you would have to maintain that API). Libraries could be extended though with extra functions.

i think it's also worth mentioning that the API was specified in an external *.fd file ("function definitions" AFAIR), which tools like fd2pragma could convert into C-headers, oberon modules, pascal units, assembler includes, whatever.

while AmigaOS-libraries are definitely a smart concept, i believe there is another reason they worked so well: for a long time, libraries were incredibly difficult to code (assembler stubs, reentrant-code, no real "globals"). only really experienced developers managed to do that. only later (90ties) tools and compilers started to simplify that, and good examples and tutorials showed up.

OTOH under windows every taxi-driver can click through a wizard and can come up with a library.

i don't mean to say there's a problem about taxi drivers writing dll's. on the contrary, i'm a big fan of making things easy to use. but this must include save-guards against major screw-ups. neither AmigaOS, windows or unix does that.

Re:Not always a problem

I have a serious question that I don't understand, why do all new versions of glibc fail to maintain backwards compatibility?

I can understand that from libc5 to glibc there was a need to change binary compatibility but I can't understand why 2.2.9 and 2.3.0 are not binary compatible (or they don't offer a "deprecated interface" like Java does).

Re:Not always a problem

What would happen on AmigaOS if a future version of the library broke compatibility with prior versions? Insisting on it doesn't make it law.

Re:Not always a problem

[SewersOfRivendell]

X's problem isn't backwards compatibility. It's that the original X API was crap, and it seems that now XFree86 is treating backwards compatibility as the only goal worth pursuing.

Let's be a little more clear for those of you who've never used Amigas (or classic Mac OS, which also has nice versioned shared libraries):Backward compatibility implies designing APIs to be easily extended without requiring massive breakage.

Of course, there is no moral absolute. Backwards compatibility requires a lot of discipline on the part of the shared library implementor, it isn't always possible, and sometimes you have to move forward. What Simon is mainly saying (and I agree) with is that it's a damn sight better than the chaos that plagues Windows, trad Unix, and Linux systems.

Re:Not always a problem

[johannesg]

New functions can be added to an AmigaOS library at any time, so that is not a problem. Once added functions cannot be removed, so compatibility code has to be maintained for all eternity (or until C= went broke, which happened first).

One example is that the original OpenLibrary() call only took the library name as a parameter. In the next OS release they realized the minimum required version number was also needed, so a new function was introduced that had both parameters. The old function was then reimplemented by calling the new function with a zero for the version number, thus maintaining compatibility.

Obviously if a library decides to flagrantly break the law then anything calling the function will now cause problems (crashes, most likely).

On the whole I did like the Amiga system for libraries. It was clean, elegant, and manageable.

Re:Not always a problem

[johannesg]

If no matching or later version was found then the program would have to exit gracefully

Earlier ;-) You want applications to be able to work with newer libraries.

There tended to be few (compared to Linux anyway) libraries. Libraries tended to be biggish. A few big libraries instead of many tiny libraries. This made them manageable.

You must be kidding. The biggest libraries in AmigaOS are graphics.library (all graphics primitives) which is about 100K in the 3.0 release, and intuition.library (the window manager so to speak) which is about the same size. That's not "biggish", that's unbelievably small considering the functionality they offer.

Other big libraries (none of which originally came with the OS) are the hwgpost.library (postscript interpreter, 171K), ixemul.library (support routines for UNIX ports, 164K), and the various RTG libraries (support for non-native graphics boards, also in the 100K range). I have a LIBS: directory here containing about 200 libraries, the result of many long years of installing Amiga programs. Ah, the memories...

Re:Not always a problem

[fishbowl]

>What "new class of problems" are you worried
>about?

Actually at the time I wrote my reply, I was thinking about how common it is to find a version of xerces.jar and xalan.jar in every java application. Same crap, new pile.

"Easy to use" !== "Dumbed down"

[Reziac]

And, sorry, but your post is an example of "more leet than thou"! This isn't meant to flame you, but you make the common mistake of assuming that "easy for a newbie to use" MUST EQUAL "dumbed down", and that's absolutely not the case.

Look at the apps that have options to use either basic or advanced interface. Selecting the basic interface doesn't mean that the app somehow no longer knows any of its more 1337 functions; it just means they aren't in the user's face, baffling the newbie with a million options he can't make head nor tail of. And as a rule, the default is the advanced interface, but the "make it simpler" option is easy to find right off.

This really isn't much different from "custom" and "standard" options for installers. Yeah, it requires more thought on the part of the developer. Is that a *bad* thing??

Re:"Easy to use" !== "Dumbed down"

[mattdm]

And, sorry, but your post is an example of poor reading comprehension. Or maybe you just didn't read as far as the second paragraph. Sounds like we're actually in agreement, but you somehow feel the need to make an antagonistic statement (if it's not meant to be a flame, I'm not sure *what* it's meant to be....).

I never even implied the all-caps equation that you claim I assume. In fact, I basically identify that as the problem, because many ease-of-use suggestions are in fact dumbing-down, and people are justified in being opposed to that. To re-word what I said, there is a lot of resistance to ill-thought-through ideas, but you'll be hard pressed to find an example of a real improvement being rejected.

Proponents of said bad ideas are quick to throw the Linux-users-want-it-to-be-hard accusation, but someone with a good idea will find the situation quite different.

Having an option to choose between an advanced and basic interface is one way to approach the problem that I'm generally happy with, although in many cases it can feel like a kludge rather than a real design improvement.

Autopackage screenshots

[HansKloss]

Autopackage seems to does it pretty well and least aim at it, not to mention tasty screenshots that make me forget what this whole discussion is all about. http://autopackage.org/gallery.html

thesis + antithesis - ? synthesis ?

[corvi42]

Some very good points and ideas, but also IMHO some misguided assumptions and directions.

1) RAM & Disk space is not always cheap, or even readily available. There are many legacy systems where users would benefit from these advantages but the users are unable or unwilling to upgrade the system. What happens to old 486 and 586 systems where the motherboard doesn't support drives larger than X - there are work arounds, but the people who need easier install processes aren't going to tackle the complex system configuration issues to implement these. What happens when you can no longer obtain RAM in your community for your old machine, or it no longer has spare slots, etc. What happens if you have a second hand computer and simply don't have the available $$ to spend on upgrades, no matter how cheap they are. I don't like the idea of designing an easier-to-use system that excludes such people, no matter how small a portion of the market they may be. Hence redundant copies of libraries and staticly linked libraries are a very inelegant solution for these people.

2) We musn't impose requirements on application developers to use a given installer library, or code their apps to conform with particular standards that the installer requires - it is again unfeasible and undesireable in many circumstances. Developers have more than enough to worry about as it is without having to reimplement the way their app behaves to be installer friendly. The installer must exist at a level independant of the way the application has been coded, to a reasonable degree. I think that much of the problem that exists currently is that too much of the "packager" issues of making apps compatible to a hundred and one different unices has been getting dumped on developers and this both reduces their time for actual development and means that we have a hodge-podge of apps that are compatible to an unpredictable degree, because essentially developers don't want to be burdened with this.

3) Diversity is the spice of life, and it is the spice of unix. The community of unices is robust because it has adapted systems which are generally stable and reliable across a vast array of hardware and software. We want to capitalize on this tradition and expand and enhance it, not force anyone to use a particular layout for their apps & installations. This being said, I find the idea of local copies of libraries in the application directory unappealing, because it forces one to have a local directory ( rather than using /usr/bin, /usr/lib, etc. ) Also the idea of having configuration files that resolve dependancies forces the application to use such configurations, which is also undesireable.

5) Aside from all these criticisms, there are many things I do agree with. Particularly that dependencies should be file specific, not package specific, that an integration of installer & linker is key to the organization of such a tool. I also agree that the installer should make use of auto-generated scripts wherever possible, and should provide detailed, useful messages to the end user that will help them to either resolve the conflicts in as friendly a way as possible, or to report the conflicts to their distribution. Also the installer should have advanced modes that allow for applications to be installed in accordance with a user or administrator prefered file system. That is one shouldn't be forced to install into /opt or into /usr/bin or /usr/local if you don't want it there.

Given all this, is there any possible way to solve all of this in one consistent system? I think so - but it may require something that many will immediately wretch over. A registry. That's write, I used the foul windoze word registry. I propose a per-file database for libraries & applications that would record where given versions of given libraries are installed, under what names, in what directories, of what versions, providing what

Re:thesis + antithesis - ? synthesis ?

An XML database would a compromise. The question people need to ask themselves for any proposed alternative is how resistent is it to human "quirks"? Human forgetfulness, human mistakes. How about maliciousness? How resistant is the alternative to breakage (deleating the RPM database). What about versitility (network installation, only what's needed).

Re:thesis + antithesis - ? synthesis ?

[corvi42]

Well the nice thing about a database is that it doesn't matter how its implemented. You can create some general querying API that is used by all installer scripts & apps, and the database can internally be organized however you like.

As for human mistakes, naturally some would be fixeable in an automatic way, because certain missing or inconsistent information can be safely inferred from other existing information. In the cases of serious breaches, then it is the responsibility of the packager to fix said information.

As for maliciousness, this is no different than any other code security issue that exists today. If you download untrusted binaries and run them with root privileges, then you open yourself to all sorts of unhappiness. Same goes for running untrusted scripts. But the community has already dealt with these issues - what exists currently is not perfect, but a reasonable compromise that is mostly safe and secure. This installer isn't meant to solve the problems of human error or human interference, but rather to solve the problem of distributing apps and libraries so that they are still able to work without being tied to any particular distribution's ( or individual's ) file structure conventions.

Re:Instances don't really matter for static linkin

[moncyb]

The articles point was it's easier to staticly link the small obscure libraries. I don't know why a developer packaging a binary for general distribution can't statically link certain libraries.

I'm a bit rusty at static linking, but can't they just do a gcc -s -lgtk -ljpeg -o executable /usr/lib/libobscure.a foo.o bar.o widget.o to generate the binary? Then I wouldn't have to hunt down and attempt to install libobscure--sometimes a very frustrating process.

Re:Instances don't really matter for static linkin

[Skapare]

They should do that to statically link certain libraries. But judgement needs to be made as to which ones. Certainly libc is a bad choice for static linking (except for certain system tools that need to work while libraries are under maintenance). I'd say libm, gtk+, glib, and a few others that are big and commonly used are bad choices for static linking since you'll really have to have them around, anyway. But at the other extreme, specialty libraries just for one or two applications are more hassle than they are worth. Those should be statically linked in most cases (there are a few certain scenarios where doing run time dynamic linking is still a good thing, such as run time modularity).

Re:software reliability == complex install process

[GrimReality]

[Clarification: I am not pro-Microsoft, in fact, I paid extra to get a computer without Microsoft Windows pre-installed.]

If a software is easy to install, it is not reliable. for e.g. MS products.

I would have to disagree on the example, at least since Windows 2000 came out. Most, but not all, of it is pretty stable.

I defenitely do not like the trend, but the whole world seems to be becoming more and more enslaved to Microsoft rather than moving away from it --especially considering all the noise about their monopolistic practices and reports of lack of stability of Win95/98/ME/NT4.x.

I have talked with many many people who would rather install Microsoft Windows because they think it is the best. This is because it is stable enough to stay put based on its ease of installation and use!

Thank you for understanding.
GrimReality
2003-05-04 15:53:46 UTC (2003-05-04 11:53:46 EDT)

Re:Building your own packages is not always the wa

[Skapare]

True. For well behaved packages it isn't needed. But I've encountered enough that are not (usually lacking support for DESTDIR= or INSTALLPREFIX= or such) that make it necessary to have this tool. So now that I have it, just using it universally anyway reduces the convolution level of my work.

Re:Gentoo (links and dependencies)

[jeanke]

There exist (at least) two versions of the "links" browser; one that is only a text-based browser (now at version 0.98) and one that is a text-based and a graphical browser (now at version 2.1pre1, see http://atrey.karlin.mff.cuni.cz/~clock/twibright/l inks/download.html). And the latter is probably the one that was installed...

Re:Apple has it right-Step into the light.

1-why are people even worrying about directories?
As has been discussed previously. A DB would make system managment (for user and computer) easier.

2-Instead of changes at the library level, how about at the symbol level? Instead of sending a big library with only a small portion changed. Just send the small change. Managment and resource friendly.

why...

[di0s]

why only simplify installation? How about simplifying software maintenance?

Free ld.so from glibc!

If only GNU's dynamic linker implementation were not so unfortunately entangled with the glibc distribution, we could more easily experiment with how dynamic linking is done.

Free ld.so!

Re:Instances don't really matter for static linkin

[Animats]

Yes. I've been saying this for a while. The only time dynamic linking saves you something is when you have multiple, different programs running that share the same library. This happens more on Windows than on Linux, because everything is forced to link to Microsoft DLLs. It's much less true on UNIX, and far less true on the Mac.

A good rule to follow is to never dynamically link to something that's substantially smaller than your program.

Dynamic linking tends to pull in too much. If you use "cos", dynamic linking hauls in the whole math library. Yes, the paging system will eventually figure out what the working set is. Every time the program runs.

Maybe we shouldn't have "shared libraries" at all. We should use static libraries for things that are really libraries (math, I/O), and "big objects" (CORBA, .NET, etc.) for things that have lots of internal state (GUIs, databases). The big object systems already have machinery for version management and interface incompatibilities.

Zero Install

[tal197]

Looks like Zero Install would solve those problems. (technically, it doesn't make installation easier, since it does away with installation altogether, but I don't think anyone will mind ;-)

For those who haven't tried it:

"The Zero Install system removes the need to install software or libraries by running all programs from a network filesystem. The filesystem in question is the Internet as a whole, with an aggressive caching system to make it as fast as (or faster than) traditional systems such as Debian's APT repository, and to allow for offline use. It doesn't require any central authority to maintain it, and allows users to run software without needing the root password."

Re:Building your own packages is not always the wa

[Ed+Avis]

Why does everyone feel the need to insert 'infidels' into those oh-so-funny Information Minister quotations? I don't think he ever spoke in those terms, any more than Rumsfeld would.

Re:software reliability == complex install process

[bj8rn]

I have noticed that installation complexity is directly propotional to the reliability of the software.

So, if I follow your logic correctly, my system will become almost perfectly reliable, if I install all the software using punch cards, one byte per card, or, alternatively, scribing it on the hard drive by hand using miniature magnets :P

And the less each distro is like any other...

[StarKruzr]

... the worse-off the open source community will become. We. Need. Standards. Especially when it comes to something as important to adoption as package management. It's fine to have lots of little experimental systems flying around that you can pick and choose from, but something that works, and works WELL, must become dominant. I hate to tell you, but your attitude is selfish and ultimately detrimental to the goal of spreading Open Source Software.

So you are you saying...

[iFlynn]

Linux is better than Windows because it's so complex and difficult to use?

It's funny how hypocritical the crowd here on /. can be. One day they are making out a bug in IE that crashes the browser to be a HUGE deal. Something that just about has to be purposely coded and would take 2 seconds out of your day to relaunch the window if you did run across a site with the code.

Two seconds was a huge amount of time in the average Linux user's day yesterday, but today, hours and hours spent installing software is but a small price to pay.

I know I am oversimplifying this, I'm doing it on purpose to make a point. When the slightest problem is found with Windows, Linux users will type for hours telling how damaging it is and how it is just another reason not to use Windows. However, when a HUGE flaw in the very foundation of Linux is brought into discussion, it is trivialized to the point that the common concensus is that there is no problem at all.

Blind loyalty does no good for anyone but a dictator. Windows isn't the perfect OS, X isn't the perfect OS, and niether is Linux the perfect OS. Each has advantages and disadvantages. However, if you only focus on the advantages and do nothing to improve the disadvantages, or even admit they exist, they will always exist.

I'm gonna be honest here, I couldn't care less how long it takes to install something in Linux. I'm not posting this in hopes that the Linux Community will come together and work on solving the biggest problems facing Linux. I don't use Linux, probably never will, but I have tried it a couple times in the past. To me, Linux isn't even close to an alternative to XP and X (both of which I use daily). I feel Linux has years of catching up to do before I would even consider using it for anything but a web server.

I'm posting this for two reasons. Primarily, because I would like to see Linux users on /. start focusing on their own hurdles instead of beating to death every little issue that pops up with Windows. Alternately I would like to see more than the handful of truly devoted Linux users admit, or even just realize, that Linux is far from perfect.

This might sound like flames to many slashdotters here, but that's only because I'm not slamming Windows as a creation of satan while singing the praises of Linux as a gift from the gods. If you really take the time to read what I've said with an open mind you will see I have said nothing defamatory about Linux, and in fact everything I have said would benefit Linux if people would take it to heart. Too many Linux users have become zealots and, at least here on /., those vocal zealots have become the voice of the Linux community.

As proof, I offer this entire thread into evidence. The complexity of installing apps on Linux is quite probably the very largest single problem holding Linux back as a mainstream OS. As a computer user that started on the Commodore 64 and used UNIX in college as a CS major, I can testify that the main reason I wiped the Linux partition mere hours after installing both of the times that I tried it was the complexity of installing even the most basic of apps. However, if you read through this entire thread you will see that the majority of replies deny this problem even exists.

Re:So you are you saying...

[DuSTman31]

Linux is better than Windows because it's so complex and difficult to use?

No, but to every coin there's a flip-side. A lot of the criticisms one side in this windows vs linux debate are only problems depending on how you look at them.

The complexity of package management is a good example - The fact that linux is available in so many different distributions, and for quite a few different processors means that package management in linux can be quite a mess.

Microsoft could easily use the packaging situation as a big point against linux in advertising. Linux fanatics could easily advertise the system on its diversity.

A lot of the time in software design there's trade-offs to be made, and while there's frequently good arguments to balancing the system in one way, there'd still invariably be other advantages to balancing the situation another way.

Personally, I'd rather learn to deal with the packaging problem than yield the advantages that gave rise to that problem, but I could certainly understand that you prefer it the other way.

Re:So you are you saying...

[Ramses0]

Debian has it right, from my perspective. To install package foo, I use apt-get install foo. There are several gui (gnome for sure, don't know about KDE) frontends which allow you to do basically the same thing.

When running with stable, I've got an @midnight cron job which checks for updates to the system against security.debian.org and sends a mail out to our team notifying if there are any security updates available.

To fix it: apt-get upgrade foo.

To change from the MTA exim to the MTA postfix (because our "company standard" changed): apt-get install postfix. Warning, exim will be removed, is this ok? [n]

This is as simple as system administration gets. Maximum 5 minutes a week to keep a stable secure system running. Maximum 10 minutes to install damned near any package in the debian archive.

What this does not consider is "new" software. Based on how well Debian-stable works (I would absolutely recommend it for newbies), if you want the latest and greatest you have two choices:

1) Do it yourself.
2) Pay somebody or some company to do it for you.

The problem is that few linux users (non-contributors, this peterley guy included) have figured out that they have to pay with time (or money) or they have to shut the hell up and deal with it.

--Robert

Re:So you are you saying...

[NanoGator]

You really deserved a +5 for that.

Words

[StarKruzr]

"disambiguation" is a perfectly cromulent word.

Re:Words

[wowbagger]

"WordNet (r) 1.7"
disambiguate
v : state unambiguously or remove ambiguities from; "Can you disambiguate this statement?"

I'm sorry that your vocabulary is too miniscule to encompass these terms.

I will use short words now.

Debian?

[po8]

As a happy Debian user, it seems to me like Petreley is mostly solving a non-problem. Debian has its problems, but "software is hard to install correctly" is rarely one of them. I think that Petreley's suggestions are actually way more germane to simplifying Windows software installation. "DLL hell" got its name there for a reason.

Petreley seems to not understand the model that has evolved for shared resources (libraries, data, etc.) in Linux. He is correct that nobody cares about the disk space anymore: what they care about is that they can now upgrade functionality without reinstalling packages, as long as they preserve interfaces. I can install a new libc, xine back-end, Mozilla icon, etc., and if I'm careful every app on my box will see the new version without further action. That's a big feature, as long as I'm careful to re-install all the apps if the interface to the newly-installed thing changes. Fortunately, apt gets this case mostly right. I wish they had a better scheme than putting major version numbers in package names, but I guess I can live with it.

I used to run Red Hat everywhere. I now think Debian-based distros such as Knoppix will win in the long run. They're getting to be no harder to install, and you only have to do it once per box: when you want to upgrade to current or install new bits you just push a button and it happens. What could be easier?

Re:Debian?

[JoeBuck]

Actually, Debian does not avoid this problem. Because even Debian unstable tends to lag the rest of the world, it's often quite difficult to try out a very new Gnome or KDE app, if that app depends on newer versions of shared libraries than the ones packaged in Debian.

nick is dumb

can I just make the point that nicholas petreley does no favours to the community as his points are ususaly based on very little fact and a lot of stupid simplifications, in short nick is dumb and all his articles should be taken with a grain of salt

Huh?

[Synn]

The documentation on USE variables:

http://www.gentoo.org/dyn/use-index.xml

To "wing" the system online it's simply a matter of running either one of:

net-setup eth0 (if you're on a LAN)
adsl-setup
adsl-start (if you're using PPPoE)

For links, simply doing a USE="-X" emerge links would've emerged it without X support. The whole point of Gentoo is that you choose exactly what kind of support goes into each package, unlike in Debian where some maintainer makes that choice for you.

Of course you don't know these tricks, because you didn't stick around log enough to learn them or didn't read the docs.

Re:Huh?

Neglecting that Debian, with 10,000+ packages, often has multiple versions of packages that have significant compile-time versions. There is often a fully-featured package and a minimal one, and sometimes some other niche versions. All of which are tested and compiled on every architecture. If you do want a version that's unique to your requirements, it isn't hard to apt-get source either and debuild -d, sometimes editing debian/rules.

Building from source is a nice idea, but it takes a lot of effort to get to *BSD's quality level, and it will probably always have a few more install problems than a binary package system. The distribution maintainers have to do the builds anyway to do verify correct behavior and to do testing.

Re:Huh?

[fireboy1919]

Building from source is a nice idea, but it takes a lot of effort to get to *BSD's quality level, and it will probably always have a few more install problems than a binary package system.

Quite the contrary. The article pointed out that the big problem with package management is getting the packages to work with the right libraries. Most of these dependency problems go away when you build the libraries from source.

They also included a system called "slots" which is for including multiple libraries on the same system. For example, I've got gcc2.95.3 and gcc3.2.2 on my system right now, and I use the former if a package is too old to work with the latter.

It is these things that let you do continuous updating, which is not very possible with binary systems - you usually have to upgrade all of your system at once if you want to ensure that everything works.

Of course, if you limit yourself to ONLY packages that your distro provides, and ONLY upgrade when they tell you it's safe, you might be able to get more stability. But that's like comparing apples and oranges since all the source distros use very modern versions of all the packages - you're comparing more stable binary installs to less stable source installs.

Also, I haven't met very many people who enjoy using the old, less featureful versions of packages. I myself run phoenix compiled from cvs, which, although it sometimes crashes, is much faster than Mozilla.
Is that even available in any binary distros yet?
What about winex from CVS?

static linking not a good idea, here's why

[dh003i]

I posted this elsewhere, but it is worth posting again. There are at least 6 reasons why shared libraries are still better than every app having it's own library:

1. Bandwidth. No-one wants to have to take 2-4x as long to download programs.
   
   
2. Hard-drive space. Even if we all had 40GB hard-drives, no-one wants to waste it reproducing the same information a hundred times. People buy hard-drives to store data, not twenty copies of the same library.
   
   
3. RAM.Loading two copies of the same library wastes RAM.
   
   
4. Load-time.Having to load all of the libraries will increase load-time compared to cases where some were already opened (by other apps) and you don't have to load them.
   
   
5. Consistency.Part of the benefit of having shared libraries is shared behavior. Destroyed if app X uses Qt 2.0 and app Y uses Qt 3.0.
   
   
6. The Big 3S: Security, Stability, and Speed.Who knwos what insecure, unstable, and poorly performing version of a library each app comes with. And who knows what crappy options it was compiled with. Resolving these issues at one central point can be counted out. You want to deal with any of these issues, you'd have to do it for every application's version of a library. That means doing it many times separately.

The solution to dependency-hell is to design better dependency management. Reverse-dependency management -- so as to remove useless libraries when no-longern needed and avoid bloat -- would also be good. Gentoo is doing pretty well in these categories.

On making install process' simple. I think that a graphical installation does not necessarily make things any easier. Anyone here played Descent 2? That installed by a good old-fashioned DOS-installation. And it was not particularly hard to install, even though it was not a GUI-install.

It is also not necessarily a good idea to abstract into oblivion the technical details behind an install. Part of the philosophy behind Gentoo, for example, is to take newbies and turn them into advanced users. I think that a clear well thought-out install guide is a useful thing. Gentoo's install guide is thorough and has virtually no noise. Compare that to the install-guides for Debian, which are affirmative nightmares, filled with irrelevant stuff. Furthermore, a helpful and friendly user-community is always a good way to help new users orient themselves. New users are going to ask questions on forums that advanced users find obvious. That should not be an invitation to say, "RTFM bitch" at the top of your lungs. All of us were newbies at one point, and just because we may have had to learn things the hard way doesn't mean that others should too.

Windows XP

[Overly+Critical+Guy]

Windows XP copies system DLLs that are of differing versions. "DLL Hell" has been solved since 2001.

Re:Windows XP

[Zigg]

Blindly, anytime? Hmm. So what happens when a library has a security vulnerability?

Can you say FreeBSD?

[destiney]

If you're looking for a super-easy install, why not just use FreeBSD?

You can install it from two floppies, and installing new software is easy as:

cd /usr/ports/new/package
make install

Or for those who don't have "compile time" you can grab binaries off the net:

pkg_add -r new_package

I recently converted my P133 fileserver to FreeBSD and it'll never run Linux again. Whole install took 15 minutes, then about another hour getting stuff setup.

Re:Can you say FreeBSD?

[RdsArts]

FreeBSD is wonderful. I use it as my desktop right now.

But if you want something similar for GNU/Linux, snag Gentoo. No binary support yet, but they GRP should be coming out eventually. ^^;;; Otherwise, it's like ports.

A wee bit less stable, but it's the only GNU/Linux distro I'll install anymore.

Also, the NetBSD ports tree has a binary package for it's ports tools for Slackware GNU/Linux.

Re:Can you say FreeBSD?

[destiney]

Well, Gentoo is nice I must admit.. but my Linux distro of choice is Linux From Scratch

DLL Hell On Windoze

[rossz]

My specialty is software installation. I've written dozens of installers on a multitude of platforms. On the windoze platform, DLL happens for two reasons:

1. No backwards compatibility. All too often, new versions are released that break older programs. Even Microsoft has done this with major DLLs.

2. Stupid installer writers. You're supposed to check the version number of a file before overwriting it. All too often the file is overwritten without regard to the version numbers.

So to overcome these two problems, the smart installer coder would put all the DLLs in a private directory of the application (not in system/system32).

Of course, Microsoft came up with a new system that broke this simple fix. Registered libraries. Instead of using a specified path to get a DLL, you would ask the system to load the DLL (using registry information). The path was no longer considered. One, and only one, version of the DLL was allowed on the system, and there was no feasible way to get around this limitation. Someone came up with a fix. It would have been a major pain to implement and would require cooperation amongst the DLL coders, which isn't about to happen since the lack of cooperation was one of the core problems in the first place.

For a commercial level installer, missing libraries was absolutely unacceptable. My personal rule was to ALWAYS include dependencies in the installer package. This meant the installer was bigger and more complicated, but it guaranteed the application could be successfully installed without the user having to run off to find a missing library. Or did it? No - Microsoft decided that some libraries could not be independently distributed. The only legal means of getting the library was through the official Microsoft installer. And no suprise here, half the time the only official installer for a library was the latest version of Internet Explorer.

Requiring an upgrade to IE is a major problem for large companies. They standardize on specific software and don't allow the users to change it. Requiring a site-wide upgrade of something like IE (or the MDAC package) was not to be taken lightly. Especially when it was dicovered that the required upgrade would break other applications (back to DLL hell).

FYI, when a major customer pays your mid-sized company a couple of million dollars a year in license fees, they can definately tell you they won't upgrade IE. It's our job to come up with a work around. Too bad a measly few million paid to Microsoft wasn't enough to get them to change their ridiculous library polices.

I call bullshit.

[StarKruzr]

That reeks of corporatespeak. Is WordNet an actual compilation of REAL dictionary entries?

Re:Instances don't really matter for static linkin

[Skapare]

Just to elaborate on the dynamic linking issue a little more, when a program that needs the "cos" function ends up being linked to libm, then at the time that program is executed, the libm.so file has to be memory mapped. At first that does not read any pages. But it does add another bunch of map entries to the VM structure. Then the dynamic linker has to resolve for "cos" and other symbols. That forces it to read the symbol table parts of the libm.so file. So now those do get read in. It's not as bad as reading in the whole file, but it's not a zero effort, either. And when "cos" is called, at least one page of code is loaded, maybe 2 or more. For small functions, a whole page is loaded for each function when dynamically linked if those functions are scattered around. Had it been statically linked, "cos" would be sharing a page with some other functions, and less VM working set would result, in addition to less I/O work to get loaded.

I'm not opposed to having shared libraries. Sharing the code is valuable when the sharing factor is high. But the judgement needs to be made on that basis. We know it will be high for libc. The question is what other libraries qualify.

Now I do consider libm to be a borderline case. I'm satisfied to leave it be dynamically linked since many programs do use it. Same for the core libraries of graphical systems like GTK+ and Qt. But lesser libraries really should be considered for static linking by packagers. And source developers should make their configure files to understand options to control whether to link statically or dynamically (with static being the default for perhaps all but libc). Even better would be to further include options for explicit control per library (including libc). That doesn't mean to not include the dynamic libraries, but it will help end users avoid problems if they, due to not being experts about what libraries every program needs, end up with certain libraries not installed that a dynamic program needs.

Compatibility slows progress?

[FullCircle]

My issue with Linux is that every time a new version of a library comes out, it breaks all prior apps. (usually)

The response is that compatibility slows progress by locking down the api. This is so short sighted that it is not even funny.

If programmers thought out how their libraries would be used it would be simple to add another call in a newer version. Instead they make short sighted decisions and ruin the use of a shared library.

IMHO any newer version of a library should work better than the previous version and be a 100% replacement.

This would fix a huge chunk of DLL hell and installer issues.

I have an example:

[fireboy1919]

The problems plagueing X11 right now - namely an API that is being used with graphics primitives that are, well...TOO primitive for normal use.

The code is huge, the programs that use it are huge, and it runs very slowly.

All to support backward compatibility.

Device Detection!

[cmacb]

While I think the debate over static vs dynamic libraries, DLL Hell, and registry vs central vs distributed storage of program parameters and settings is all worthwhile, he didn't cover what I think is *the* most important issue in the Linux installation process, and that is device detection.

MOST of the problems I've had with installing Windows, Linux or OS X involve the fact that when I am all done, not all the components of my machine are working the way I expected them to. I end up with no sound, or bad sound, or video that isn't right, or a mouse that doesn't work, or in the really bad cases, disk drives that work well enough to boot the system but then fail after I'm in the middle of something important.

Once I get past the initial installation I feel I am home free. If the devices all work the way they are supposed to, then I can avoid most other problems by just sticking with the distro that I started with. If it was Debian Stable I stay with that, and if I need to install something that isn't part of that system I install it as a user (new version of Mozilla, Evolution, Real*, Java for example).

It would definitely be nice if developers who used shared libraries didn't seem to live in a fantasy land where they are the only users of those libraries. But I *don't* think that this is Linux's biggest problem with acceptance. What Linux needs is an agreement by all the distros to use something like the Knoppix device detection process... and then to cooperatively improve on it. A run-from-CD version of every distro would be great. Why blow away whatever you are running now just to find out if another version of Linux might suit you better?

I'd like a system that does a pre-install phase where every component of my system can be detected and tested before I commit to doing the install. The results of that could be saved somewhere so that when I commit to the install I don't have to answer any questions a second time (and possibly get it wrong).

There is nothing that can guarantee that what appears to be a good install doesn't go bad a week later, but I personally haven't had this happen. I usually know I have a bad install within a few minutes of booting up the first time, and by then, its too late to easily go back to the system that was "good enough".

Re:Device Detection!

[willdye]

Mod that up! During my recent install of Red Hat 9, I came to a similar conclusion. Yes, library dependencies are a problem, but for me the bigger problem was having everything "just work" once the installation process was completed. I'm not saying it's an easy problem to solve, or that other issues are not worth solving, I'm just adding in my own feedback. For me, device detection was a bigger issue than library dependencies.

Re:Gentoo - emerge ufed

[Technomancer]

there is nice use flags editor - ufed

it used older kerberos probably because newest wasnt marked stable.

some ebuilds are broken, you should have reported a bug about shh building without kerberos.

obviously your "text mode" browser used those libraries. you should have used USE flags here.

yes it takes a while to compile and install, and its not for faint at heart. but the whole idea of installing from source is right, source code is great vehicle to deliver programs. think of it as something like java. instead java bytecode you have source code. instead of java interpreter/jit you have gcc. write once run everywhere.

wut on erth

requires less effort to install Knoppix? SuSe8/8.2? Libranet?

Sure as heck ain't Win98SukbuttEdition/ME/3.11/3.1/2.0. Or even MSDos/anyflavor DrDos/anyflavor XP/2000

Wut u b smokn Petreley? I b installd em all.

Next thing, Bob Metcalfe will be complaining about obsolete networking interfaces like Ethernet.

This posting is just dumb.

Linux ready for the desktop?

Has the dependency bullshit been fixed?

We have:

real time linux

embedded linux

enterprise linux

secure linux

64 bit linux

crossdresser linux

floppy linux

cd linux

start a fire by rubbing two sticks together linux

linux for transmeta's drm

business card linux

lindows

multimedia linux

Jack Valenti linux

think of something else linux

What we don't have is a linux that a non-geek can use on a desktop, and install a different/updated application that she needs, without a dependency failure.

My guess is that we'll have:

mars lunar lander linux

explore the milky way linux

explore the hershey highway linux

automatic ass wiping linux

256 bit linux

quantum linux

before one of the distro companies gets their ass in gear and deals with a fundamental problem with linux.

Linux ready for the desktop?

Huh!

Got to get around the stupid "Your comment has too few characters per line (currently 12.2)" lame ass filter, so I'm going to have to ramble on for a while in this paragraph and start experimenting with different tags in future posts so I can format my comments in a way that looks good but doesn't run into the lame ass filters at the non-w3c compliant slashdot site. Is slashdot still blocking the checking of the slashdot site at the w3c site? Let me check if there are enough characters now per line, so that I can post. Hold on. Yeah, that did the trick. Nice to see this filter for bulleted lists though. A real genius must have thought of this one.

Encap

[shellbeach]

I have been reading a lot of these threads, please complain but the answer is already out there. Have you looked at encap [uiuc.edu]?.

What's the difference between encap and GNU Stow? Quickly glancing at encap's web page they seem very similar.

Regardless, you might find the following bash alias useful:

alias ./configure='./configure --prefix=/usr/local/stow/$( echo `pwd` | sed -e s#.*/##g)'
(just replace "stow" with "encap", I guess :)

Re:Encap

[Malcontent]

Yes they seem very similar. Another case of duplicate projects.

dlopen versus ld.so

This is an idea I had...maybe it's already in use, I don't know.

What if apps were dynamically linked only with essential shared libraries (e.g. libc.so) and used dlopen() for non-essential libraries?

I thought of this when I tried to run the Lynx browser, and it failed because libssh.so wasn't present. Why does it crash so ungracefully? Why wasn't it written so it would still run if libssh.so was missing, but without support for secure web pages?

The article mentioned dlopen and libtool, but I wasn't sure what exactly he was talking about -- maybe the same idea.

MOD THE PARENT UP!!!

[Nicolay77]

This is the reason for all the dll hell, ok shared object hell in Linux.

It comes hand in hand with the BOFH attitude from some linuxers towards the regular users of the software.

And this is a more important issue to be resolved in Linux instead of just picking on the "sintoms" like the article does.

No can do.

>> 1. Upgrade your freakin' memory dude!!

Yes, I agree with you. In fact, I'm so 100% with you that I really got loads of RAM at home. But we're talking here about *thousands* of machines... an upgrade in this magnitude would be a costly operation and maintenance alone would justify buying new machines (that TCO thing, mind you).

>> 2. Try Knoppix.

A few of these machines don't have a CD player. Many have, but won't boot from CD (old BIOS etc.). And, on top of that, the company wants everything removed: floppy, CDs etc.

But thanks for the suggestions. If the machine was mine, I'd install a CD at the very minimum.

Case in point

[eco2geek]

...the complexity of installing even the most basic of apps...

RedHat 7 came with Pan (the newsreader) v0.11.4. I wanted to upgrade it to v0.13.x. But it was RPM dependency hell, even following various FAQs. Compiling from source didn't work either. I finally ended up upgrading to RedHat 8 to get it. Even then, I couldn't see any text in GTK 2-based apps because, while trying to get Pan to work on RH7, I'd installed an incompatible version of Pango, and upgrading to RH8 hadn't fixed it! I never could find anything that told me which version of Pango went with which version of GTK.

I'm no Linux expert, obviously - but one shouldn't have to mess with components of lower-level graphics and font-rendering subsystems in order to upgrade an application. The install program should take care of that.

Also, check out installing Pan for Windows. (Yes, there is such a thing.) You run the installer, it's installed, GTK's installed, and it works. You run the uninstall routine, and it's all deleted. Simple, unlike Linux, where you're lucky to get an install routine ("It's best to compile from source!" they say), much less an uninstall routine.

IMO, one of the biggest reasons people will shell out money for Windows licenses is that most Windows programs adhere to basic standards, like including installation and uninstallation routines, quite unlike Linux.

You can flame me if you wish, but it's true.

Face reality

What's racist?

India has a favorable exchange rate with the US

India is pushing programming for its people to dig out of the unfavorable economic conditions in its country, and bring in hard currency from other nations, specifically the US and Europe

the exchange rate in India, and the increased purchasing power of US corporations because of it, is enabling US corporations to lay off US programmers, and send their programming jobs to India

the number of US programmers laid off or currently being laid off is near an all time high, requests for hb1 visas are still high instead of dropping during a slow growth economy, and programming jobs shifting to India are increasing, not decreasing, during a slow growth economy

US corporations are either saving big money by hiring the same number of Indian programmers at a reduced wage/exchange rate, or they are hiring more Indian programmers for the same money they would have spent in the US

The savings are so great that it pays to establish offices, schools, and ship management personnel overseas temporarily to get the projects off the ground

The disparity is so great that the borg have shifted their assimilation from the US to India because of it

Take your head out of your sharpton and face reality.

Time to start the syrian part of operation pre-emption so that dwillyson can go back to picketing.

Autopackage cant do it by itself

If autopackage ends up coming into fruition, I think it will be a dream come true. But it can't do it by itself, there needs to be standards setup and developers need to adhere to them. People adhere to such standards on windows (even with Free Software), for example, The GIMP uses an install shield installer on windows (provided by a third party, not the GIMP developers themselves).

I think fine grained dependency checking is incredibly important. For example, to use Galeon, a package manager like urpmi will also install Mozilla (instead of just the libraries it needs). If you want to remove Galeon, it will try to remove Mozilla!!

Another thing that is annoying, is that if you are running say KDE 3.0, and you want to upgrade KMail, but it requires KDE 3.1, you need to do a 100MB upgrade of something as intrusive as a desktop environment! The package manager should just get what libraries it needs. Also, big projects like KDE tend to have 6 monthly monolithic releases which break forwards compatibility (e.g. the example mentioned above). The core of a package such as KDE should be slow changing, and updates should be small. But the applications that run on top of such a platform, should be fast changing. Or perhaps, if the 3.1 libraries are 100% backwards compatible, then on installation of a 3.1 application, the libraries are updated, but nothing else (i.e. still running KDE 3.0, but on 3.1 libraries) until you decide to upgrade various components (e.g., kicker has a bug, I feel like updating it, 10MB download...).

One of the things that could make cross-distro compatibility a reality is if the various projects released their own distro-independent binaries. For example, an autopackage packaged KDE, that will install on anything. Same with glibc, XFree86, etc... And even Kernel.org kernels! That would make driver distribution a lot easier as you only would need to choose a driver for your official kernel version, not for "Red Hat 8.0 Kernel-2.4.18-8.0 or SuSE kernel-blah or Mandrake-blah etc". Official binaries would force people to cooperate and maintain compatibility (e.g. KDE people would be pissed if GNU broke glibc compatibility without providing compat libraries).

Whenever a library breaks backwards compatibility (e.g. glibc), it should provide compatibility libraries such as those found on BSD. People can run FreeBSD 2.x binaries on 5.x ! If there was an official GNU/Linux system, such a thing could work. People would synchronise their new versions against official GNU binaries, etc.

Also, autopackage (or some other distro-independent package system) needs to provide information for where things are installed. So if something wants to install in the KDE directory, it knows that it's in "/opt/de/KDE" or wherever the _user_ decided where to put it.

This is a mammoth problem that needs to be tackled by everybody. Such a move could finally unite GNU/Linux systems and put an end to Microsofts "1000 incompatible versions" FUD. If distros still provided their own binaries, they would be forced to make sure they are binary compatibile with official versions, or face the wrath of their users and Independent Software Vendors who no longer recommend their distro.

Looked at PXES?

[anomaly]

I've been poking at this to do something similar for my company, and I have to say that PXES offers much more flexibility than a locally installed OS on the HDD.

If the box doesn't support PXE, you can probably create an etherboot floppy that will work similar to PXES and get you up and running even with low hardware - processor and RAM.....

http://pxes.sourceforge.net/

Packaging for individual users and all users

[Lurch00]

The one thing that I'd like to see changed about packaging is removing the assumption that the package is to be installed for all users. The type of development I do (embedded/dedicated systems mostly) often would benefit from being able to tightly control each user's view of the world. If app A and B each depend on libQ version 3, I don't necessarily WANT to upgrade both of them at the same time if I upgrade libraries. Often I create different users for different projects I'm involved in and manage everything manually, but this obviously isn't a good solution.

Or consider when regular users want to install software onto their account, a package is not an option. Windows has this kind of right with the All Users concept, although many packages break when trying to install them as a regular user. In the case of multiple users with the same package installed locally, some drive space optimization can likely be done with symlinks. I think Stow does something similar.

This isn't a problem with linux distributions per se, its a reflection of the unix mentality of one administrator and all users presented with the same environment. I'd like to see a packaging system that lets you install packages to your home directory if you wish, or become root if you want to make the package available to everyone. I really think this is possible to do, although it would mean breaking the FHS, and has the added benefit of reducing the time a user has to spend as root.

Any thoughts?

Why is this so hard???

[computingpenguin]

MicroSoft and Apple already have these things? Why cant the Linux community just settle on a set of standards? I mean we could try but we would spend years arguing over them. So what we are left with iws a front runner distro in the form of Red Hat and RPM. Both of which arent bad standards. Linux ahs great promise but we have to solve these things. When I left the Linux industry in 2001 it was because we couldnt find the time to get serious about standards. Let alone a basic agreement on what we should ue as an install tool. Developing standards would have solved a lot of the problems we were facing back then but no one wanted to do that. All Nick is saying is that we need standards. You need to code to a distrobution instead of coding for a generic Linux system. Because there is no such thing as a standard Linux distrobution with the possible exceptin of Red Hat. Trying to make a generic, bullet proof installer would be a neat hack, but you would quickly burry yourself in solving whacky depenancies and everything would be a constant moving target For better or worse, I'm kind of a Windows worker now and I kind of like the fact that when I code for WinXP I dont have to worry about what libraries are there. If I code for Red Hat 9 I know whatlibraries are there and I dont have to push any more magic into the system. Just my 2 cents worth, and I think thats about all its worth Mr. Petrelley's areticle looks pretty good. But I think red hat's already done thsi and we should just code to that.