Slashdot Mirror
Fedora Project to Help Revitalize RPM
-=Moridin=- writes "The Fedora Project has announced plans to revitalize RPM, the package manager used by many Linux distros. According to the announcement, 'Job #1 is to take the current RPM codebase and clean it up, and in doing so work with all the other people and groups who rely on RPM to build a first-rate upstream project.' For more information, see the the RPM web site and the new wiki-based RPM FAQ. The issue of RPM's upstream development has been a thorny issue ever since Jeff Johnson, the original maintainer of RPM, left Red Hat."
It's been a *long* time since I've used an RPM-based distro. Do RPMs still have a confusing dependancy circle hell? It was perhaps the most frustrating and poorly handled thing about installing software on really any OS I've tried.
A better comparison would be dpkg to RPM.
Apt is a program that automatically resolves dependencies and fetches packages to install, among other things, and it sits on top of a packaging system, like dpkg or even RPM.
As for dpkg vs RPM, I can only say that I've never had as many problems with dpkg as RPM, especially when installing 3rd-party (unofficial to my distro) packages. I've also had fewer instances of "dependency hell" with dpkg than with RPM, and it's always been easier to fix when I have, but that has more to do with the package and distro maintainers than it does with the packaging system.
Yum, a popular RPM-based manager (like apt, but specifically for RPM) was certainly a total piece of shit the last time I tried it. Took about 10 times as long to do anything as apt would have for the same operation, and I'm not exaggerating. Maybe it's gotten better, but as recently as a couple years ago it was a huge pain in the ass to use. Apt for RPM seemed pretty good at the time, but I've not used it since. I don't even bother with RPM-based distros anymore, as, of the three systems I've used (dpkg+APT, Gentoo's Portage, and RPM) it was, hands down, the worst. It may be better these days, but then again I've found the recent Fedora builds that I've tryed out make me feel restricted, while simultaneously making me do more work than a modern dpkg-based distro probably would. For some reason, distros based on Debian seem to pick better defaults for newly-installed packages than RPM-based ones do, though I don't know why that is.
For reference, I've mostly used Mandrake, Debian, Gentoo, and Ubuntu over the years, with lesser but non-trivial amounts of time spent with Red Hat/Fedora and Slackware, and a tiny bit of time with Suse, so any bias in my opinions on the matter may be tied to this, but I really have found that package management was only ever something that I dreaded dealing with when I was on Mandrake and Red Hat/Fedora, and I didn't work with Suse enough to form an opinion on it. Switching to mostly non-RPM distros a few years back made most of my package management woes disappear instantly.
I've seen enough loyal Fedora/RH users using apt-rpm on their own systems to indicate that a complete transition, ie. replacing rpm's with debs may not be so shocking for a community of $RPMDISTRO users.
The task of migrating rpm packages over to the deb format would certainly be a massive undertaking, but the popularity and reputation of the Debian packaging system shouldn't be ignored. With the rapid growth of Ubuntu, the interest from historically Linux unfriendly third-parties in releasing packages in a Debian format is hard to ignore. Fedora could benefit from the growth of Debian based distributions, getting a lead on other rpm distros that choose to stick with a troubled package format. They could do what any good distro does these days: focus on offering a quality user experience, choosing the best technology available to fulfill these ends. Package conflict / dependency resolution is a typical reason people turn away from an rpm based distro, even Linux altogether.
Apt is certainly not deprecated in favour of aptitude, as aptitude is a frontend to apt. One could argue that aptitude is superior to apt-get, but it should be noted that apt-get also has autoremoval, at least in Ubuntu. Try apt-get autoremove.
Personally, I have always used apt-get instead of aptitude.
Unfortunately at the moment most packages don't just contain files and meta data they also have this hacky distro-specific bit that actually runs commands directly on the system. Which is really quite crap.
For example a sane package format might have something like this to install a font. This would allow any system that supports truetype fonts to install it how it wants.
But you are more likely to see something like this: Which is actually a set of commands to install the font on a system with a particular X based font system and directory layout.
The requirements for packaging for Windows is fundamentally different than for Linux. The differences between distributions can be extremely large as Geekmeister mentioned, much larger than differences between versions of Windows, and there are innumerable places where things could vary.
How would a universal package for apache, for example, know how to set up starting and stopping the service? Different distributions put the scripts in different places, and use different formats and conventions for the scripts. In future versions of Ubuntu, the scripts won't even be shell scripts, and will be handled in a fundamentally different way. The meaning of installed dependencies is also different. USE flags in Gentoo would have to be considered, for example.
In order to make a package format that would work for everyone, the system would have to resemble autoconf, and check for every imaginable aspect of each system. Like the configure scripts of autoconf, doing so would make installation absurdly slow. The package format would also have to include many versions of files with the same purpose, making the packages very large.
In short, perhaps such a package format could be made, but it would be inferior to the formats that already exist. In fact, this is the case. Formats like autopackage and klik exist, but they are markedly inferior in terms of stability, reliability, elegance, and usefulness for non-trivial packaging requirements, and usually only used for end-user applications with few dependencies.
Whatever you do with your new package format, please ditch -devel packages. Back in the day, there was a good reason to minimise package sizes; people were using dial-up connections, therefore charged by the byte, and had slow CPUs and limited storage. So packages were pre-compiled (i.e. the distro maintainer does ./configure --with-this=ourformofthis --without-stuffwedontneed and make) to save you the CPU cycles; and the files you would not need just to use a package, only if you were trying to build something else to go with it, were separated out into a "developers'" package.
Nowadays we have broadband, CPU cycles to spare and plenty of GB of storage. Despite the size of the repositories, there will always be a need to build and install the odd third-party package. For someone who knows what they're doing, it's as annoying as hell to be told on the package homepage I need to have libfoo installed; then have the configure script conk out because libfoo-devel isn't installed. For a n00b, it's much worse, and can be a dealbreaker.
Separating out the -devel stuff was the right idea a few years ago; but today it is doing more harm than good. Please, let's have all the -devel files in with the main package. A user who really wants to keep everything trimmed down as lean as possible can always delete the files they don't need afterward.
Je fume. Tu fumes. Nous fûmes!
I heard of such problem (though never used the apt-rpm by myself).
Most often the problem was attributed to RH/SUSE love to heavily patched software which leads to requirement to have rpm depend on precise version of the patched software (glibc, perl, python, kernel headers, etc).
Debian's packages normally try to be lax about dependencies: they do not depend on some particular version of other packages, but rather range of versions. e.g. some packaged doesn't depend on "glibc-2.3.99-cvs20041212", but rather on "glibc-2.4 and higher". (I still shiver recalling hell of manually upgrading RH/SUSE servers - after new release of glibc.)
IMHO, your problem is ideological incompatibility of apt and of rpms as provided by vendors.
On Debian with all Debian's repositories + several second party repositories, apt/aptitude does great job of finding compatible combination of packages to install: often it may resort even to downgrading some packages to satisfy dependencies and allow you to install request package.
All hope abandon ye who enter here.
I fail to see why your lack of understanding about how rpm works means that rpm should not be made better. The article is about making rpm better, whereas your post is about how hard it is to learn everything about Linux. While you may, in fact, have a valid point, your point doesn't mean that rpm shouldn't finally be made into a decent package manager.
The problem with that theory is that it doesn't make any sense. Even in the Debian world, I'll come across .deb packages that need manhandling (instalation, removal, retrieval), and the debian command-line utilities (e.g. dpkg) are always simple to use when I need to. 'dpkg -i' to install, 'dpkg -r' to remove, 'dpkg -l' to list matching packages, and 'dpkg -S' to find out what owns a file.
If you look at the output from 'dpkg --help' and compare it to RPM's, RPM provies a much longer list of options, the vast majority of which no one ever uses, burying the commonly-used functionality in a sea of terse explanation.
The RPM tool needs to be replaced - possibly with another version of the tool, but removing all the extra cruft from the way it's used. It makes no sense to say 'Well, of course it's messy because you shouldn't be using it'. If the tool exists, it should be usable.
Even with the APT frontend picking up the slack, Debian has managed to keep dpkg easily usable and keep the help options straightforward, to the point where I rarely have to dig for what I need to do. When I go to work and have to work with the package management tools on Fedora (yum on our workstations) or RHEL (RPM on our servers), I hear nothing but complaints about usability, speed, and reliability from coworkers.
RPM needs an overhaul, badly, but I doubt it'll get the one it needs.