Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ubuntu Developing Its Own Package Format, Installer

Posted by Soulskill on from the anything-they-can-do-we-can-do-better dept.

An anonymous reader writes "While complementing Debian APT/DPKG, Canonical is now developing their own package format. The new package format has promised highlights of having no dependencies between applications, each package would install to its own directory, root support wouldn't always be required, and overall a more self-contained and easier approach for developers than it stands now for Debian/Ubuntu packages. The primary users of the new packaging system would be those distributing applications built on the Ubuntu Touch/Phone SDK. The initial proof-of-concept package management system is written in Python and uses JSON representation." This quote from the post by Canonical's Colin Watson bears repeating: "We'll continue to use dpkg and apt for building the Ubuntu operating system, syncing with Debian, and so on."

6 of 466 comments (clear)

  1. Re:More Flexibility? by girlintraining · · Score: 0, Troll

    The registry is just crap and you're a moron for even bringing it up in this context.

    You're just angry that I'm pointing out that linux lacks a central repository for application and kernel settings and you have to dig through /etc 's mass of files to do the same thing. Linux is still rocking the equivalent of ".ini" files, and yeah -- it is primitive. And I'm not a moron for bringing it up, you're a moron for not seeing that sometimes, your religion of choice, could benefit from looking outside of itself and seeing that other developers have done something better.

    "DLL hell" has squat to do with it. The package manager is going to want to replace one version of an app with another. That is the only real problem here.

    You haven't done software deployment, have you? There's a lot more to it than "replacing one version of an app with another". Applications have dependancies. These dependancies need to be validated, otherwise your copy-paste of a new application could result in a massive shit storm. Especially when you do it 140,000 times at a go.

    If you ignore the package manager, you can install what you want.

    Umm, no. If an application has been dynamically-linked to a given library, and you upgrade that library and one of the changes is the behavior of a function that application relies on, you can get all kinds of problems from buffer overflows to math errors and all other manner of fail because the application expects one thing and the library delivers something else.

    This is the crux of "dll hell"; Multiple versions of a library. And not all of them are even developed by the same group. You can do dll injection, so that when you make a call to one dll, it's intercepted and replaced with something else. A great many exploits work on this functionality. A uniform interface for loading shared libraries, checking versioning and capabilities, etc., would resolve most of these problems and that's what Microsoft has been trying to move towards for years. Linux, meanwhile, has done nothing to address the issue, because malware authors have largely ignored Linux. But god help us all if the "day of the linux desktop" arrives, because we will be well and truly f*cked because of this design oversight.

    Linux has had versioned shared libraries for ever.

    That's nice. But I was talking about library management.

    --
    #fuckbeta #iamslashdot #dicemustdie
  2. Re:More Flexibility? by girlintraining · · Score: 1, Troll

    Why on earth would I want to cram everything into a central repository?

    This is a question that's been asked and answered a great many times, if you care to google it. I won't bother going into all of the benefits over centralization... but the biggest one is concurrently running applications: A change in the registry means the applications that access that key get the new value in real time. A file doesn't necessarily do that; Especially if it's been locked for writing.

    --
    #fuckbeta #iamslashdot #dicemustdie
  3. Re:More Flexibility? by girlintraining · · Score: 1, Troll

    As far as "just works" goes. Nothing that MacOS or WinDOS has can touch a Linux package manager.

    SCCM: I push a button. 140,000 machines get updated with the next security patch. I get a nice report showing any failures, and pass this on to my remediation team to follow up on.

    Linux: I push a button. Then I push a few more buttons. Then I puzzle over /var/log/debug ... then I recompile the kernel. Then I try deploying the kernel to a few other workstations. Then I find out that some of the modules that I thought weren't needed, were. I recompile the kernel again. Now I deploy the kernel and updated application. About half of the boxes stop booting up. I spend the next few hours paging data centers to reboot them and what special lines to enter into the "boot:" prompt to get it working again. Finally, I get the kernel and application deployed. The application crashes because it expected libc6 instead of libc5. At the end of all of this, I write a custom script to generate a report for me telling me which workstations got installed, which didn't, and if so, how they failed. I write it in Perl, because... Perl. A week later, the application is patched and the phone has stopped ringing from angry users. I open up my inbox... It's another request for a patch. I open my desk drawer, take out the gun, and shoot myself in the head.

    --
    #fuckbeta #iamslashdot #dicemustdie
  4. Re:More Flexibility? by girlintraining · · Score: 0, Troll

    You are a completely ignorant moron not really worth responding to. You are a very incompetent troll.

    Yet I make way more money than you could even dream of doing network administration for a Fortune 100 business with over 150,000 workstations. Every night, I push out a half-dozen new applications, patches, and OS installs. Yes, I must be a troll... because I disagreed with your religious persuasions and am making an argument based on facts widely supported by market research and years of professional experience... whereas you're busy emoting on religious furvor.

    In other words you're unemployed and living in your mother's basement. Your weak attempts at bluster impresses NO ONE here.

    I think you're referring to yourself here, buddy. I'm going out this weekend to buy a new car...

    You have no real clue abut Linux or corporate computing.

    I know what technologies are in use at over a dozen Fortune 100 companies, and I'm familiar with them. And you know what -- none of them are looking for a boat load of linux administrators. There are reasons for this, whether you want to believe them or not.

    --
    #fuckbeta #iamslashdot #dicemustdie
  5. Re:Good by Anonymous Coward · · Score: 0, Troll

    Except that you still have to "install" Steam per user, into a user's home directory, for fuck's sake!

    Steam "for Linux" *runs* on Linux. That's about all. It *couldn't* be further from the proper Linux way in every other aspect!

    It's like those morons did never even remotely comprehend how Unix systems work, and just slapped their Windows ways onto it.

    And Canonical is doing the exact same shit. Tons of morons who only know and understand Windows and OS X, and think things work the same way on Linux. Idiots who never saw anything but GUI desktop environments that deliberately pretend to be as much like OS X (Gnome) or Windows (KDE) as possible.

    All in the name of getting even more retards to use what they think is "Linux".

    I, for one, think we don't fuckin' need morons. Linux is not a toy operating system! It is a PRO system for *professionals*. People with brains!

    And I, for one, say Ubuntu is NOT Linux anymore. It tries extremely hard (attention whore style) to be an OS X and now iOS clone. So let's give it that "honor" and call it that!

    UBUNTU = OS X clone != Linux

    There. I said it.

  6. Re:More Flexibility? by girlintraining · · Score: 0, Troll

    Some of us have actually worked in environments like that.

    You know, as much as I'd love to zip-thud and reveal my realworld identity and confirm that not only am I telling the truth, but I can provide specific examples, I am bound by an NDA and company policy that prohibits me from disclosing who I work for on social media.

    I stand by what I said; The wide variety of linux distributions, software versions, differing packaging applications, etc., makes patch management and software deployment a nightmare. Every place that I have worked at where linux was used, has experienced major logistical headaches. Part of this is due to a lack of labor resources that are adequately trained in Linux, but a lot of it is that there aren't any enterprise-grade tools to make it easy. Most companies that support a lot of linux systems have rolled their own deployment infrastructure and have tried to standardize on one specific distribution to limit the amount of testing and validation needed.

    Professionally, I can't recommend linux for anything other than servers and embedded solutions where the systems will run for years without being overhauled and that the only security patches to be applied will be for public-facing services.

    That's just the reality of the industry. I have no attachment to Microsoft products; I've used MacOS, Linux, Windows... along with a variety of other now-defunct platforms like OS/2 Warp, BeOS, even CP/M. I'm "agnostic" about operating systems. My job as an IT professional is to facilitate the business process using the tools and resources given to me.

    --
    #fuckbeta #iamslashdot #dicemustdie