Fedora QA Lead Pans Canonical 'Propaganda' On Snap Apps

Long-time Slashdot reader JImbob0i0 shares a scathing article by Red Hat's Fedora QA "community monkey"/senior QA engineer on Canonical's announcement about their application delivery mechanism "snap"... ...and how it's going to unite all distributions and kill apt and rpm! This is, to put it diplomatically, a heaping pile of steaming bullshit... The press release and the stories together give you the strong impression that this thing called Snappy is going to be the cross-distribution future of application delivery, and it's all ready for use today and lots of major distributions are buying into it... The stories have headlines like "Adios apt and yum? Ubuntu's snap apps are coming to distros everywhere" and "Snap Packages Become Universal Binary Format for All GNU/Linux Distributions"...

Now, does Snappy actually have the cross-distribution buy-in that the press release claims (but never outright states) that it has? No... The sum total of communication between Canonical and Fedora before the release of this press release was that they mailed us asking about the process of packaging snappy for Fedora, and we told them about the main packaging process and COPR. They certainly did not in any way inform Fedora that they were going to send out a press release strongly implying that Fedora, along with every other distro in the world, was now a happy traveler on the Snappy bandwagon... They just decided to send out a wildly misleading press release and actively encourage the specialist press to report that Snappy was all set to take over the world and everyone was super happy with that.

SIGH.... it's like being out on a playground

[BenJeremy]

Until everybody learns to play well together, Linux and other great open source projects will continue to be fractious tech that people will, rightfully so, find hard to take seriously.

Maybe both sides are right, maybe neither side is... but as long as people take sides, draw those battle lines, polarize the issues to extreme levels, open source projects can never mature (indeed, maturity is a word we can not associate with such feuds). Compromise and communication seems to never be considered.

That's not to say it can't be done, but the types of personalities that stand in the forefront of Linux, for example, seem very bull-headed - obsessed that their way is right, and never willing to accept constructive criticism or the possibility that there may be a better way of doing things.

Re:SIGH.... it's like being out on a playground

[SocietyoftheFist]

Ummm, where you been the last 20 years? Linux is a data center operating system, lots of money being made off of it that way. There is a free UNIX that isn't fractured, and is making its maintainer good money on desktop hardware and it isn't Linux.

Re:SIGH.... it's like being out on a playground

[AdamWill]

Almost everybody is already pretty capable of working together. Did you know, fr'instance, that I've spent the majority of my working time for the last year working on Fedora's deployment of openQA - which is a (very nice) system written by SUSE engineers? We now regularly make commits to upstream openQA, the SUSE folks have been fantastic about working with us, and other distributions have been expressing interest in and experimenting with using openQA - and have been welcomed by both SUSE and RH/Fedora folks.

Canonical is the one player who is *always* pulling this kind of bullshit. Do you think a good way to kick off the process of playing well together with the other distributions is to issue a press release - and hold a press call - strongly giving the impression that their system is mature and ready for deployment, and that all the other distributions have already bought into it, when neither of these things is remotely true? Does that seem like a good way to engender good will and collaboration with the other distributions, to you? No. It's an attempt to strongarm the community into accepting your system by hoodwinking the press into giving it so much of a push it looks like a fait accompli. Why would any other distributor feel particularly happy about that?

Have you noticed that *not a single other distributor* pulls this kind of crap? It's always and only Canonical. We don't do it - however much someone may or may not dislike systemd for instance, we didn't build a half-assed Ubuntu package for it then issue a press release saying "Systemd Is Coming To Ubuntu", did we? SUSE don't do it. Arch don't do it. Elementary don't do it. Debian certainly don't do it. *No-one* but Canonical does it. Have you noticed how whenever this stuff happens, it always seems to involve Canonical?

When the SUSE folks built a PoC of openQA testing Fedora, they didn't issue a press release saying 'Our Awesome Test System Is Coming To All Distributions!" Nope. They contacted us in a super nice and friendly way and said hey, maybe you'd like to take this and run with it. And so we did! And now we're collaborating. *that's* how you build cross-distribution collaboration. Not by issuing bullshit press releases first and sending out ridiculous requests for people to come to your Snappy development sprint a day later, after the backlash blows up in your face. (Yes, they actually did this. The invitation goes out of its way to say that the whole team "including Mark Shuttleworth" will be there, as if we're all going to fall over ourselves like a bunch of starstruck teenagers or something. No, they didn't ask other distributions to come to some kind of neutral discussion about application bundling formats, they just asked us to come to their previously-arranged Snappy development sprint.)

Re:News at 11

Shuttleworth pulls this shit regularly. Systemd, Mir, Unity, etc.

Pretty sure systemd was pushed -- at least initially -- by Fedora/RedHat folks.

Re:Unification

Unification is what linux desperately needs in order to make it possible for third party closed source vendors to target the platform. Otherwise they just make ubuntu binaries, and that's it.

The few times that I've ever needed or wanted to install anything that was only shipped in binary form, the packages that were put out for one or both of the popular distros (usually Ubuntu and Fedora) could easily be packaged and run on others distros (such as Gentoo and Arch which I use). Actually, by the time I wanted to install those things on my distro, somebody else had already made an ebuild or packaged it in AUR, so.... do we really "desperately" need whatever this snap apps thing is? Doubtful.

Re:News at 11

Shuttleworth pulls this shit regularly. Systemd, Mir, Unity, etc.

What? Are you confusing systemd with upstart?

Redhat's strategy

[phantomfive]

This quote show's Redhat's strategy fairly well:

Flatpak’s (Redhat's preferred alternative to Snap) developers have been communicating with technical conference presentations and blog posts and trying to build a dialog with application developers and distributors

That explains how systemd worked, too. Systemd talked a lot with the people who write startup scripts, at both redhat and debian. They tried to be responsive to their concerns, and give them what they wanted, which is why systemD succeeded.

Just as notable is who is missing from the dialog: the actual users. Which explains why systemd made startup-script writers happy, and a bunch of users upset.

Re: Redhat's strategy

Not really.

Most simply learn whats new and move on, they don't go about screaming that the world is ending.

The complainers may make it look like a lot, but its not.

Re:Redhat's strategy

[loonycyborg]

There is a big difference between "your voice is worthless" and "the final decision is done by people who actually can do the job". Some contributors actually go way beyond the call of duty to help users. But their power isn't unlimited and tradeoffs must be made. Some users want sub-optimal or impractical decisions to be made, often decisions that would screw other users. And once they fail to make things go their way to everyone else's detriment they declare themselves "voiceless" and "powerless". But the truth is, final decisions are always done by people who do stuff, or at least on their behalf. This applies to everything, not only open source projects. Even a paid software house will tell you take a hike if you ask them to do something asinine. If you're lucky. If not, they'll agree at first, and later declare project to be a failure, but will pocket money anyway.

Unifying around shitty tech is a bad idea.

Would greater consistency between the Linux distros make it an easier platform to target with binaries? Of course! But what we've seen happen with systemd, GNOME 3, and now these "snaps" is that this unification is happening around the worst technology around.

A typical Linux distribution today consists of the Linux kernel, which is actually quite good, and everything layered on top of that is shit.

We hear about systemd causing one problem or another far too often. For example, it was just a few weeks ago that we learned that a systemd change broke software like screen and tmux!

X is a trainwreck, but Wayland is even worse. With X we get a prehistoric relic, but at least it's somewhat usable. With Wayland all we get wheel spinning pointlessly in mud, going absolutely nowhere.

Then there's GNOME 3, which is by far the worst user experience we've ever seen from a Linux desktop environment. It's a tablet-oriented UI that nobody actually uses on a tablet, yet desktop users who try to use it are forced to endure the tradeoffs made to try to cram a desktop environment onto tablets.

People were attracted to Linux in the first place because it offered software that was better than what we found in Windows or Mac OS at the time. But that was 15 years ago, and times have changed. OS X and Windows provide a much better user experience these days for desktop users. FreeBSD is now indisputably better on servers.

These efforts to unify Linux have ruined it, I think.

Re:Unification

"Unification" is exactly what GNU/Linux *doesn't* need. Innovation creeps up in the FOSS world through other projects, NOT through iteratively improving one core. I'm not a fan, but it's undeniable that systemd didn't become popular simply by building on initscripts. Even OpenRC doesn't do that; it uses sysvinit, but the scripts are entirely its own. Iterative development is not enough to create large breakthroughs. In the systemd example I gave it's really not that large because it doesn't actually do anything new, but it's still such a large change that it wouldn't be possible if it wasn't its own project.

In the "wonderful" unified Linux world, you'd be stuck with what you're given. If upstream doesn't want your contributions, you no longer have the (realistic) option to fork. You either get it into the mainline release, or your innovation or improvement simply doesn't get used because everyone's already "agreed" on this base.

Unification destroys the concept of distributions, destroys the ability to fork and build, destroys the ability to greatly change and innovate. I may not be a fan of some of the recent changes (such as the systemd cult), but I absolutely respect the shit out of the environment that makes that change possible or even easy. Whether you're running OpenRC, systemd, sysvinit, runit, or whatever, you're still GNU/Linux at the end of the day. The ability to pick and choose your software in Linux is a feature, not a bug. If you don't want configurability or choice, go use a BSD or literally any other OS.

The main issue with "targeting" is itself. Software should depend on as general a base as possible. For example, it shouldn't be using low level dependencies with unstable APIs. Most applications (games being the biggest examples) can get by with dbus, udev, xorg/wayland, and SDL. Other libraries such as libav, libpng, and so on are rather stable if you target them correctly.

If we want to point the fingers at anyone, it's the closed sources guys modifying the libraries that they use and expecting every distro to use their modifications. In the same breath, Ubuntu is one of the worst distros to target *because* they modify the libraries so much. The rest of Linux land doesn't suffer all that much, if at all. Build your shit right and it'll work.

Trying to force GNU/Linux land to unify will destroy its software ecosystem. Hackers will move on and/or simply refuse to target the unified stack. I've heard of some developers actively putting code into their applications to exit early if it detects software that the author disagrees with. Things could get ugly fast.

Re:Only Luddites Get First Posts

[TechyImmigrant]

Patiently awaiting the APPS guy.

I predict it will be the SNAPPS guy this time.

Re:Unification

[phantomfive]

Unification is what linux desperately needs

No, Linux's strength comes from its diversity and flexibilty. Linux is the dominant operating system in the world right now, and it's because of its flexibility that it was able to easily be adopted on platforms as different as bionic/android, and SLURM/Linux.

If someone tried to enforce their system ideology on everyone, then these variations wouldn't be possible, and Windows phone might very well be the main competitor to iPhone (all the OEMs wanted that....or something, and Google hit first with Android).

Re:Only Luddites Get First Posts

[Hognoxious]

In Soviet Russia, apps guy awaits COWS!!!.

Android is _not_ Linux in any reasonable sense.

I don't get why people consider Android to be Linux. It's nothing like traditional Linux distributions.

Sure, a customized version of the Linux kernel is used, but everything else typically associated with a Linux distribution has been thrown away. That's probably why Android is successful: the Linux kernel is marginalized to the point where almost nobody even realizes it's there, and the traditional GNU/Linux userland is thrown away and replaced with what's essentially proprietary software, even if the source code is available.

Android isn't successful because of Linux; it's successful despite using Linux. Android would be just as successful were it built around the, say, NetBSD kernel instead. It's not the kernel that makes Android useful; it's the custom userland software that Google has created that makes Android successful!

Android is as much "Linux" as Windows would be "Linux" were Microsoft to replace the Windows kernel with the Linux kernel. That is, it would not be "Linux" in any meaningful sense.

Did IQs just drop sharply while I was away?

Mandatory XKCD: https://xkcd.com/927/

It's the absolute truth of everything, as shown by the past DECADES of various standardization attempts.

Meanwhile, the concept of snaps is broken and WRONG. The reason is quite simple. Let's take OpenSSL for example. A lot of software uses it, links to it. In a snap-only world, if you had a dozen snaps on your computer that used OpenSSL, each and every one would have to update their packages INDEPENDENTLY. You have zero control over your computer. You cannot pre-empt, you cannot patch before the upstream does, you're at the mercy of that huge blob becoming available for each snap.

And NOTHING stops closed-source commercial software vendors from shipping their software with BUNDLED libs, and/or statically linked, right now. Except one little thing. They don't care about less than 1% of the user base. Case in point: Steam.

So there is absolutely NOTHING in snaps, no benefit whatsoever, over the existing delivery methods. You want a centralized app container for all your distros? Tarballs. You can tarball your bundled and/or statically build application if that's what you want, even today. And guess what, EVERY *nix operating system on the planet supports those.

And good luck with the isolation/containerization part, until all the distros agree which one to use. LXC, LXD, docker format, rocket format, next-container-wonder-du-jour.

Re:Did IQs just drop sharply while I was away?

[DarkOx]

I agree I think the next 2 years or so will prove the likes of SNAP and docker to be about the worst thing to happen to computer security since Windows came on the seen.

I have every confidence that hacking Linux systems is going to become shooting fish in a barrel. Exploit some obsolete lib -> get shell -> run precanned generic container escape code and get root.

Re:Unification

Do you know how many different versions of Linux run across a thousand server environment?

Yes. Our datacenter has many thousands of boxes, and we happen to run CentOS on our machines. At any time, there are at most two different versions of Linux across our datacenter. When we roll out updates, some boxes will obviously remain on the old version while others are upgraded until they are all the same version again.

If you're struggling with heterogeneous machines, maybe you should consider making your datacenter more homogeneous.

Re:News at 11

The imbecile responsible for the abomination that is systemd, is employed by Red Hat.

Fuck you systemd and fuck you Red Hat.

Re:Linux is for penguin fuckers

[lucm]

you mean... sudoctl systemctl snapctl installctl windows10ctl

output of the command:

"active/dead: upgrade was ... 9:32 am"

to view the full message, run upgrade again using a 4k monitor.

Re:Whining from fedora

[AdamWill]

It's claiming that it already *is*. And that it is "enabling a single binary package to work perfectly and securely on any Linux desktop, server, cloud or device", when it currently does nothing of the sort, because confinement is disabled on other distributions and cannot work effectively on X11 (which is still the default for every major distribution) in any case. That's a direct quote from the press release - note *present* tense. It does not say Snappy will some day "work perfectly and securely on any Linux desktop". It says it does so right now. This is patently *not true*.

Re:Hypocrites

[AdamWill]

Last time I checked, Lennart wasn't grown in a Red Hat lab. I don't think we have that technology yet. He was working on PulseAudio before we hired him. We gave Lennart a pay cheque; he comes up with the ideas on his own. ;)

However much you dislike PA and systemd - and feel free to dislike 'em as much as you want, it's a free world - they achieved their positions honestly. We did not build half-assed PA and systemd packages for a few other distributions then issue self-congratulatory press releases about how great they were and how PA and systemd were now the universal standard for everything.

Re:Did he even read Canonical's announcement?

[AdamWill]

Did you actually try reading my post? Like, the bits with direct quotes from the Canonical press release?

Here, here's an easy one. The very first sentence of the press release claims Snappy is "enabling a single binary package to work perfectly and securely on any Linux desktop, server, cloud or device". *Present* tense. The claim is that it does this right now.

This is patently and demonstrably false. The snappy packages for Fedora are built with confinement disabled, and the installation instructions tell you to disable SELinux to use snappy. Thus the whole supposed 'security' feature of snappy itself is inactive (the snaps are not confined, they have full system access), and using snappy requires to to *significantly decrease* the security of the whole system (not just the snaps you're running).

Not to mention that meaningful confinement of X11 apps is impossible, and all major distributions still use X11 by default. This is why no-one is running around telling everyone they should use Flatpak right now. I presume it's also why Canonical engineers haven't been running around telling everyone to use Snappy right now. Canonical's PR department appears to have no such qualms, however.

So. There's a nice easy one for you. But for the advanced class - Canonical PR are not a bunch of idiots. They know exactly what they're *doing* when they issue a press release with a lot of key words and phrases carefully arranged in extremely ambiguous ways. You can bet your bottom dollar they were not shocked and amazed when all these stories came out saying that Snappy was now the agreed-upon universal app distribution system and apt and rpm would be dead any minute now. (Or if they were, it was in the "I'm shocked, shocked to find that gambling is going on in here!" sense of the word). They knew exactly what they were doing. Have you seen 'em running around issuing clarifications, fr'instance? No? Hmm, wonder why that is. It's fairly apparent from the articles that *were* published that Canonical held a press call to go with the press release; do you suppose they were carefully correcting the assumptions of journalists on said press call? Hmm? Doesn't look like it, does it?

Personal post

[AdamWill]

For the record, Slashdot, while I *am* an RH employee and a Fedora QA team member, this was a personal post, as the first words of it explicitly claim. It's not posted on behalf of Fedora or RH and does not reflect the official position of either RH or Fedora.

Re:Personal post

[AdamWill]

Well. You may not see it this way, but to me there's a rather big difference. Usually when people talk about RH 'causing grief' and 'UNIX design philosophy' (sigh, if I had a nickel for every time...) they're talking systemd. Yes? Well, sure. Lennart wrote systemd, RH is fairly solidly behind it these days (though note it wasn't at first - Lennart had to sell systemd inside RH about as hard as he had to sell it anywhere else), and quite a lot of people don't like it.

Fine, it's a free world. But that's ultimately a technical argument. We didn't put systemd under an RH CLA. We didn't issue press releases prematurely declaring that it was taking over the free world. It's a freedesktop.org project, you don't have to sign your soul over to RH to use or work on it, it has plenty of non-RH contributors, and it got integrated into non-RH distros through their usual processes for feature review.

I don't usually actually have any problems with Canonical's engineers, or their projects, believe it or not. Of course there's the whole Wayland/Mir mess, but that's kind of an exception (and even there the main problem is down to management, not engineering). The stuff I don't like from Canonical invariably comes from management and/or PR, and (again purely my personal opinion) ultimately derives from Mark and his poor-man's-Steve-Jobs complex.

I don't have any particular problems with Snappy as a technology. Heck, a couple of things about it might be better than Flatpak (I don't know either system in much depth, just broad overviews and the specifics I dug into for this kerfuffle). From a purely technical viewpoint - if you ignore the publicity, and the problematic influence of snappy being under the Canonical CLA and the server end being a black box - it's perfectly possible Snappy could turn out to be the best answer to this particular question. It's certainly not a Wayland/Mir situation - Snappy and Flatpak both have fairly complex histories and predecessors, but whichever way you cut it, they've been around about as long as each other.

The issue I have is specifically with *this press release about snappy*, and more specifically with the way it vastly overstates snappy's current capabilities, and the way it strongly implies that snappy already has substantial cross-distro buy-in. Taken together - and if you look at the stories that came out of it, which Canonical PR *certainly* was not ignorant about, especially given there was a press call - this comes off as an attempt to effectively pre-empt the whole process of building consensus around a solution by giving Snappy such a strong press push that everyone just has to fall in line behind it, regardless of the fact it's not remotely *done* yet and there are other options that have already been trying to build support the right way.

Re:Unification

[AdamWill]

This is a perfectly reasonable point of view, sure. Do you think the best way for a company to try to achieve unification behind their system is - before holding any meaningful discussions with other distributions - to issue a press release massively overstating their system's current capabilities and heavily implying it has already *achieved* unification? Don't you think it might be better to, oh, I don't know, actually talk to other distributions and try to achieve some sort of consensus? And be honest about what their system is currently actually capable of, and the challenges involved in making it a truly viable cross-platform solution?

Snappy is non-free anyway

[Lirodon]

Only the client portion is free software. It only works with a proprietary, Canonical-run package repository. Canonical does not offer source code for the server aspect, and thus, does not offer the ability to create third-party servers. The entire system is subject to Canonical's walled garden.

Re:Snappy is non-free anyway

[JohnFen]

I've seen this reported elsewhere too. Is this really true? If so, that's a complete showstopper.

Re:Hypocrites

[thegarbz]

What debacle?

Ubuntu releases snappy on their distribution, claims success around the world despite no one agreeing to it.
Redhat releases systemd and pulseaudio on their distribution, everyone around the world adopts it.

I can see which one is the debacle here. Oh and you think a couple of whining users matter? hahahahaha

Re:Curious..

[JImbob0i0]

Not /opt ... /snap actually ...

If you install it you'll see you get a 'Core' Ubuntu system in /snap/something-or-other and then overlayed on that is the snap in /snap/app-of-some-kind

So basically they use a not-quite-namespace (pivot-root to be precise) with no container tech to do a "super chroot" (via pivot-root) into an minimal Ubuntu installation to run the app overlayed on that ...