AppStream Ideas and Thoughts

Jos Poortvliet jos at opensuse.org
Wed Feb 16 03:48:31 PST 2011 

On 2011-02-16 James wrote:
> On Wed, Feb 16, 2011 at 8:11 PM, Enrico Zini <enrico at enricozini.org> wrote:
> > On Wed, Feb 16, 2011 at 10:55:36AM +1100, James Rhodes wrote:
> >> What is the value of distributions?  The maintainers get to pick and
> >> choose how they want the end user's system to run (by default).  I
> >> think that's really the only value in distributions.  Occasionally
> >> distributions also contain custom software (such as YaST).
> > 
> > By all means, if you believe there is a better approach to software
> > distribution, please feel free to work on it.
> > 
> > Allow me to point out, however, that it would be beneficial for you, as
> > well as for the level of the discussion in the list, if you tried to
> > understand, or at least to respect, the vast amount of often thankless
> > work others are doing.
> > 
> > Like mail delivery or gas pipe maintenance, it tends to be the kind of
> > overlooked hard work that nobody ever notices or cares about, until the
> > moment when it stops.
> 
> Not trying to be disrespectful in anyway; that's just honestly what I
> see when I install and use a distribution, compared to say building my
> own using Linux From Scratch (in addition, the latter does not have an
> implicit package management supplied).
> 
> By all means, please enlighten me on the other work that goes into
> distributions.  If anything it'll give me a clearer view of the
> situation.

I don't think it is up to Enrico to prove building a linux distribution is 
hard work. I'm sure you can find that out yourself.

As to your responses to what I wrote. I am not a distro developer, but I have 
compiled the odd piece of software in my time, and heck - the only value of a 
distro is in picking and choosing how they want end user systems to run by 
default (& some custom software)? Yes, that is right. And you seem to 
underestimate that task by a HUGE margin. It's not about choosing default KDE 
settings, you know. It is about fighting incompatibilities between 
combinations of packages and versions of packages (which claim to be 
compattible), testing stuff. I've heard horror stories of circular 
dependencies, incompattible libraries, stuff which can only be fixed by 
someone who controls the whole chain. Add a larger (say +10) number of 
different repositories to ANY distro, be it deb or RPM based and see it become 
more and more unstable over time until it breaks (about a year, usually). 
Multiply by 100 and you get the situation you advocate.

The only reason this model works on other platforms (win/mac) is because 95% 
of that platform is actually pre-defined and set in stone (shipped by the 
vendor). ABI compattible and all, holding back innovation of course... Linux 
is completely fluid. Every part of the system can be replaced. But not without 
looking at the big picture - that is the role a distro has. Forego that - and 
breakage ensues.

Something like Klik can work - it builds upon a known, large (!) base of 
software and on a limited number of platforms. Even then it only works for a 
limited number of applications. A fully de-centralised software management and 
update system is bound to result in instability and issues, I really believe 
that.

And the above is just *stability*. I'm not talking about security and sharing 
libraries. You say we can keep sharing libraries and security is not an issue. 
I beg you pardon? So you claim that if I have 50 apps from 50 different 
vendors and repositories and in 1 library which they all share a security 
problem is found I can upgrade that library right away because you guarantee 
that all those vendors will have re-compiled their package *right away*? What 
world do you live in? What if there are different branches of that library and 
half the vendors pick one, the other half picks another? Or if there are 
different competing libs and I want one but most vendors pick another? What if 
a vendor stops updating an older version but I don't want to upgrade?

Seriously, I'm not a distro developer, I am not a packager, and I can think of 
all these things that make it ridiculously hard if not impossible to have 'one 
universal packaging system where every vendor takes care of their own 
software'.

Most of the people on this list know way more than I do about these issues. 
They probably don't get involved in this discussion because they don't want to 
waste days explaining it all to someone without a clue.

Sorry if I'm harsh. I just have a strong feeling that you know even less than 
I do about the issues distro developers deal with - which means you have a lot 
of figuring-that-out todo before you can solve the problems you are trying to 
solve. I would suggest becoming a Fedora, Arch, Gentoo, openSUSE or Debian 
packager for a few years first.

In case you've been that already, I'm sorry, I must've grossly mis-understood 
your emails. Either way, as I said, I have little to add to this discussion so 
I'm out before it really is nothing more than bikeshedding.

Regards,
Jos

> Regards, James.
> _______________________________________________
> Distributions mailing list
> Distributions at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/distributions


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.freedesktop.org/archives/distributions/attachments/20110216/3a175e24/attachment.pgp>

More information about the Distributions mailing list