[packagekit] 1-click; Third party vendors; etc.
Jan Niklas Hasse
jhasse at gmail.com
Tue Jun 3 07:43:42 PDT 2008
On Tue, Jun 3, 2008 at 3:58 PM, Benji Weber <benji at opensuse.org> wrote:
> Yes. The user must choose to trust the key before anything can be
> installed or executed though.
For an installer, the user must allow execution to let the installer
> Also, if the package management system
> is aware of the files that are installed then it can also avoid
> overwriting them
Not if I write "rm -rf /usr/share" or something like this inside some
of one shell scripts.
> or otherwise breaking the software,
If a newer package breaks your system, you need to get back to the old
one from your distro's repro. I don't think most users know how to do
> and it can also
> prevent installation of software that conflicts with installed system
> software. None of this protection is available from custom installers.
Custom installers prevent this by installing to ~.
Autopackage, Klik and Zeroinstall also have all of these 3 protections:
1 = aware of the files that are installed then it can also avoid
2 = breaking the software
3 = prevent installation of software that conflicts with installed
1: replaces backups of files that need to be overwritten
2: checks if there's a rpm already installed with the same binary
3: could break the system, but after removing the software, everything
should be working again
Klik & Zeroinstall & Autopackage/Custom installer without root access:
All of the 3 protection are available as both don't touch /usr at all.
More information about the PackageKit