AutoPackaging for Linux

Isak Savo writes "The next generation packaging format for Linux has reached 1.0. With Autopackage officially declared stable, there is now an easy way for developers to create up to date, easy installable packages. There are lots of screenshots available including a flash demo of a package installation."

Aren't there enough

[dg41]

Aren't there enough package/software installation formats for Linux that aren't being used enough as it is?

Where does everything get autopackaged to?

[Wavicle]

The biggest problem with Linux distributions is that different distributions have different ideas about where things should go: does this file go in /sbin, /usr/sbin, /usr/bin/, /usr/local/bin, or somewhere else? Where do the configuration settings go? /home/*/.config? /etc/profile?

So, does this address the problem? Most software makers would really like to be able to release ONE package for their software and know that it will end up somewhere sensible.

I know we all love to bash Microsoft, BUT, I have rarely seen an installation problem with software written for Windows.

Mirrordot

[Hachey]

it's about time there was a system to automatically put submitted links thorugh MirrorDot [mirrordot.com]. This is a prime example; /.ed before 10 comments were posted. sheesh.


-----
Check out the Uncyclopedia.org [uncyclopedia.org]:
The only wiki source for politically incorrect non-information about things like Kitten Huffing [uncyclopedia.org] and Pong! the Movie [uncyclopedia.org]!

Yes, we need this!!

[rice_burners_suck]

There aren't many replies to this story yet, but I can already see it: Lots of people are going to complain, "Why the fsck do we need yet another packaging solution?!?! We already have rpm, deb, tgz, blah blah blah..."

The reason is that most of these packaging solutions, while great for developers and those who want detailed knowledge of the inner workings of their systems, simply suck when given to mortal users.

And they don't handle a number of edge cases too well... What if you want different versions of some software to coexist on the same system? What if you want ten different versions of a library? Yes, these can all be handled by current stuff... but not very well. It's bad enough that when we install software here, we actually get the rpms or whatever and then re-package them ourselves to serve our needs.

A packaging solution that actually works is desperately needed.

Re:nextgen already here: emerge

[Abcd1234]

Riiight, Gentoo's package system, which is basically a re-implementation of the BSD ports system, is "nextgen"... oh, you fanboys, you're so cuuute!

Wrong Paradigm

[user9918277462]

I've said it before and I'll say it again: The Windows model of acquiring and running software from a large number of random third parties is broken. It is fundamentally unsafe and, frankly, archaic in 2005. We do not trade 5.25" floppy disks with BASIC games on them, and we certainly shouldn't be downloading self-extracting installers from sketchy websites anymore, regardless of OS.

The current Linux model of distros integrating and authenticating software from upstream authors helps ensure the security of the userbase as well as providing installation ease of use. This is something we should be proud of rather than trying to imitate the technically inferior competition.

Re:nextgen already here: emerge

[ArbitraryConstant]

Developers want to be able to release packages that work on all the Linuxes, not just Gentoo. Not everyone wants to make the fast updates/reliability tradeoff necessary to use Gentoo.

Installation for Windows

[karmaflux]

Right, installing shit is great on Windows. The suicide hotlines start overloading when you try to remove software.

For more information on autopackage...

[mp3phish]

I have been following autopackage for a while now.. It looks promising. This release will be the test to see if anybody will take it seriously (I hope so). Autopackage brings some really cool features to the table:

• Frontends to different windowing and desktop systems.
• Able to resolve dependancies even if you installed other software through the source, or with RPM or DEB
• You will be able to download one package and install it on several different distributions.

Essentially, this will be as flexible as tarballs, only they will install easilly, and have clean upgrade paths and uninstall paths. With clean dependancy resolution. It sounds too good to be true, but you can only know it if you try it.

Here is the sourceforge link [freshmeat.net] with some more info and downloading.

Re:Where does everything get autopackaged to?

[Abcd1234]

Umm, that's what the Linux Standard Base [linuxbase.org] is for. Blame the distro makers and packagers for not following it. After all, the LSB has been out for a *long* time...

This is a great thing for Linux

[TheMadPenguin]

Seriously. I had envisioned something similar [madpenguin.org] last year but this really takes the cake, or so to speak. I have yet to try Autopackage, but after seeing this, I'm sold. Especially if it works as intended. Cross-distro package management is what we need. Sure, DEB, RPM, TGZ, etc etc are all excellent in their own right, but being able to install packages across multiple distros is what we really need. I for one am impressed. Of course there are a few technical details that I need to learn about as far as cross-distro packaging goes, but it's a step in the right direction in any event.

Please let non-root people install

[Anonymous Coward]

The only thing I'd like to see in a package manager is to allow non-root users to install software (perhaps under $HOME ; perhaps under /usr/local if they're members of the group local).

It's absurd that you need to enter a root password to do something as simple as install a user-space program - and it's absurd that package mangers only support dependancy checking for stuff installed in the main system directories.

At work, the main directories (/usr, /bin, etc) can only be accessed by the IT guys; but every department has a directory ("/usr/department/engineering", for example) of that memebers of that group can install software in. We have a newer version of Perl in ours. It really sucks that package managers can't help deal with the dependancies in an environmennt like this.

It does not scale.

[JPriest]

The idea of storing all software on repositories does make dependencies easier to manage but could you imagine doing it that way in Windows? You have all the overhead of having to centrally locate ALL software on a mirror somewhere. Anytime you as a software developer want to release software, you have to try to get it pushed out to all the mirrors (which you have no control over) in order for people to access it. This idea is also not very friendly to closed source projects.

Be like OSX

[Anonymous Coward]

Maybe this packaging system works this way (I can't rtfm so I don't know), but one of the things that is easier in OSX than in Linux (especially for the newbie) is that installing software is usually as simple as dragging the application (which is actually a directory containing all of the application's files) to your "Applications" folder (or where-ever else you want to put it).

I do like apt as well, but I've also had some apt-nightmares trying to sort out messed-up dependancies on my debian box.

I don't know about this

[theantix]

To me it seems like anything that makes it easy for users to install random software off the internet to be a REALLY BAD THING. Using Linux right now is a pleasure because if you're using Gentoo, Ubuntu, Fedora, Mandrake, etc... you get all your software packaged for you by your distribution. No spymare, no viruses, so adware, no shareware. It all generally works, dependancies are sorted out and managed, it's all a really good system.

Encouraging users to install Comet Cursors for Linux seems to me like a huge step backwards for Linux. I sincerely hope that distributions do not support this or any other system like this one to promote good computing practises and avoid the sorts of problems that plague Windows users. Why do we want to emulate what has been proven to be a terrible way of distributing and using software?

Re:Wrong Paradigm

[Steven Edwards]

If the Windows Paradigm was broken people would not use Windows. Yes there are some things about Windows that suck but MSI and InstallShield installers are not a example. Windows security in most regards does suck but packaging is one of the few things Windows does right. You do know you can sign a package in Windows right? Vendor certificates work, just install any packages from Microsoft or from any other major third party vendor.

I guess you would only be happy if we just pulled everything down from SVN/CVS and built from source.

MIRROR IS HERE

[IamTheRealMike]

http://bylands.dur.ac.uk/~mh/autopackage.org/index .html [dur.ac.uk]

Re:Wrong Paradigm

[karmaflux]

Bittorrent calls you a liar, buddy. We trade 5.25" floppies in a metaphorical sense constantly. When I develop a program that takes random input and outputs Frank & Earnest cartoons, I don't want to have to wait for some Board of Linux Usage Oversight to give my 5k perl script the Stamp of Approval.

Nobody's trying to copy the Windows paradigm with autopackage. What they're trying to do is break down that barrier to cross-distribution software releasing. Your average desktop user does not want to compile software. Dropping to a terminal, cd pathtoapp, tar -jxvf whatever.tar.gz, cd newpath, ./configure; make; make install is too much shit for a user -- and then how to uninstall? Keep the source directory there forever?

"If they can't compile they should run Windows" is a stupid, backwards attitude, and autopackage is trying to fix it. Relying on upstream content providers is dangerous -- what happens when you disagree with your upstream provider? You have to switch distributions? Pat recently dropped Gnome support for Slackware -- I still run gnome. I do it with a third-party package from dropline. Is that broken? No.

The way to fix the problems you describe is to educate users, not to remove their usage priveleges. Teach people not to install untrusted software -- and teach them how to tell what software to trust! Don't just slap their hand and yell NO.

Re:nextgen already here: emerge

[bman08]

Portage doesn't work as well on Redhat or Debian systems as it does on Gentoo. The beautiful magic of Autopackage, as I understand it, is that one package works for all distributions. The theory is that devlopers will then only have to release one autopackage instead of making ebuilds, debs, rpms and whatever other packages the seventeen thousand faces of Linux are asking for these days.

Re:Be like OSX

[MsGeek]

Here's how you fix dependencies in Debian:

#apt-get update
#apt-get dist-upgrade

Badabingbadabangbadaboom. It's done. Happy days are here again.

Re:nextgen already here: emerge

[ArbitraryConstant]

Jesus Gentoo fanbois can be annoying. For some reason, unlike the users of every other distro, some Gentoo users think everyone would be happier with the decision they've made for themselves.

Some people like Gentoo, but some people have serious issues with it. emerge is a decent package manager, but it's attached to a distro that conservative users aren't going to touch. The more conservative distros have package managers that their users are already perfectly happy with, so it's unlikely to be used anywhere else.

Re:Wrong Paradigm

[schon]

If the Windows Paradigm was broken people would not use Windows.

Yeah, just like if the ActiveX-plugin paradigm was broken, nobody would use IE, right?

Most users have *no* clue if a piece of software is designed incorrectly or not, it has exactly zero bearing on whether the masses use a particular piece of software or not.

Re:nextgen already here: emerge

[ZephyrXero]

That's fine for advanced users who can handle the command line but what about the remaining 97% of the world?

Re:Yes, we need this!!

[Anonymous Coward]

I hate to say it, but...

It seems to me that {NeXT,Open,GNU}step-style apps are both good for developers, and great for mortal users. Drag an app (it's just a file) to your Applications folder, double-click it to run, drag it to the trash to delete. They also handle your "edge cases" (multiple installed versions) just fine.

They're actually quite a bit simpler for users because an app is just a file -- a first-class object in the system. You don't need a special program just to "install" and "uninstall" programs. You don't need ugly hacks like the "start menu" (Gnome or KDE's reimplementation of it). Users think an app should be a first-class object, and it's perfectly feasible, so as developers we should make that the case.

The autopackage FAQ has "what's wrong with NeXT/MacOSX style appfolders", but it seems to consist mostly of hand-waving and straw men. They don't seem to understand how NeXT/Mac apps work, e.g., w.r.t. linking.

BackPackage

[Doc Ruby]

The package frontends are getting better. But we desperately need better backend apps. The interpackage dependencies are getting more complex, and broken dependency references abound. And we need a structure that represents a further distinction than just source/binary: we need -dev structure, so packages that depend on the headers and config tools of other packages can find them automatically, without having to figure out their (distro-dependent) development package name. For that matter, a single, universal "lib-config" tool that spits back the versions, headers and filesys locations of any library installed by the package client, would really improve productivity and reliability.

The really big leap in backends would be a distributed repository. Instead of just a network of (unsync'ed) mirrors of a single monolithic repository, we need a mirrored or otherwise distributed directory of repositories, each with an overlapping fraction of the current repositories. That will accommodate the bandwidth and storage requirements for installing specific versions of packages, across the exploding Internet userbase, especially as the mirror:client ratio gets worse. Alternate repositories should be the rule, not just the exception [apt-get.org].

Re:nextgen already here: emerge

[ZephyrXero]

I'm pretty sure autoconf and autopackage are completely unrelated, so for you to judge autopackage based on your experience with autoconf is completely off base.

Re:Be like OSX

[GoldDog]

hahahahahaahhahahaha
hahaha
hahahahahahaha *gasp* HAAAAAAAAAHHAHAHa

Now Debian is my favourite distro by far but I'm never gonna pretend that the package system is solid. Having way to many times been in the position where some little thing breaks and dpkg and apt just choke totally (to the point where I can't install something because I some package is broken and I can't uninstall that package because the damned uninstall-script needs something installed first).

The long and short of it is No, that's not how you "fix" dependencies in Debian. A lot of editing obscure files, handrolling temp replacement packages and so much swearing I need to put a parental advisory sticker outside my appartment is.

The idea of packages is bad.

[jxdxbx]

For distributing user applications, at least.

There is no earthly reason why a GUI application should scatter files hither and yon across a hard drive, and why installing a program should require some package or installer or whatever.
I cannot believe the hassle that I have to go through to install software on my Linux box as opposed to my Mac.

An OS X application consists of one file--- really a bundle. It is a directory that acts like a single executable file. Everything it needs to run that is not part of the basic OS X setup is in that file.

You don't even need to install the application. You can just run it from its compressed disk image that is still sitting in your downloads directory, if you like. Or you can copy it to your hard drive wherever you like. When you tire of it, you delete it.

Now, "Linux" is not capable of doing this because no one runs just Linux. But there is no reason why, say, Gnome apps can't be distributed this way. If there are technical issues in the way, they need to be resolved. Because the OS X way is better that the Linux and the Windows methods, and ought to be copied.

(ps: I do know that Unix programs are often installed via packages in OS X, as well as software that for whatever reason needs to modify the OS. But these are very rare and approached warily by seasoned OS X users.)

Re:Wrong Paradigm

[labratuk]

If the Windows Paradigm was broken people would not use Windows.

I'll tell you this now, the packaging system is not the factor that people base their decisions to run windows on.

Yes there are some things about Windows that suck but MSI and InstallShield installers are not a example.

When you are installing from installshield, you're basically saying: 'Hello random executable from the internet (even if you are signed by someone), here, overwrite any of my libraries you'd like, with whatever obscure or customised version you want. Oh, and while you're at it, do whatever you want to my registry...'

I guess you would only be happy if we just pulled everything down from SVN/CVS and built from source.

That's a strawman attack. He didn't say anything like that - in fact it's the complete opposite of what he was arguing.

Re:Some FAQ entries

[jxdxbx]

Hard drive space is cheap. And so is bandwidth. People on 56k connections can install software from CDs. Don't make things broken for everyone to help them.

Do appfolders (bundles), and if you want the functionality of a shared library, include it in the bundle. Unless it's something like 100 megs. Which it won't be.

If dozens of programs each end up including the same shared code in their appfolders, who cares? Again, hard drive space is cheap, and that's the price to pay for easier system management, and knowing that applications won't suddenly stop working when one of their dependencies has been changed.

Bundles are better.

Re:nextgen already here: emerge

[thk]

Seems to me that most users that have actually tried gentoo really like it. I've run small networks of workstations on redhat (2yrs), debian (2yrs), fedora (2yrs), have run a small cluster on the rocks distribution. I made all of these work. They all have their strong points. I've recently switched to gentoo (several months) and find it to be by far the best for experienced admins / technical users. It does seem to attract a lot of kids that want to impress their friends by using an advanced distro. However, the core developers have done thus far a superb job desiging gentoo and it is very stable and capable in the hands of an expert.

BTW, resorting to name calling really only betrays ignorance.

Ciao.

Re:Some FAQ entries

[jxdxbx]

Also, there are no more DMG exploits. There is nothing wrong with having a few XML files around that belong to an application you no longer have, if it it really irks you, or if programs leave behind large caches, there are plenty of pieces of software that will delete preferences and caches that belong to software you no longer have.

Most applications shouldn't need to modify the OS to run, and for that minority that do, OS X still does have packages. This is how haxies and so forth work.

The only valid objection I've seen to bundles is the one about how a user shouldn't be able to install random software from the internet. This is a pretty good point, but I fail to see how that, even in a system that uses an apt repository, you would be able to prevent a user from downloading and installing some random RPM from a website. You would have to have a severely crippled OS.

Re:Some FAQ entries

[Dave2 Wickham]

Bundles are bad. What happens when a major vulnerability is found in a library which is used by a bunch of apps? With shared deps, you just update that and it's fixed. With bundles you have to update every single app.

Re:Wrong Paradigm

[ferratus]

I don't think MSI or InstallShields (or any other Windows installer for that matter) are broken, but I do agree with the parent post in that the way to *get* the software on windows is not all that good.

If there's one thing I love about Linux is the way I can download/install a software using a single command (or a GUI tool) in most distros.

Even Gentoo, not exactly regarded as the most user friendly distro, allows one to download & install a software by doing:

emerge XYZ

That's it. Same goes for Mandrake, Debian, Fedora, etc. End-user distros like Linspire even go further by allowing you to browse through all available software, look up the description and then perform a "one-click" install.

I think that's great, and a whole lot better than the windows (and mac os x) alternative where you have to look for software on the web, try to see if they contain malware, download them, run the installer, etc.

One of the advantage of the system is that the upstream provider (i.e. usually your distro) checks the package for validity. The packages you download won't contain virii or spyware (even if those were to exist on Linux) because the provider would likely not allow them...something MS would certainly do if they controlled the software ppl are downloading.

I know some packages are hard to install (Gnome for example) but for the most part, I feel software installation is a lot easier on Linux than on Windows, unless you go the CVS/SVN route and compile everything yourself.

At least on Mac OS X, you usually simply drag and drop the Application in the Applications folder and that's it. While not perfect, it's a whole lot better than Windows.

It Doesn't make sense ...

[GNUALMAFUERTE]

They present a new piece of Free Software, that is supossed to help the hacker community, and they use proprietary software (Flash) to show the software to the public?. This kind of thing hurts the GNU Project, because it makes people think that using proprietary software is ok.

Re:That's right. apt-get works.

[IamTheRealMike]

Having applications (as opposed to libraries) installed outside of apt doesn't break anything as they aren't dependencies of things.

Re:I don't know about this

[Master of Transhuman]

"To me it seems like anything that makes it easy for users to install random software off the internet to be a REALLY BAD THING."

This is hardly the point of the project.

The point of the project is to eliminate problems for developers in packaging their software to be able to run across distros.

The fact that it makes it easier to relieve dependency hell is a bonus for those users who want packages not included in their distro.

Anybody who says EVERYTHING they'll ever need is included in their distro is just being a troll. Because it simply is not possible that ANY distro is "finished." And a lot of people don't want to wait months until something they want shows up in a repository.

If Windows did that, everybody would still be using DOS.

Finally, the notion that it is somehow "evil" to install software from the Net is just stupid. The Net exists to distribute information - and programs are part of that.

Practically everything I use on the Windows side of my machine was downloaded off some Web site or another - and I have several gigs of stuff on my Linux side to explore yet which also has the same origin.

And I have NEVER had a spyware/virus/trojan problem from such software. (Although I have had software that simply screwed up the machine due to stupid programming.)

Users get spyware and other crap from stupid, pointless little programs offered by commercial entities because the user acts like a kid in a candy store when offered something "free". If the users really knew what freeware was about and where to get anything they need, they would be less likely to do stupid stuff like downloading a calendar program loaded with spyware.

While it is true that CORPORATE users should be restricted from downloading any damn thing they see (unless it has a productivity purpose), home users certainly should not be.

Your solution smacks of the paternalism I hate about Windows. You want your distro to control your machine just as much as Gates wants to control Windows users.

Sorry - not acceptable.

Re:I don't know about this

[imkonen]

" There is no software I need that is not included with my distro"

Sorry if this sounds insulting, but your attitude seems really narrow-minded and short sighted. The whole reason the computer is such an incredibly useful tool is that it is so flexible and extendable. YOU might manage to get everything you need out of the software included in your distro, but do you really expect the big distros to anticipate every single need of every single user? A lot of people who are not computer experts have specific application needs that the vast majority of users don't share. Should a good distro include a version of GAMESS [ameslab.gov] just because I want to do a theoretical chemistry calculation? Or maybe the people who make distros should assume (correctly) that if I am one of the .0001% of computer users who would want to use that program, I should just go download it myself?

"This may sound elitist of me, but if you can't figure out how to do it now, you probably aren't capable of making that sort of decision."

Yes, you sound incredibly elitist, as if it is impossible to be smart and NOT a computer expert. There is a big difference between knowing enough about one's Linux distro to install a program and having enough common sense to find programs on the internet with minimal risk of installing malware. If I google search for software that simulates microwave spectra of asymmetric top molecules (and by the way there are quite a few) what are the odds I'm going to find spyware masking itself as what I'm looking for?

Re:Wrong Paradigm

[Julian352]

That is all nice until you find a package that you need that somehow escaped the repository. At that time comes the painful part of finding all the dependencies, installing them and then manually configuring and installing the package. (And don't even ask me how to uninstall)

For example, I needed a swi-prolog installation for a small class project a couple days back. I needed the GUI library, which means the package available in Gentoo (swi-prolog-lite) would not be sufficient. Thus I had to download the .tar.gz and then go through the install steps.

And now, how do I uninstall it,since the Makefiles don't seem to have make remove/uninstall/etc. that would delete the installed binaries.

Linux needs to improve the installer so that I don't have to wait for someone with repository access to create the package for me.

Missing the point

[theantix]

"To me it seems like anything that makes it easy for users to install random software off the internet to be a REALLY BAD THING."

This is hardly the point of the project.

Sadly, that is the point of the project. It's meant to aid the installation of packaged software from third party sources and manage dependancies in order to accomplish this. That is specifically my problem with it, it is a tool for enabling dangerous behaviour for unexperienced users.

Anybody who says EVERYTHING they'll ever need is included in their distro is just being a troll. Because it simply is not possible that ANY distro is "finished." And a lot of people don't want to wait months until something they want shows up in a repository.

I think you mistake the difference between "need" and "want". They are different, you know. So I will tell you that if you are using Mandrake, Fedora, Ubuntu, Gentoo, or any other popular distribution: there are no programs that an inexperienced user *needs* that do not come in their software repositories. Just because you are impatient and cannot wait a few months doesn't make your desire a neccessity, eh?

And I have NEVER had a spyware/virus/trojan problem from such software. (Although I have had software that simply screwed up the machine due to stupid programming.)

Shit, I didn't read that until now. I actually did think you were serious at first. Ah well, you got me.

Re:Some FAQ entries

[IamTheRealMike]

Are you sure about that? How do you know there are no more exploits? Do you have some power of clairvoyence nobody else does?

The thing that concerns me about the DMG exploits, is that they were caused by the fundamental design of the system not simple typos/poor coding practice. Having appfolders integrate with the system by registering file associations/URL handlers silently through the shell seems like the obvious way to handle this stuff in an "install free" environment, though really it's just doing the install at a later time. But it had unintended side effects which were devastating for security.

The problem is, to solve this you either have to go back to some explicit action integrating software with the system, or pile on more hacks to try and solve the security exploits. Apple chose both - Tiger boasts an improved installer, iTunes comes inside a package etc. But the approach they took with Safari reminds me of Internet Explorer: cover up a flawed technology like ActiveX with more and more hacks and security restrictions that somehow always managed to leak.

You are right that most applications should not need to modify the "system" to run. This is the principle behind authentication-less installation, which we only approximate on Linux with the install to $HOME feature in autopackage. Figuring out the exact set of permissions that are safe for installers to have and then enforcing them is somewhat tricky: both Windows and MacOS X are riddled with programs that demand the administrator password which implies that so far, nobody quite identified the sweet spot.

Re:nextgen already here: emerge

[theLOUDroom]

That's fine for advanced users who can handle the command line but what about the remaining 97% of the world?

If you can't handle a command line you probably don't want to be running unverified, alpha software.

Pretty much anything your average joe is going to want IS in portage. The stuff that isn't is generally really specialized, or not quite there yet in terms of features and stability.

....of course one might wonder how you got Gentoo up and running in the first place since use must you the command line to even install it.

Re:Aren't there enough

[Abcd1234]

If all those things would be done at developer level, they'd be more coherent, and inter-distro compatibility would be greater

Woah woah. Let me just stop and laugh for a moment. You're telling me that random developer X can do a better job of making a package than the people who develop the friggin' distro? Are you kidding?? Seriously, the idea that *more* cooks in the kitchen will somehow result in a "more coherent" set of packages is incredibly laughable...

Re:A Flash demo?

[Anonymous Coward]

Actually, swf is an open format and the demo was made with vcn2swf, an open-source program.

Re:Missing the point

[Mr. Slippery]

there are no programs that an inexperienced user *needs* that do not come in their software repositories.

Wow, you know the software needs of all users? How's the omniscience working out for you?

Yes, peole need to think before installing software. That doesn't mean thr process should be hard - in fact, making it artifically difficult encourages people to find unsafe and stupid ways to do things that get around the restrictions.

Not as simple as that

[Orion Blastar]

get a few corrupted libraries and apt-get is useless. You then have to use the deb tool to remove the corrupt libraries and run apt-get again and hope it works. If not, you may have to reformat and try again.

I've had Debian distros do a meltdown on me doing that, and I followed every helpful guide on the Internet trying to fix it. The Autopackage technology seems like it has a fix for these dependancy problems and corrupt libraries.

Much as I hate to say it, Autopackage seems to add in Microsoft Windows like install and removal abilities to Linux. This is a good thing, because it makes Linux more of a desktop OS that the average person can use without learning how to be a Linux Admin. That makes Linux more popular and maybe more people will switch to it.

Re:Aren't there enough

[diegocgteleline.es]

Woah woah. Let me just stop and laugh for a moment. You're telling me that random developer X can do a better job of making a package than the people who develop the friggin' distro? Are you kidding??

They won't do "packaging" better, simply it will be better. The developer of project foo may say: "foo version 2.15-b depends on project bar version 1.1 to run properly", and everyone would follow it. Distros still could package themselves in a different way but that won't bee too common, and at that point people may tell "hey, your fedora package don't works properly in debian". My point is that a common package format

WONT SOLVE ANYTHING. Autopackage doesn't solve anything because it's a better format, but because it has a different philosophy. It doesn't matter how good are deb or rpm - they will NEVER work in another distro just because of their philoshopie

Who will this benefit the most?

[Lb73uaZj]

Autopackage may be useful in providing a relatively hassle free method of installing applications.
I've been using Linux for quite a while (since 1997) and I think there is room for improvement, I like what I have going and don't need to change.

In addition to my current debian based systems, I've used RPM based distros (come to think of it my file server is limping around on a busted Fedora Core 2 install -- and it still does everything I need it too). One day I'll play around with Gentoo, just to see what all the fuss is about.

In other words I don't think this system will be a great benefit to an experienced Linux user.

Linux noobs would benefit more from finding a distro, learn it break it fix it. Than some newfangled universal wonder, that could cause confusion as to where the problem may be. (is it the distro? is it the package? is it me, or something I've done... fear panic... Oh well, I'll just go back to windows.

Some developers will benefit. But I'd guess that most GPL'd and open source devlopers have already got their groove on.

HMM... PROPRIETARY... maybe. I'm sure all of hardware manufactures with their trade secrets would love to have a package system that keeps their stuff locked up in a tidy cell.

This could be good: the more stuff that comes to Linux, the more stuff we can play with.

This could be bad: this free software stuff came into existance because Richard Stallman (as the story goes) wanted to make a simple tweek to a printer; this could help to bring that wonderful creation back to where it all started.

I'm not into Linux for the free stuff I'm into it because I love feedom.

Re:Some FAQ entries

[N3wsByt3]

"What RPM is not good at is non-core packages, ie programs available from the net, from commercial vendors, magazine coverdisks and so on. "

You can say that again. In fact, this has exactly been my gripe with linux, including the so-called user-freindly distro's.

Apt-get, rpm, whatever - but if you are just browsing the Net and want to install something it's a real PITA, with Linux. There is no equivalent of an .exe, so you either have to be lucky that they not only have a linux version, but the right rpm for your specific distro, or you can get messy with hopefully clearly mentionned commands on the commandline - which defeats the purpose of having a GUI somewhat.

I have recently have another try at linux, but I just had to give up: while the installation of the OS itself went very well (impressive, even), the real problem was getting applications installed and working. when apt-get or urpmi or whatever doesn't have what you want, or fail for some reason, you just can't do shit, as a joe doe newbie.

Linuw really isn't ready for prime-time on the desktop, that's my honest opinion. But, maybe through projects like these, which *really* try to give the same klick-and-install ease of use, it might finally get there.

Re:Some FAQ entries

[Nailer]

"I fail to see how that, even in a system that uses an apt repository, you would be able to prevent a user from downloading and installing some random RPM from a website. You would have to have a severely crippled OS."

It's pretty simple: if the package isn't signed by someone you trust, refuse to install it. This has the been the behaviour in up2date since it was created, and yum does the same thing. I'd be very surprised if apt/get (at least on systems where package signing is expected) didn't do the same.

RPM itself, when used directly, currently throws up a warning if a package isn't signed by someone trusted, but (uunlike up2date / yum / etc) still installs it. This behavior may change in future tho.

Autopackage is the wrong solution

[Nailer]

"Dropping to a terminal, cd pathtoapp, tar -jxvf whatever.tar.gz, cd newpath, ./configure; make; make install is too much shit for a user -- and then how to uninstall? Keep the source directory there forever? "

Agreed. But how is using 2 package sytems (as the autopackge author recommends) with a weird distinction between what's installed in your current distro and 'third paty' apps easier than:

1). Putting a link to 'Synaptic software installer'
2). Having them browse for their app or simply type its name.
3). Letting them click OK as the app and its dependencies are downloaded and installed for them

?

Re:The purpose of autopackage

[Theatetus]

You'll note that bundled APIs on OS X and Windows tend not to duplicate each other across a given set of installed programs.

OK, I don't know much about Mac but I have to call bullshit on Windows there. Windows packages are constantly rolling their own "common" DLLs, with slight differences, overwriting identically-named DLLs from other packages and clobbering that package's symbols. "DLL hell" wasn't just a clever assonance someone came up with.

Re:Aren't there enough

[Shambhu]

It sounds like you misunderstood. The suggestion is that developers would package their _own_ sofware. The distros wouldn't repackage everybody's software in a way that was unique to that distro, which is what happens now.

Whether or not this would be succesful or not is another question.

Re:This is one that Linux really badly needs

[pAnkRat]

For your second problem:

try debian or derivats (ubuntu, ..)
Software installation is easy with apt-get because it installs all dependencies automagicly.
If you dont want to use the commandline, use a graphical frontend.

Nuff' said.

Re:Aren't there enough

[Anonymous Coward]

Package management at the distro-level works far better as long as you don't need any packages that aren't part of the distribution maintained set, and the distro package management system handles dependencies and versions well.

Re:The purpose of autopackage

[Anonymous Coward]

OS X handles this at runtime. i.e. You can install the software, but the folder contents contain enough information for the OS to give you an error message when you run it.

Linux does that too, obviously (as in 'library xyz not found'), but that is considered unacceptably bad. The whole idea with dependencies is that they can be resolved by the installation program.

Under OS X (and to a certain degree Windows), developers always know which libraries they can always depend on, and which ones they should bundle.

So if a third-party app uses libpng (something not bundled with the system, I'm just making it up here), and two other third-party apps does too you will have THREE installed libpng on your system? And three programs you need to update?

And to top it off, no program for you to keep track of when libpng needs updating. Ouch...