|
There should be OS vendors and ISVs. OS vendors produce a stable core for applications to operate on. This is 2017, we have a pretty good idea of what this should look like and what services it should and should not provide by now. OS vendors should not gratuitously break their poo poo and they should be responsible for fixing security vulnerabilities without dragging in other unwanted changes in this core for several years. ISVs produce products that end users actually give a poo poo about to accomplish tasks they actually give a poo poo about. In exchange for a well-defined platform that ISVs can reasonably target, those ISVs should be the sole responsible party for making that software work. What we should not have is organizations like Debian, which are OS vendors that act as pointless ISV middlemen that gratuitously gently caress with ISV software purely for the entertainment value of the activity. Which means users get horribly outdated software, and the responsibility for making that software work rests with no particular person so of course it works like total poo poo. Note however that the following article makes a compelling case to counter mine: http://kmkeen.com/maintainers-matter/2016-06-15-11-51-16-472.html
|
# ? Apr 12, 2017 17:29 |
|
|
# ? Mar 29, 2024 08:06 |
this all is well but someone should post that xkcd about competing standards
|
|
# ? Apr 12, 2017 17:38 |
|
cinci zoo sniper posted:this all is well but someone should post that goatkcd about competing standards
|
# ? Apr 12, 2017 17:38 |
|
Suspicious Dish posted:A lot of them want to ship products though. That's why every Linux app under the sun has a PPA and the developers always ask you to use that instead of the official packages, because the official packages are unreliable and they have no clue what's in them. ppas in particular, and launchpad in general, are the worst thing ever to happen to the linux desktop
|
# ? Apr 12, 2017 17:57 |
|
Sapozhnik posted:There should be OS vendors and ISVs. OS vendors and ISVs already exist:
this already works fine. it has worked fine for decades. nothing is broken in this model. if you are targeting a bullshit distribution, you will experience pain and suffering. adding new middlemen with their own bullshit is only going to make things worse. technological solutions to social problems are never as simple as a new package format. ever.
|
# ? Apr 12, 2017 17:59 |
|
you live in a world of enterprise server software though. flatpak does not and will not target that world.
|
# ? Apr 12, 2017 18:07 |
|
Sapozhnik posted:you live in a world of enterprise server software though. flatpak does not and will not target that world. enterprise yes, server no. tons of software on my desktop comes from ISVs who apply the same model.
|
# ? Apr 12, 2017 18:12 |
|
Notorious b.s.d. posted:ppas in particular, and launchpad in general, are the worst thing ever to happen to the linux desktop There are a lot of technological downsides to PPAs -- Launchpad is a buggy, broken unmaintained piece of poo poo that doesn't do what it says on the tin. The build system is an undocumented piece of poo poo that blows up when you sneeze on it. The APT package manager clearly isn't designed for the "throw many repositories at it" model with insane amounts of conflicts (surprise, surprise, Debian tooling isn't built for composing from multiple vendors). But the end user experience when it works as designed -- ISVs get to ship their software directly to users without Debian middlemen, and users know they are getting the latest application -- is surprisingly effective, and I don't know why you don't want a more solidified, codified, cross-distribution form of that.
|
# ? Apr 12, 2017 18:31 |
|
Suspicious Dish posted:But the end user experience when it works as designed -- ISVs get to ship their software directly to users without Debian middlemen, and users know they are getting the latest application -- is surprisingly effective, and I don't know why you don't want a more solidified, codified, cross-distribution form of that. because "when it works as designed" is "never" why on earth would i want a solidified, codified, cross-distribution form of something that is already totally broken as it stands? oh boy now instead of a bunch of random un-trusted packages from strangers who patch poo poo at random, i can have entire trees of vendored libraries from strangers who patch poo poo at random, and they can depend on each other. no thanks
|
# ? Apr 12, 2017 18:38 |
|
Truga posted:so package your rpms+debs for all the distros, it's super simple in 2017 and repackaging on any changes automatic, and you don't even need your own build servers: https://build.opensuse.org/ OBS doesn't really work for anything but RPM. At Endless we used a version of OBS hacked up to support Debian better and it was a goddamned pain. Really, these systems are the worst of both worlds: developers have to go through the bureaucracy of managing .spec files and Debian changelogs, but then N times for every system, and then deploy them to OBS and track down bizarre errors that spawn because of the minute differences between the hacked up OBS environment and the "official" dev tooling, with no way to reproduce any of it locally since OBS combines the build server and the build system in one giant heap of confusing Perl. If you want the end-to-all of Linux wankery, try maintaining a .spec file or Debian package. These formats date from an era of tarball releases before git or even autotools became relatively standard, asking people to maintain separate changelogs. Just as an example of how annoying they are, they even have the bizarre property of having special code to make sure that the day of the week is correct when you type in "Wed March 15" instead of, you know, fixing it automatically for the user. (One of my hacks I had in my local rpm fork at Red Hat was a patch to rpmbuild to tell you what the day of the week should be in the error message rather than just "it's wrong" and making the user go to a calendar to find what it should be) The only explanation I can think of for this is that it's a way to keep a mass set of volunteers occupied making countless busywork changes in the goal of feeling like they are helping Linux take over the world. It's a goddamned cult.
|
# ? Apr 12, 2017 18:40 |
|
what are your thoughts on fpm to me it seems like kind of a shotgun packaging method
|
# ? Apr 12, 2017 18:44 |
|
yeah i've been looking at rpm tooling and it's complete poo poo. the tools for generating .rpm files are inextricably linked to red hat's internal processes and the existence of a fire wall between the software developer and the maintaner "packaging development snapshots from git into rpms is easy! simply make a manual checkout by hand and upload it at a canonical url somewhere, then put that url in your spec file alongside a non-machine-readable comment saying what revision this was checked out from!" did you just tell me to go gently caress myself?
|
# ? Apr 12, 2017 18:45 |
|
I love the idea because it makes Linux weenies extremely mad. Unfortunately, it really only works for interpreted poo poo like Ruby or Python or JavaScript -- a place where distribution package managers really don't make much sense as a software delivery mechanism at all.
|
# ? Apr 12, 2017 18:50 |
|
like red hat is deeply disturbed by the very concept of an in-tree rpm spec file and they do not under any circumstances want you to be able to do this and it's not even anything simple like Debian, where you have an AR containing a control archive and a data archive, or like an Arch package which is literally just a tarball with a few dotfiles in it, it's a CPIO with some sort of lovely proprietary header so you can't easily go and build them from scratch using a shell script or whatever.
|
# ? Apr 12, 2017 18:55 |
|
spankmeister posted:what are your thoughts on fpm fpm only works well in the most trivial cases, where it only would have taken five minutes to poo poo out an rpm spec in the first place. for specifically things that use `make install`, I find checkinstall to be a lot like fpm but not as broken
|
# ? Apr 12, 2017 18:59 |
|
Suspicious Dish posted:I love the idea because it makes Linux weenies extremely mad. Unfortunately, it really only works for interpreted poo poo like Ruby or Python or JavaScript -- a place where distribution package managers really don't make much sense as a software delivery mechanism at all. yeah this is the only time fpm actually works. and you don't really need fpm for this, because it takes approximately no time to just ... write the spec worse, sometimes ruby gems and python libs have badly-behaved install scripts that gently caress up fpm, and you end up writing the specfile anyway
|
# ? Apr 12, 2017 18:59 |
|
Debian is amazingly useful for determining competence. Anyone still using it after the openssl debacle can safely be ignored
|
# ? Apr 12, 2017 23:22 |
|
Also gently caress rpmbuild and spec files with a rusty pineapple
|
# ? Apr 12, 2017 23:23 |
|
jre posted:Also gently caress rpmbuild and spec files with a rusty pineapple
|
# ? Apr 13, 2017 00:07 |
|
jre posted:Debian is amazingly useful for determining competence. Anyone still using it after the openssl debacle can safely be ignored rip my rpi what should i replace raspbian with
|
# ? Apr 13, 2017 01:14 |
|
carry on then posted:rip my rpi pidora?
|
# ? Apr 13, 2017 01:28 |
|
carry on then posted:rip my rpi netbsd
|
# ? Apr 13, 2017 01:31 |
|
carry on then posted:what should i replace raspbian with RISCOS of course alternately Haiku, if it boots yet but you should only run one of those until Mezzano is booting natively on RPi3, then you should switch to it and enjoy the pure Lisp experience
|
# ? Apr 13, 2017 01:37 |
|
lmao im running znc, nginx, and websphere on it, pidora it is
|
# ? Apr 13, 2017 02:40 |
pidora is a really bad to tell your russian friends about though
|
|
# ? Apr 13, 2017 07:30 |
|
pizdora
|
# ? Apr 13, 2017 23:36 |
|
still not as good as the critical update notification tool
|
# ? Apr 14, 2017 00:50 |
spankmeister posted:pizdora well... pidar is f****t in english, and a/o in similar contexts pronounce the same
|
|
# ? Apr 14, 2017 05:57 |
|
cinci zoo sniper posted:well... pidar is f****t in english, and a/o in similar contexts pronounce the same faucet? ferret? format?
|
# ? Apr 14, 2017 09:38 |
|
Soricidus posted:faucet? ferret? format? pidar de fermat
|
# ? Apr 14, 2017 09:55 |
|
spankmeister posted:pidar de fermat f****t's last theorem
|
# ? Apr 14, 2017 14:36 |
|
spankmeister posted:pizdora piazadorra
|
# ? Apr 14, 2017 17:31 |
|
carry on then posted:rip my rpi it's an embedded system. you should fork an old version of yocto, add a mess of bitbake config files and never update it
|
# ? Apr 19, 2017 18:35 |
|
also be sure to run whatever interfaces with GPIO as root so you can have the joy of risking a physical root exploit
|
# ? Apr 20, 2017 00:51 |
|
with how sophisticated the tools for glitch attacks are now if someone has physical access to your embedded thing they can get root
|
# ? Apr 20, 2017 01:23 |
|
Isn't the rpi 2 susceptible to xenon flashes? No need to access the pins to crash it. Also, if you put selinux on your pi (and put in the right types and attributes and yada yada) you can run the pin reading code as root and it'll be just as secure as running it as a normal user! once you write all that up, please do the needful and open source it on github so that it'll be useful to precisely the 2 or 3 geeks that find it, up until the point they have to redo the whole thing because it doesn't fit into how their application components interact and they're tired of all the permission denied errors
|
# ? Apr 20, 2017 01:38 |
|
nothing beats just taking the sdcard from the rpi and pulling out all of the secrets stored in cleartext
|
# ? Apr 20, 2017 01:43 |
|
el dorito posted:nothing beats just taking the sdcard from the rpi and pulling out all of the secrets stored in cleartext oh no, not my posts
|
# ? Apr 20, 2017 02:49 |
|
i had to laugh at this https://soylentnews.org/meta/article.pl?sid=17/04/20/1055218 Two months ago, I polled the community for advice on the underlying operating system that should power SoylentNews (SN). After reading comments, and some recent experiences in my personal and professional life, we are migrating to Gentoo as the operating system of choice. second place was freebsd
|
# ? Apr 22, 2017 01:58 |
|
|
# ? Mar 29, 2024 08:06 |
|
hifi posted:i had to laugh at this https://soylentnews.org/meta/article.pl?sid=17/04/20/1055218 holy poo poo I was gonna say ofc some manbaby formula chugging tech bros would run their own os when they should just run their bullshit on blogger or tumblr but then I clicked the link that went to a full 1997 style slashdot powered site lmao
|
# ? Apr 22, 2017 11:57 |