On 01/08/07, Roger Marquis <[EMAIL PROTECTED]> wrote:
> On Wed, 1 Aug 2007, Shawn Walker wrote:
> > The point is that binary configurations are the only ones that
> > are truly supportable from a vendor perspective, since they have
> > a known, dependable, signable, verifiable configuration.
>
> How do you figure? Plenty of software vendors, mysql for one,
> support both models. Both have known, signed, and verifiable
> configurations. This is a red herring.
Most vendors do not. Most vendors distribute binaries, not source,
especially commercial software vendors.
Both do not have known, signed, and verifiable configurations.
When I say signed, I mean digitally signed (such as md5, etc.) by the
vendor so that they can verify that binaries are configured and built
in a very specific way.
With source builds, the best you can do is trust the customer to *say*
that it was built a certain way.
> > While I agree that having an easy way to customise and rebuild
> > binaries for a given distribution would be nice, I do not
> > believe that it should be the primary method of package
> > distribution.
>
> When I run Synaptic, and select an application to install, it is
> not "nice" that the list of dependencies is not optional. It is
> not nice when I cannot de-install a package because of unneeded
> dependencies. It is not nice when I have to write a specfile and
> run rpmbuild for any difference from the binary package. And it is
> really not nice to have dozens of unnecessary packages installed
> on a server simply because the developer compiled-in what
> dependencies he thought most end-users would want.
Disk space is cheap. Most sysadmins are going to care more about
whether a particular piece of functionality works than some arbitrary
piece existing and not being removable.
As I said, unless you *need* custom-built software, source-based
systems are not useful.
> > Again, I support the idea of making what you want to do easy, I
> > just don't support that as being a replacement for a
> > binary-based system, because it is not.
>
> How so? Given the Synaptic example. Both offer the exact same
> front-end. The only difference is that dependencies would also
> have check-boxes. If you left alone it could install the binary
> version like you advocate. If, OTOH, you selected or deselected
> additional features it would install the source version. The same
> database of checksums, inter-dependencies, and other information
> is kept nuder /var/{db/pkg,sadm,lib/apt,/var/lib/rpm,...} either
> way. This is a wholly viable, proven, and superior model to
> binary-based systems. But I am interested in specific examples of
> where and why it might not be. The vendor perspective you describe
> above is not a correct example though, if only because vendors
> could easily decide to support only binary versions.
>
> Any BSD-admins care to weigh in on this? So far the only
> detractors appear to be sysadmins or users with no experience
> managing ports-based systems.
I used a ports-based system (a gentoo one) for a while. I also used
FreeBSD, DragonFly BSD, and other systems.
I do not like them, and I rarely if ever used the customisation
features that they provided.
The default configuration usually worked for me.
In fact, I usually installed the binaries offered on gentoo whenever
possible, because I saw little to no point in recompiling software
that had already been compiled with the options I wanted.
--
Shawn Walker, Software and Systems Analyst
[EMAIL PROTECTED] - http://binarycrusader.blogspot.com/
"Beware of bugs in the above code; I have only proved it correct, not
tried it. " --Donald Knuth
_______________________________________________
indiana-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/indiana-discuss
