-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Andreas Girardet wrote: >> ?????BEGIN PGP SIGNED MESSAGE????? >> Hash: SHA1 >> I maintain a few hundreds of SUSE RPMs on my site, so I think I'm > quite qualified to comment on this ;) > Howdy Pascal > You are very well know indeed. As someone who has had exposure in > creating an rpm based distro from scratch I can possibly also comment
Apart from that, anyone is welcome to give some feedback (as long as it isn't about discussing top or bottom posting in e-mails) ;) >> Zlatko Michailov wrote: ... >> While we definately need to improve the 3rd party packaging community >> for SUSE Linux, care has to be taken on a few important things: >> 1) the quality of the packages: building good RPMs (i.e. writing good >> spec files) for a distribution means having much experience with it >> (both building RPMs _and_ knowing the distribution well), so >> I'm not sure it should be "open to everyone". Having lots and lots of >> packages that don't install properly, don't have proper integration >> (init scripts, desktop files, dependencies) and break users' >> systems is certainly not an improvement > > this requires a semi automated install test at least if not more than > that. Packages could also be "signed" off by others similar to how > kernel changes are done. That way quality is guaranteed and we can > mentor less experienced packagers to create more and better product. Maybe. I don't believe a "semi automated install test" would be feasible. It's far too complex and you can't catch all of the potential issues. Adding signatures after peer reviews could be an option. But YaST would have to support that in some way and show that information to the end user, making it some "level of trust" for each package. Not an easy thing to implement. >> 2) you need a lot of space to host those packages: for my repository >> alone, I have 2.2GB of files (and that doesn't include x86_64 builds) > > I have a Dual Opteron server with at least 100 GB available (it has > more, but that is what we could use) on a US 100 Mbit collocation. The > question really is who is going to maintain the repository? You could start by making a mirror of packman and my site ;)) >> 3) you need services around it, not just offering http and ftp >> download of RPMs: managing dependencies is quite a tedious task when >> you can't use YaST2, apt, yum or red?carpet. Maintaining >> that repository metadata isn't such an easy task (ask Eberhard >> Moenkeberg from gwdg.de, who's kindly hosting RPMs from several >> 3rd party packagers) > > yep .. you sure know what you are talking about. > Currently the apt repository Eberhard is doing is only well known to > "insiders" that is at least my impression from NZ. Granted .... I am not > talking about the world here ;) It's also advertised on SUSE forums and mailing-lists (like http://linux-club.de (in german) or Keith Kastorff's http://suseforums.net). ... > ....I wish we would have something like a webbased/yast integrated > software warehouse that allows easy menu driven access to thousands of > packages in a way your normal non technical computer user would expect. > A build system at the back with signoff's and maintainer web site to > know when a new source tar ball has been released and can be integrated > into the rpm. I am dreaming here. I know! Maybe not though ...... > right? That's partly what SUSE has internally. They will give access to build hosts and their build system. About that website, that's at least what packman and I are doing: http://packman.links2linux.org/ http://linux01.gwdg.de/~pbleser/ My site probably is the easiest to follow regarding to that, as I offer a web interface and an RSS feed about new packages and updates. And packman will be improved in that direction very soon ;) >>> I have used both Red Hat 8 and SuSE 9. SuSE is way more user?friendly than >>> Red Hat. However, when it comes to installing products that are not included >>> in the original distribution, or even updating an existing product, >>> Red Hat becomes the king of the hill. My observation is that if a project >> I'd say Debian becomes the king of the hill, and by a large amount. > I think we will be there, but we should make sure things are not broken > or unmaintained as quite a few debian packages, even in stable. At least > that is what I have been told. That's rather the exception that the rule, and Debian has a lot more packages than other distributions, which explains why they can potentially have more issues regarding to that. Debian has a lot of interesting strategies and policies for their package maintainance, although it's not a model that can be applied to SUSE (certainly not the "official maintainer" part). Nevertheless, it's worth a read. Fedora also has some policies and some of them are rather good ideas ;) >>> distributes any binaries, RPMS for Red Hat/Fedora are always >>> included, while RPMs for SuSE are not very popular. >> Indeed. There are mostly packman, my site, the suse-people repository, >> James Ogley's usr-local-bin.org and a few packages from various packagers >> (see >> ftp.gwdg.de, the suser-* stuff). >>> What I'm suggesting is that the opensuse.org web site becomes the >>> ultimate location for third-party product RPMs for SuSE. It only takes some >>> disk space and a couple of wiki pages. >> See my comments above. It requires a much broader infrastructure. >> Nevertheless, the initiative is important, we really have to get many, >> many more packagers to build good RPMs on SUSE. > > So guys like us need to "mentor" others to become packagers and help > them along their way by QA'ing their output and signing off on it. > What do you think? That way the huge wishlist that is starting to grow > on opensuse.org will be worked on. I don't know, really. It must be part of a bigger infrastructure, also in terms of defining policies and guidelines. SUSE already has some, but they're not going far enough: http://ftp.novell.com/pub/forge/library/SUSE%20Package%20Conventions/spc.html > And once we have build servers we should already have some sort of > maintainer system associated with it ...... > What does packman use in the backend for maintainers? Is there any > webbased collaboration maintenance system/ package DB? Is there a > signoff hierarchy? How are tests done? > Pascal could you enlighten me ... would be interesting to know. We're all experienced packagers in packman, so there isn't any signoff hierarchy nor peer reviews. Nevertheless, there's a backend for uploading and maintaining packages in the site's database. But there isn't much more than that. It's not suited for a model where there would be mentoring, peer reviews or similar. cheers - -- -o) Pascal Bleser http://linux01.gwdg.de/~pbleser/ /\\ <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> _\_v The more things change, the more they stay insane. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) iD8DBQFDGALrr3NMWliFcXcRArm9AJoCZ6DWOfperCvl0622ASDhKgNsywCgke7h AVe/tG+N8yUVdq1WbBzw+kU= =8B22 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
