Re: Announcement: One Click Installer - What I need as a third party APT repository maintainer
Scott Ritchie napisał(a): > Right now, approximately 70 thousand people use the Winehq APT > repository to keep an updated Wine package. Every one of them had to > follow the instructions here: http://www.winehq.org/site/download-deb > > Simply put, these instructions suck. Google has GUI instructions for > their repository, and those also suck: > http://www.google.com/linuxrepositories/apt.html > > Both are as simple as we can make them, and they are inordinately > frightening to new users. Pasting arcane shell commands as root into a > terminal is not easy to use; neither is the 7 step graphical process > Google gives. Exactly, that's the reason behind creating One Click Installer :) > I, as an upstream ISV with my own third party repository, need it to be > easy for the user to use my software. It should be so easy that I don't > even need to give instructions - just a link to a single file that they > can double click on. > > A user should be able to download a standard repository file, double > click it, be informed about what packages and repository it's going to > install, enter their password, and then be done. That's exactly what One Click Installer does. Thanks for explaining things from developer's point of view. Some people just don't get it. And without third party applications Linux is not going to be viable alternative for Windows as multipurpose desktop operating system. >>From what I can tell, this is going to be handled exactly by Third Party > Apt, and I hope it can be finished in time for Gutsy. > > Will One Click Installer also do this, perhaps embedding the internals > of Third Party Apt on Ubuntu systems? Yes, One Click Installer can do this and even more: it can embed installation information for other systems than Apt, and can provide user with nice "which parts to install" dialog, so that he can choose if he wants, for example, to install docs or plugins. More features for ease of use are planned, like possibility to add icon to the desktop (hard to do by beginners). Krzysztof Lichota signature.asc Description: OpenPGP digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer - What I need as a third party APT repository maintainer
On Mon, 2007-08-06 at 19:01 +0200, Krzysztof Lichota wrote: > So, here is my shot at solving this problem - One Click Installer > (http://code.google.com/p/one-click-installer/). > > The idea is similar to this implemented in > https://wiki.ubuntu.com/ThirdPartyApt, but with broader scope > (supporting all distributions, not only Debian-based) and more features. > On Wed, 2007-08-08 at 14:07 -0500, Jerome Haltom wrote: > I agree with all of this. Except that I think what MS does is "just > fine.", and I've love to provide that ability for Ubuntu, and Ubuntu > alone. And so I will. Hence why I wrote wiki.ubuntu.com/ThirdPartyApt, > and am just now getting motivated to finish it (after this > conversation.) Right now, approximately 70 thousand people use the Winehq APT repository to keep an updated Wine package. Every one of them had to follow the instructions here: http://www.winehq.org/site/download-deb Simply put, these instructions suck. Google has GUI instructions for their repository, and those also suck: http://www.google.com/linuxrepositories/apt.html Both are as simple as we can make them, and they are inordinately frightening to new users. Pasting arcane shell commands as root into a terminal is not easy to use; neither is the 7 step graphical process Google gives. This is not fixable by the apt:// protocol, as that is (properly) not designed to encompass adding a new repository but instead install software from existing repositories. I, as an upstream ISV with my own third party repository, need it to be easy for the user to use my software. It should be so easy that I don't even need to give instructions - just a link to a single file that they can double click on. A user should be able to download a standard repository file, double click it, be informed about what packages and repository it's going to install, enter their password, and then be done. >From what I can tell, this is going to be handled exactly by Third Party Apt, and I hope it can be finished in time for Gutsy. Will One Click Installer also do this, perhaps embedding the internals of Third Party Apt on Ubuntu systems? Thanks, Scott Ritchie -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
This is 90% a political problem. In the case of Firefox, you need to to have Firefox upstream "support" Ubuntu in the same way they "support" Windows: Create a proper Ubuntu compliant installer (.deb) file, provide proper documentation on how to run it (double click). To do this, upstream has to care enough. The task is then to make them care enough. When I wrote ThirdPartyApt, I was thinking more about companies like VMware, who would not likely desire to be beholden to Ubuntu's release schedule, but would still like to support VMware on Ubuntu as a first-class citizen. That is, putting VMware in Canonical's repositories is a non-starter. They won't play by our 6 month rules. But having a button on their web site "Install VMware Workstation 6 for Ubuntu!" might be attractive. Again, political. On Wed, 2007-08-08 at 21:12 +0200, Krzysztof Lichota wrote: > Kevin Fries napisał(a): > > As for the OPs problem with Synaptic... That is 500% off base. I know > > this because I have sat down with end users and showed them synaptic, > > and the gnome installer. If more geeks like us did this with their > > favorite Windows user, I believe there would be more people asking why > > Windows does not install as nicely as Linux. Want proof? > > Yeah, and then they go into Synaptic and want to install Firefox 2.0 (or > 3.0, 4.0, etc.) and it is not there. So they go to Firefox website and > download source tarball or RPM, or whatever. And run away scared, > because "Linux is too difficult". > > Krzysztof Lichota > > -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Kevin Fries napisał(a): > As for the OPs problem with Synaptic... That is 500% off base. I know > this because I have sat down with end users and showed them synaptic, > and the gnome installer. If more geeks like us did this with their > favorite Windows user, I believe there would be more people asking why > Windows does not install as nicely as Linux. Want proof? Yeah, and then they go into Synaptic and want to install Firefox 2.0 (or 3.0, 4.0, etc.) and it is not there. So they go to Firefox website and download source tarball or RPM, or whatever. And run away scared, because "Linux is too difficult". Krzysztof Lichota signature.asc Description: OpenPGP digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
I agree with all of this. Except that I think what MS does is "just fine.", and I've love to provide that ability for Ubuntu, and Ubuntu alone. And so I will. Hence why I wrote wiki.ubuntu.com/ThirdPartyApt, and am just now getting motivated to finish it (after this conversation.) On Wed, 2007-08-08 at 12:10 -0600, Kevin Fries wrote: > On Wed, 2007-08-08 at 10:09 +0100, Matt Zimmerman wrote: > > The two are not mutually exclusive, and an ideal solution would incorporate > > both. > > I can't believe this conversation has gone on this long. Its a really > ill conceived idea that is either not explained very well, or has > evolved during this thread. > > First of all, the OP wants a one click install. But we already have > that in GDebi, and the upcoming apt:// protocol. If you publish > software and use the software out of the Ubuntu repositories, both > protocols will use the underlying APT system to pull dependencies, and > install in a safe and sane manner. If you are not building based upon > the Ubuntu core, you are more likely to brick your system than to get > any great functionality... so why would we encourage that behavior > because Microsoft does? Can we find a better one? > > Microsoft does not have to worry about different distros and the OP is > all upset that Linux can not reach it full potential until some high > school kid from Tallahassee, Rio, or Queensland can simply compile there > software, post it on the web, and allow it to be installed on all the > distros. The problem is that this is not possible. The impossibility > does not come from a technical problem, but instead a political one. > Technical problems can be overcome with hard work and technology. > Political problems will tie you up in knots for decades without any > resolution. > > The real problem is that not all system use LSB nor do all system > distribute their software as binaries. Those distros that don't follow > LSB will surely break if you install software that does. Due to the > nature of Linux, you can not enforce LSB. Heck, LSB even leaves vague > where several key items should be placed (lets start with /opt > vs /usr/local or /usr/games vs /usr/shared/games) Therefore, any one > size fits all installer will surely only serve a small portion of the > install base. As an example, I saw talk of re-inventing alien. But a > better Alien is only solving the RPM->DEB or DEB->RPM issue. Lets not > forget Gentoo's portage system and all its descendants like T2, Rock, > Puppy, etc. If one size truly fit all, ever woman in America should be > walking around in a Muumuu. Ladies? Guys want to suggest this to your > lady? The reason is that women are not all walking around in muumuus is > the same reason this idea will fail... One size does not fit all, and > different systems will require different solutions. Viva la difference! > > While the dream is nobble, and probably worth while, this is not the > solution. A better solution would be from the compilation and tools > side. A better solution would be to provide a single tool that takes > the code, and packages it for deb, rpm, ipkg, tar.gz, and an ebuild all > in one command. Then package it up with a solid testing and approval > process that makes it easy to get it into the approved repositories for > each distro. Maybe a clearing house system for packages. Once an > independent developer builds their new nifty widget generator, the nwg > project could be posted easily to all the major (and even minor) > projects all at once. > > Without running software though the various testing processes to insure > it is safe, we will have the same problem that has Microsoft in the > situation they are in right now. Microsoft has such a commanding lead, > and there market share is slowly dwindling. The battle is being lost in > Redmond, and stability, viruses, bloat, and cost are all playing their > part. Linux has MS on all these parts. Linux is more popular than > ever. Why would we ever want to begin copying Microsoft's bad habits. > One step installer sounds great, but it can not be done safely. > > As for the OPs problem with Synaptic... That is 500% off base. I know > this because I have sat down with end users and showed them synaptic, > and the gnome installer. If more geeks like us did this with their > favorite Windows user, I believe there would be more people asking why > Windows does not install as nicely as Linux. Want proof? > > http://windows-get.sourceforge.net/ > > Has anyone stopped to think that in our quest to solve bug #1, that the > answer is not to make Linux behave like Windows, but instead, show > Windows users a taste of what Linux does well. Linux already does > package management well... very well. > > Now can we get onto other problems > -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-
Re: Announcement: One Click Installer
On Wed, 2007-08-08 at 10:09 +0100, Matt Zimmerman wrote: > The two are not mutually exclusive, and an ideal solution would incorporate > both. I can't believe this conversation has gone on this long. Its a really ill conceived idea that is either not explained very well, or has evolved during this thread. First of all, the OP wants a one click install. But we already have that in GDebi, and the upcoming apt:// protocol. If you publish software and use the software out of the Ubuntu repositories, both protocols will use the underlying APT system to pull dependencies, and install in a safe and sane manner. If you are not building based upon the Ubuntu core, you are more likely to brick your system than to get any great functionality... so why would we encourage that behavior because Microsoft does? Can we find a better one? Microsoft does not have to worry about different distros and the OP is all upset that Linux can not reach it full potential until some high school kid from Tallahassee, Rio, or Queensland can simply compile there software, post it on the web, and allow it to be installed on all the distros. The problem is that this is not possible. The impossibility does not come from a technical problem, but instead a political one. Technical problems can be overcome with hard work and technology. Political problems will tie you up in knots for decades without any resolution. The real problem is that not all system use LSB nor do all system distribute their software as binaries. Those distros that don't follow LSB will surely break if you install software that does. Due to the nature of Linux, you can not enforce LSB. Heck, LSB even leaves vague where several key items should be placed (lets start with /opt vs /usr/local or /usr/games vs /usr/shared/games) Therefore, any one size fits all installer will surely only serve a small portion of the install base. As an example, I saw talk of re-inventing alien. But a better Alien is only solving the RPM->DEB or DEB->RPM issue. Lets not forget Gentoo's portage system and all its descendants like T2, Rock, Puppy, etc. If one size truly fit all, ever woman in America should be walking around in a Muumuu. Ladies? Guys want to suggest this to your lady? The reason is that women are not all walking around in muumuus is the same reason this idea will fail... One size does not fit all, and different systems will require different solutions. Viva la difference! While the dream is nobble, and probably worth while, this is not the solution. A better solution would be from the compilation and tools side. A better solution would be to provide a single tool that takes the code, and packages it for deb, rpm, ipkg, tar.gz, and an ebuild all in one command. Then package it up with a solid testing and approval process that makes it easy to get it into the approved repositories for each distro. Maybe a clearing house system for packages. Once an independent developer builds their new nifty widget generator, the nwg project could be posted easily to all the major (and even minor) projects all at once. Without running software though the various testing processes to insure it is safe, we will have the same problem that has Microsoft in the situation they are in right now. Microsoft has such a commanding lead, and there market share is slowly dwindling. The battle is being lost in Redmond, and stability, viruses, bloat, and cost are all playing their part. Linux has MS on all these parts. Linux is more popular than ever. Why would we ever want to begin copying Microsoft's bad habits. One step installer sounds great, but it can not be done safely. As for the OPs problem with Synaptic... That is 500% off base. I know this because I have sat down with end users and showed them synaptic, and the gnome installer. If more geeks like us did this with their favorite Windows user, I believe there would be more people asking why Windows does not install as nicely as Linux. Want proof? http://windows-get.sourceforge.net/ Has anyone stopped to think that in our quest to solve bug #1, that the answer is not to make Linux behave like Windows, but instead, show Windows users a taste of what Linux does well. Linux already does package management well... very well. Now can we get onto other problems -- Kevin Fries Senior Linux Engineer Computer and Communications Technologies, Inc. a division of Japan Communications, Inc. signature.asc Description: This is a digitally signed message part -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
On Wed, Aug 08, 2007 at 07:19:23PM +0200, Krzysztof Lichota wrote: > OK, now I understand what you mean. > > Yes, you can provide One Click Installer installation file which has > only information which package to install and does not contain any > repository information. This should cover the second case. Oh, that's excellent then. Thank you. -- - mdz -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Matt Zimmerman napisał(a): > We are talking past each other. There are two distinct use cases here, and > I am a) saying they could both be fulfilled by the same software mechanism, > and b) asking whether your system does both. > > From the sound of it, it only addresses the explicitly third-party > repository case, and not the case where the application is implicitly > available from Ubuntu. > > Yes, there are third-party developers who could make use of such a system to > publish their applications, but there are also developers who are well > served by the existing system and would benefit from having a web-oriented > way to indicate that their software is included in the Ubuntu repositories, > delegating all decisions about repository location and authentication to the > package manager. OK, now I understand what you mean. Yes, you can provide One Click Installer installation file which has only information which package to install and does not contain any repository information. This should cover the second case. Krzysztof Lichota signature.asc Description: OpenPGP digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
On Wed, Aug 08, 2007 at 05:14:01PM +0200, Krzysztof Lichota wrote: > Matt Zimmerman napisał(a): > > On Wed, Aug 08, 2007 at 04:58:21PM +0200, Krzysztof Lichota wrote: > >> Matt Zimmerman napisał(a): > >>> On Tue, Aug 07, 2007 at 09:57:42PM +0200, Krzysztof Lichota wrote: > This is the approach of apt:// protocol. It is not extensible and it > will not make Ubuntu competitive to rich software ecosystem of Windows. > There _must_ be the way for third party software creators to publish > their software easily. Otherwise they will not be interested in creating > their apps for Linux. > >>> The two are not mutually exclusive, and an ideal solution would > >>> incorporate > >>> both. > >> One Click Installer can be used for both, providing trusted, signed > >> installation files signed by Ubuntu and providing unsigned files for > >> third party developers. > > > > It is not a question of whether the file is signed or not; it is a different > > abstraction. > > > > One is "install package X from repository Y". (One Click seems to do this, > > from your description) > > > > The other is "install package X from your existing, configured > > repositories" (this is like apt:// and similar ideas) > > > > The key difference is that in the latter case, the metadata does not supply > > a repository, and there should be (notably) none of the usual security > > issues, regardless of whether the metadata is authenticated. > > Exactly, so how in this case you want third party developers to provide > their apps? We are talking past each other. There are two distinct use cases here, and I am a) saying they could both be fulfilled by the same software mechanism, and b) asking whether your system does both. From the sound of it, it only addresses the explicitly third-party repository case, and not the case where the application is implicitly available from Ubuntu. Yes, there are third-party developers who could make use of such a system to publish their applications, but there are also developers who are well served by the existing system and would benefit from having a web-oriented way to indicate that their software is included in the Ubuntu repositories, delegating all decisions about repository location and authentication to the package manager. -- - mdz -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Matt Zimmerman napisał(a): > On Wed, Aug 08, 2007 at 04:58:21PM +0200, Krzysztof Lichota wrote: >> Matt Zimmerman napisał(a): >>> On Tue, Aug 07, 2007 at 09:57:42PM +0200, Krzysztof Lichota wrote: This is the approach of apt:// protocol. It is not extensible and it will not make Ubuntu competitive to rich software ecosystem of Windows. There _must_ be the way for third party software creators to publish their software easily. Otherwise they will not be interested in creating their apps for Linux. >>> The two are not mutually exclusive, and an ideal solution would incorporate >>> both. >> One Click Installer can be used for both, providing trusted, signed >> installation files signed by Ubuntu and providing unsigned files for >> third party developers. > > It is not a question of whether the file is signed or not; it is a different > abstraction. > > One is "install package X from repository Y". (One Click seems to do this, > from your description) > > The other is "install package X from your existing, configured > repositories" (this is like apt:// and similar ideas) > > The key difference is that in the latter case, the metadata does not supply > a repository, and there should be (notably) none of the usual security > issues, regardless of whether the metadata is authenticated. Exactly, so how in this case you want third party developers to provide their apps? Krzysztof Lichota signature.asc Description: OpenPGP digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
On Wed, Aug 08, 2007 at 04:58:21PM +0200, Krzysztof Lichota wrote: > Matt Zimmerman napisał(a): > > On Tue, Aug 07, 2007 at 09:57:42PM +0200, Krzysztof Lichota wrote: > >> Matt Zimmerman napisał(a): > >>> This provides the experience of locating the software on the web while > >>> retaining the security and maintenance characteristics of the distribution > >>> model. > >> This is the approach of apt:// protocol. It is not extensible and it > >> will not make Ubuntu competitive to rich software ecosystem of Windows. > >> There _must_ be the way for third party software creators to publish > >> their software easily. Otherwise they will not be interested in creating > >> their apps for Linux. > > > > The two are not mutually exclusive, and an ideal solution would incorporate > > both. > > One Click Installer can be used for both, providing trusted, signed > installation files signed by Ubuntu and providing unsigned files for > third party developers. It is not a question of whether the file is signed or not; it is a different abstraction. One is "install package X from repository Y". (One Click seems to do this, from your description) The other is "install package X from your existing, configured repositories" (this is like apt:// and similar ideas) The key difference is that in the latter case, the metadata does not supply a repository, and there should be (notably) none of the usual security issues, regardless of whether the metadata is authenticated. -- - mdz -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Matt Zimmerman napisał(a): > On Tue, Aug 07, 2007 at 09:57:42PM +0200, Krzysztof Lichota wrote: >> Matt Zimmerman napisał(a): >>> This provides the experience of locating the software on the web while >>> retaining the security and maintenance characteristics of the distribution >>> model. >> This is the approach of apt:// protocol. It is not extensible and it >> will not make Ubuntu competitive to rich software ecosystem of Windows. >> There _must_ be the way for third party software creators to publish >> their software easily. Otherwise they will not be interested in creating >> their apps for Linux. > > The two are not mutually exclusive, and an ideal solution would incorporate > both. One Click Installer can be used for both, providing trusted, signed installation files signed by Ubuntu and providing unsigned files for third party developers. Krzysztof Lichota signature.asc Description: OpenPGP digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
On Tue, Aug 07, 2007 at 09:57:42PM +0200, Krzysztof Lichota wrote: > Matt Zimmerman napisał(a): > >> So Ubuntu could just provide signed files for applications hosted in its > >> repository, signed with its key for use by everyone else. Files would be > >> hosted on Ubuntu server and everyone else (forum support people, > >> bloggers, journalists, ...) could just provide links to these files > >> instead of creating them on their own. > > > > There is no need for Ubuntu to provide additional metadata for the thousands > > of programs available in the repositories. Instead, the metadata file need > > only provide the name of the package, and the local package manager can > > install it from the official repository. > > > > This provides the experience of locating the software on the web while > > retaining the security and maintenance characteristics of the distribution > > model. > > This is the approach of apt:// protocol. It is not extensible and it > will not make Ubuntu competitive to rich software ecosystem of Windows. > There _must_ be the way for third party software creators to publish > their software easily. Otherwise they will not be interested in creating > their apps for Linux. The two are not mutually exclusive, and an ideal solution would incorporate both. -- - mdz -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Krzysztof Lichota: > Greg K Nicholson napisał(a): >> Krzysztof Lichota: >>> Creator of One Click Installer installation file decides which >>> repository will be used. If the application is available in Ubuntu >>> repository I do not see the point why he would prefer to point to some >>> other repository. >> Maybe the OCI file's creator uses a different distro. This is supposed >> to be distro-neutral, right? > > Right. But if the application is in an official, supported repository > for given distro, it is better for the author to point to such > repository as its quality should be higher than some other, third party. > Unless the third party provides some feature which is not available in > official version, but well, it is a tradeoff here. It is up to > installation file author to balance what he thinks is better. So then we'll end up with the installation file author, an Ubuntu user, creating an installation file that points to Ubuntu's repository. If a user of OpenSuSE then comes along and uses that installation file, will they be installing onto an OpenSuSE system from Ubuntu's repository? -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
On Tuesday 07 August 2007 18:23, Krzysztof Lichota wrote: > Scott Kitterman napisał(a): > > OK, so for a Debian system, where do the.debs come from that One Click is > > needed for? > > The debs are already in repositories. It is about giving users easy > access to them. > > > This is the part that keeps confusing me. You seem to think if > > installing were just easier, people would install more stuff (probably > > true), but I think the real limiting factor is getting the stuff properly > > packaged. > > Try reading forum posts or the Scribus page I have mentioned > (http://www.scribus.net/index.php?name=Sections&req=viewarticle&artid=4&pag >e=1). They are full of descriptions how to add repository, how to add key, > etc. Repeated all over again. And in many cases they go to most common > denominator (modifying /etc/apt/sources.list and using apt-key in > console), because if they describe one application (like Synaptic), then > user might be using different (like Adept). > > Now imagine you are user who wants to install application. And he must > take so many difficult steps to achieve simple goal - installing > application. > > Or you are an application author which can either depend on his users to > know how to add repository, or he can create description how to do it > once again. > > This is the problem I am trying to solve. OK. That's a different problem then it sounded to me like you were trying to solve. That one is, I think, rather more reasonable. When you talk to me here about all the wonderful RPMs out there, it sounds to me like you're trying to re-invent alien, not make it easier to find and install packages for the distribution's packaging system. I'll note that another option is for said application author to work with distributions to get their application into the official/tested repository. I'll also note that in most cases I've run across when someone brings their package to Ubuntu, it is not initially up to Ubuntu packaging quality standards. In my opinion, moving outside of the distribution's package repository adds risk that should not be too thoroughly hidden from the user. Scott K -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
The .debs are already in which repository? Who built them? If Ubuntu's repository, well, what have you solved then? They were already there. On Wed, 2007-08-08 at 00:23 +0200, Krzysztof Lichota wrote: > Scott Kitterman napisał(a): > > OK, so for a Debian system, where do the.debs come from that One Click is > > needed for? > > The debs are already in repositories. It is about giving users easy > access to them. > > > This is the part that keeps confusing me. You seem to think if installing > > were just easier, people would install more stuff (probably true), but I > > think the real limiting factor is getting the stuff properly packaged. > > Try reading forum posts or the Scribus page I have mentioned > (http://www.scribus.net/index.php?name=Sections&req=viewarticle&artid=4&page=1). > They are full of descriptions how to add repository, how to add key, > etc. Repeated all over again. And in many cases they go to most common > denominator (modifying /etc/apt/sources.list and using apt-key in > console), because if they describe one application (like Synaptic), then > user might be using different (like Adept). > > Now imagine you are user who wants to install application. And he must > take so many difficult steps to achieve simple goal - installing > application. > > Or you are an application author which can either depend on his users to > know how to add repository, or he can create description how to do it > once again. > > This is the problem I am trying to solve. > > Krzysztof Lichota > -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Scott Kitterman napisał(a): > OK, so for a Debian system, where do the.debs come from that One Click is > needed for? The debs are already in repositories. It is about giving users easy access to them. > This is the part that keeps confusing me. You seem to think if installing > were just easier, people would install more stuff (probably true), but I > think the real limiting factor is getting the stuff properly packaged. Try reading forum posts or the Scribus page I have mentioned (http://www.scribus.net/index.php?name=Sections&req=viewarticle&artid=4&page=1). They are full of descriptions how to add repository, how to add key, etc. Repeated all over again. And in many cases they go to most common denominator (modifying /etc/apt/sources.list and using apt-key in console), because if they describe one application (like Synaptic), then user might be using different (like Adept). Now imagine you are user who wants to install application. And he must take so many difficult steps to achieve simple goal - installing application. Or you are an application author which can either depend on his users to know how to add repository, or he can create description how to do it once again. This is the problem I am trying to solve. Krzysztof Lichota signature.asc Description: OpenPGP digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
On Tuesday 07 August 2007 16:11, Krzysztof Lichota wrote: > Scott Kitterman napisał(a): > > On Tuesday 07 August 2007 15:57, Krzysztof Lichota wrote: > >> This is the approach of apt:// protocol. It is not extensible and it > >> will not make Ubuntu competitive to rich software ecosystem of Windows. > >> There _must_ be the way for third party software creators to publish > >> their software easily. Otherwise they will not be interested in creating > >> their apps for Linux. > > > > I spend a lot of time packaging software for the Debian packaging system. > > It sounds to me like you believe this is a waste of my time because a > > generally extensible packaging system that will result in reliable > > installations across diverse architectures and hardware either exists or > > it trivial to create. > > > > Is that right? > > No, you got completely the wrong idea. > Deb packages built for specific distro are useful as they provide best > integration with underlying distribution. And One Click Installer does > not at all address the issue of common packaging format or whether DEB > is better than RPM. It is just a convenient way for users to have their > favourite app installed without knowing what their distro is, what their > packaging system is, how to add repository, how to update it, how to add > keys, etc. > OK, so for a Debian system, where do the.debs come from that One Click is needed for? This is the part that keeps confusing me. You seem to think if installing were just easier, people would install more stuff (probably true), but I think the real limiting factor is getting the stuff properly packaged. Scott K -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Scott Kitterman napisał(a): > On Tuesday 07 August 2007 15:57, Krzysztof Lichota wrote: > >> This is the approach of apt:// protocol. It is not extensible and it >> will not make Ubuntu competitive to rich software ecosystem of Windows. >> There _must_ be the way for third party software creators to publish >> their software easily. Otherwise they will not be interested in creating >> their apps for Linux. > > I spend a lot of time packaging software for the Debian packaging system. It > sounds to me like you believe this is a waste of my time because a generally > extensible packaging system that will result in reliable installations across > diverse architectures and hardware either exists or it trivial to create. > > Is that right? No, you got completely the wrong idea. Deb packages built for specific distro are useful as they provide best integration with underlying distribution. And One Click Installer does not at all address the issue of common packaging format or whether DEB is better than RPM. It is just a convenient way for users to have their favourite app installed without knowing what their distro is, what their packaging system is, how to add repository, how to update it, how to add keys, etc. Krzysztof Lichota signature.asc Description: OpenPGP digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Greg K Nicholson napisał(a): > Krzysztof Lichota: >> Creator of One Click Installer installation file decides which >> repository will be used. If the application is available in Ubuntu >> repository I do not see the point why he would prefer to point to some >> other repository. > > Maybe the OCI file's creator uses a different distro. This is supposed > to be distro-neutral, right? Right. But if the application is in an official, supported repository for given distro, it is better for the author to point to such repository as its quality should be higher than some other, third party. Unless the third party provides some feature which is not available in official version, but well, it is a tradeoff here. It is up to installation file author to balance what he thinks is better. Krzysztof Lichota signature.asc Description: OpenPGP digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
On Tuesday 07 August 2007 15:57, Krzysztof Lichota wrote: > This is the approach of apt:// protocol. It is not extensible and it > will not make Ubuntu competitive to rich software ecosystem of Windows. > There _must_ be the way for third party software creators to publish > their software easily. Otherwise they will not be interested in creating > their apps for Linux. I spend a lot of time packaging software for the Debian packaging system. It sounds to me like you believe this is a waste of my time because a generally extensible packaging system that will result in reliable installations across diverse architectures and hardware either exists or it trivial to create. Is that right? Scott K -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Jerome Haltom napisał(a): > So this works for Yum too? Not yet, but I hope it will. And Yast, ebuild and TGZ as well. I can create versions for most popular packaging/distribution systems, but it is up to distribution developers to integrate it or add support for their unique packaging system. Krzysztof Lichota signature.asc Description: OpenPGP digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Matt Zimmerman napisał(a): >> So Ubuntu could just provide signed files for applications hosted in its >> repository, signed with its key for use by everyone else. Files would be >> hosted on Ubuntu server and everyone else (forum support people, >> bloggers, journalists, ...) could just provide links to these files >> instead of creating them on their own. > > There is no need for Ubuntu to provide additional metadata for the thousands > of programs available in the repositories. Instead, the metadata file need > only provide the name of the package, and the local package manager can > install it from the official repository. > > This provides the experience of locating the software on the web while > retaining the security and maintenance characteristics of the distribution > model. This is the approach of apt:// protocol. It is not extensible and it will not make Ubuntu competitive to rich software ecosystem of Windows. There _must_ be the way for third party software creators to publish their software easily. Otherwise they will not be interested in creating their apps for Linux. And if you want to provide higher security, you can turn off installing unsigned files in One Click Installer. This way inexperienced users will not be able to install untrusted software easily. But of course advanced users will be able to work around it. Krzysztof Lichota signature.asc Description: OpenPGP digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Matt Zimmerman: > Instead, the metadata file need > only provide the name of the package, and the local package manager can > install it from the official repository. How would this be better than (or different from) the apt/install protocol? -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Krzysztof Lichota: > Creator of One Click Installer installation file decides which > repository will be used. If the application is available in Ubuntu > repository I do not see the point why he would prefer to point to some > other repository. Maybe the OCI file's creator uses a different distro. This is supposed to be distro-neutral, right? -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
So this works for Yum too? On Tue, 2007-08-07 at 21:34 +0200, Krzysztof Lichota wrote: > Jerome Haltom napisał(a): > > Now that I actually read this, I don't see any actual difference between > > it and GAptI. Is there one? > > > > Other than the file being some weird XMLish thing. With hard coded > > command line options in it. > > Command line option was added as hack specifically to support installing > Skype deb from their repository. I couldn't believe it but they have put > repository with debs without signing it! > It will go away as soon as I find better solution. > > > I choose the format I choose for GAptI > > because it was keeping in-line with the traditional Name: Value pair > > format used by both dpkg and apt itself. > > Not whole worlds is using apt. XML is more flexible when it comes to > supporting unexpected things. > > Krzysztof Lichota > -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Jerome Haltom napisał(a): > Now that I actually read this, I don't see any actual difference between > it and GAptI. Is there one? > > Other than the file being some weird XMLish thing. With hard coded > command line options in it. Command line option was added as hack specifically to support installing Skype deb from their repository. I couldn't believe it but they have put repository with debs without signing it! It will go away as soon as I find better solution. > I choose the format I choose for GAptI > because it was keeping in-line with the traditional Name: Value pair > format used by both dpkg and apt itself. Not whole worlds is using apt. XML is more flexible when it comes to supporting unexpected things. Krzysztof Lichota signature.asc Description: OpenPGP digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Jerome Haltom napisał(a): > I wanted to point you to my existing effort with regards to this: > > https://wiki.ubuntu.com/GAptI > > Someday I will in fact finish this. Please take a look at it though. Yes, I have seen it long time ago. But it supports only APT. One Click Installer strives to be the solution for all Linux (and non-Linux) distributions. Krzysztof Lichota signature.asc Description: OpenPGP digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Sebastian Heinlein napisał(a): > even a signed software can do a lot of harm to your system. installing > software from the internet blindly is perhaps the cause for most > unstable windows systems. Any software can harm your system when used inappropriately. But it is not the reason to forbid people to use it. If someone is security conscious, he will take the risk into account. If he is not aware of it, we can make him at least aware. Then the decision is in the hands of user. > if you require to only install signed packages only you would at least > make sure that the package creator has got some basic skills. > furthermore it could be nice to make use of the gnupg web of trust here. > you could calculate a trust level from the number and kind of > signatures. This is interesting proposal. But the problem is how to measure such trust level? By requiring web of trust to reach one of Ubuntu developers? > what are your plans about an translation infrastructure for the oci > files? if you don't find any translators you won't get any translations > - the current problem of ddtp. The basic principle is that anyone can create installation files in decentralized manners. So it would be up to local Ubuntu teams to provide installation files with translated contents. Any central repository (based on Rosetta or DDTP) should only help by providing some coordination place. > you mentioned tucows and a central wiki page many times. any plans on > this? the idea was discussed several times in the past, but it was never > implemented in the official ubuntu frame work. perhaps an error, since > now we seem to get a lot of separated sites with no central quality > assurance. I have not mentioned central wiki page :) My vision is completely different - there should be many places where installation links can be provided. Some of them more formal and trusted (for example packages.ubuntu.com, Ubuntu pages, etc.), some supported by community (getdeb.net, etc.), some completely freelance - blogs, forums, wikis, etc. One Click Installer allows all these places to host installation links. It is up to maintainers of packages.ubuntu.com, getdeb.net or any other site to use it. And distributions such as Ubuntu can help creating this ecosystem by providing signed installation files for everyone to link to. Of course I would really like to see central Ubuntu software repository with trusted, signed installation files, extensive descriptions, ranks, comments, etc. But it should not be the only place. Krzysztof Lichota signature.asc Description: OpenPGP digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
On Tue, Aug 07, 2007 at 08:36:23PM +0200, Krzysztof Lichota wrote: > Creator of One Click Installer installation file decides which > repository will be used. If the application is available in Ubuntu > repository I do not see the point why he would prefer to point to some > other repository. > > Additionally, Ubuntu could make such need void by providing prepackaged, > trusted installation files - only installation files signed using Ubuntu > key are trusted by default by One Click Installer. Files signed with > untrusted key are not installed and files without signature spawn > warning and default to aborting installation. I have described security > model in this e-mail: > https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2007-August/001385.html > > So Ubuntu could just provide signed files for applications hosted in its > repository, signed with its key for use by everyone else. Files would be > hosted on Ubuntu server and everyone else (forum support people, > bloggers, journalists, ...) could just provide links to these files > instead of creating them on their own. There is no need for Ubuntu to provide additional metadata for the thousands of programs available in the repositories. Instead, the metadata file need only provide the name of the package, and the local package manager can install it from the official repository. This provides the experience of locating the software on the web while retaining the security and maintenance characteristics of the distribution model. -- - mdz -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Sebastian Heinlein napisał(a): > I haveb't look at the code in depth, but have you thought about using > the apt python bindings instead of command line calls ("apt-get install > --assume-yes" is a bad idea)? aptsources even provides an abstraction of > the sources.list. I did not know about apt bindings and I had command line interface from my other project. I have tried using Adept Batch, but it is not very convenient nor portable. So if someone can improve that code, you are welcome to join the project :) The code is open and definitely there are many ways to improve it :) Krzysztof Lichota signature.asc Description: OpenPGP digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Matt Zimmerman napisał(a): > Thanks for sharing your ideas with us in detail. This is an idea which has > been on many of our minds for some time, but no one had gotten around to > prototyping it yet. > > One concern that I have is that I feel it is important to ensure that > applications and their dependencies are installed from the Ubuntu > repositories wherever possible: if the application is available from Ubuntu, > it should be installed from there, even if the user found it via a > third-party website. This ensures that it will receive official updates, > and upgrade properly to the next release of Ubuntu, which is one of the > great strengths of package management. > > Of course, there will be applications which cannot be added to Ubuntu, and > so third-party repositories are necessary, but they should be avoided where > they are redundant, as they complicate maintenance and upgrades. > > Does your design address this? Creator of One Click Installer installation file decides which repository will be used. If the application is available in Ubuntu repository I do not see the point why he would prefer to point to some other repository. Additionally, Ubuntu could make such need void by providing prepackaged, trusted installation files - only installation files signed using Ubuntu key are trusted by default by One Click Installer. Files signed with untrusted key are not installed and files without signature spawn warning and default to aborting installation. I have described security model in this e-mail: https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2007-August/001385.html So Ubuntu could just provide signed files for applications hosted in its repository, signed with its key for use by everyone else. Files would be hosted on Ubuntu server and everyone else (forum support people, bloggers, journalists, ...) could just provide links to these files instead of creating them on their own. To give it kick start this could be even automated to create installation files based on descriptions from .deb files themselves. Then they could be polished to provide better user experience (provide optional documentation installation, language packs, etc.). Krzysztof Lichota signature.asc Description: OpenPGP digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Am 07.08.2007 um 16:30 schrieb Sebastian Heinlein: > installing software from the internet blindly is perhaps the cause > for most > unstable windows systems. I doubt an OS installation cares where you've got your applications from. The worst software I have experience with are drivers and free "helper" applications coming on a CD bundled with hardware. The biggest source of instability is the fact you have to install software at all. Libraries possibly overriding already existing ones. Variables set or unset to match what the individual developer thinks is right. Additional files spread all over the system, because Linux expects them in a specific place. Configuration files edited without a chance to revert them to a different mix of installed packages. If you want more stability along with more ease for the user, you should work towards self-sufficient application packages. Not necessarily a single file, but a directory filled with everything some piece of software needs. Installation: unpack an archive (without admin rights, whereever it is convenient for you). Deinstallation: move the archive's contents (a single file or directory) to the trash. Changes after a typical installation/run/deinstallation cycle: Zero. While this requires some tweaks to the base system (e.g. the linker should look into the bundle before /usr/lib) and isn't good for every type of software, it is very user friendly and very doable. Classic Mac OS did it. Mac OS X does it. GNUstep does it. Markus - - - - - - - - - - - - - - - - - - - Dipl. Ing. Markus Hitter http://www.jump-ing.de/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Am Dienstag, den 07.08.2007, 01:04 +0200 schrieb Krzysztof Lichota: > Chris Wagner napisał(a): > > Every time someone comes up with a new, more-intuitive way to install > > software on Linux, there seems to be more negative comments about it > > than positive. I recall similar comments when Gdebi was proposed, but > > it seems to have gone over okay. > > > > I only see one major flaw in Krzysztof's model: security. (Am I wrong? > > Are there other serious problems?) Unfortunately, that's arguably the > > most important issue. Rather than shrug off this solution, though, why > > not come up with a mechanism for making it (at least somewhat) secure? > > I completely agree the security is important. even a signed software can do a lot of harm to your system. installing software from the internet blindly is perhaps the cause for most unstable windows systems. if a package would be signed by the ubuntu developers it should be part of the distribution. if you require to only install signed packages only you would at least make sure that the package creator has got some basic skills. furthermore it could be nice to make use of the gnupg web of trust here. you could calculate a trust level from the number and kind of signatures. what are your plans about an translation infrastructure for the oci files? if you don't find any translators you won't get any translations - the current problem of ddtp. you mentioned tucows and a central wiki page many times. any plans on this? the idea was discussed several times in the past, but it was never implemented in the official ubuntu frame work. perhaps an error, since now we seem to get a lot of separated sites with no central quality assurance. cheers, sebastian -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
I haveb't look at the code in depth, but have you thought about using the apt python bindings instead of command line calls ("apt-get install --assume-yes" is a bad idea)? aptsources even provides an abstraction of the sources.list. Cheers, Sebastian -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
On Mon, Aug 06, 2007 at 07:01:35PM +0200, Krzysztof Lichota wrote: > I would like to share with you the project I have been working for some > time now which I think could help solving bug #1. > > The problem: > - Users coming from Windows (and in general beginners) want installation > of applications to be as easy as possible. Download, Next, Next, Done > kind of experience. > - If you start talking about command line and adding keys, repositories, > etc. you have lost them. They will not understand and they will not > _want_ to dig into technical details. > - There is plenty of packaging formats used on Linux and average users > do not want to know the differences between them, they just want to > install application. > > Package installation applications (Synaptic, Adept) and apt repositories > do not solve the problem for the following reasons: > 1. Repositories must be added manually and this exceeds skills of > average Windows user. Keys must be added also and repositories updated. > Too many steps, too difficult. > 2. Users are not used to going to package management application to > install application. They want to click link on application web page, > download, run, Next, Next, etc. > 3. Package management applications are too bloated with features and > contain thousands of applications. Even with categories it is hard to > find application that the user needs (think "I want a movie player"), > especially if they do not know name and are presented with 10 > applications which they do not know and all do the same or differ in > technical details (e.g. uses Xine or uses GStreamer). Users want to have > some context - other users comments, grades, etc. > 4. Application descriptions are in English (I know about DDTP, but AFAIK > it does not work). Many users do not know English and they want > information about applications in their language, on native portals with > applications (like localized Tucows). > 5. User must know that he is using APT with DEB packages. As there are > separate APT repositories for each distribution version and user must > also know what distribution he is using which version, choose > appropriate repository, etc. > 6. If user is using some other distribution than Debian-based he is even > more in pain, he has to know what package format to use (DEB, RPM, TGZ, > Ebuild, ...), what channel (APT, yum, Yast, ZMD, etc.), what distro, > which version. > > Now compare it to installation on Windows - user goes to Google, types > "movie player download" or browses some application catalog like Tucows, > selects one with best reviews, downloads installer (in most cases he has > to choose between installer for Windows 98/ME and installer for Windows > 2000/XP), 3 clicks and he is done. > > So, here is my shot at solving this problem - One Click Installer > (http://code.google.com/p/one-click-installer/). > > The idea is similar to this implemented in > https://wiki.ubuntu.com/ThirdPartyApt, but with broader scope > (supporting all distributions, not only Debian-based) and more features. Thanks for sharing your ideas with us in detail. This is an idea which has been on many of our minds for some time, but no one had gotten around to prototyping it yet. One concern that I have is that I feel it is important to ensure that applications and their dependencies are installed from the Ubuntu repositories wherever possible: if the application is available from Ubuntu, it should be installed from there, even if the user found it via a third-party website. This ensures that it will receive official updates, and upgrade properly to the next release of Ubuntu, which is one of the great strengths of package management. Of course, there will be applications which cannot be added to Ubuntu, and so third-party repositories are necessary, but they should be avoided where they are redundant, as they complicate maintenance and upgrades. Does your design address this? -- - mdz -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Greg K Nicholson napisał(a): > Krzysztof Lichota: >> And I do not think such amount of information should be put in URLs, it >> is just too big. URLs should not hold data. > > I imagine that the major Linux vendors would each host a library server, > SourceForge might have one too, as would some or all of the servers that > currently provide mirrors for open source projects' downloads. Remember, > we're only dealing with short snippets of metadata, not the installers > themselves, so this isn't a universal repository of all software — just > a universal repository of all software installation metadata (ideally). So you are taking away power from users and centralizing it. It is exactly the opposite of what was the key of success of WWW (giving power to users). > I'm visualising this library as a vast table with program versions down > the left, and distro/version/etc combinations across the top. At the > intersections are instructions like: > > http://bar.example.com";>foo > > Sometimes there are several instructions: > > http://bar.example.com";>foo > http://baz.example.org/gpgkey Please see the specification of One Click Installer file format (http://one-click-installer.googlecode.com/svn/trunk/one-click-inst/README) and you will see exactly that. And the "library of servers" becomes just a loose bunch of web servers holding One Click Installer installation files. Just One Click Installer gives everyone a possibility to create one, not only distributions and big players. Krzysztof Lichota signature.asc Description: OpenPGP digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
On Tue, 2007-08-07 at 02:22 +0100, Greg K Nicholson wrote: > Drive-by href: http://autopackage.org/ I think Autopackage has the wrong idea. From a technical perspective most package formats contain the same data, so converting between them should be easy. The actual problem is the contents of the packages, the data and metadata itself. A Debian package for Debian might not work in Ubuntu so making another format isn't the point. Forgetting tricky technical issues like compiler and library versions and focusing on the metadata; there is no point depending on 'foo' if that functionality is provided by 'bar' in another distro. This is the key area to standardise, after that is done then tools like alien could improve significantly and upstream packaging would be more feasable (and if upstreams are packaging their own software then those would become the standard across distros, hopefully creating a feedback loop to keep things running smoothly). Of course I am not saying distros should not do their own packaging, but if upstreams release files compatible with the quality-assured distro files then those who don't rely on strict QA are free to use whatever packages they find. As a side note I think that the idea of a list of third party repos is flawed. It doesn't solve us-and-them issues, it just creates an us-and-these-and-them situation. The solution needs to be implementable by anyone, decentralised, robust and generic. Thanks, Chris Warburton -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Krzysztof Lichota: > Conrad Knauer napisał(a): >> I note, later on in your e-mail >> that you have in mind basically a front-end for just about any package >> management system. That's one way towards getting a unified Linux >> package management system, though Mark Shuttleworth comments that "so >> many divergent packaging systems in the free software world (and I >> include the various *bsd's) is a waste of time and energy" > > I couldn't agree more. But I cannot solve the problem of common > packaging format, so I am not trying to. The problem of common packaging > format is important from application developer view, because they have > to create many packages. I am trying to solve the problem from user > point of view, so that he does not have to choose from that plethora of > formats/distributions/versions. Drive-by href: http://autopackage.org/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Krzysztof Lichota: > Greg K Nicholson napisał(a): >> The apt protocol ( https://wiki.ubuntu.com/AptFirefoxFileHandler ) will >> fix this. > > Yes, this is similar to what I want to achieve, but: > - it does not provide information for different distributions and other > systems than APT > - it does not provide multiple versions for different distribution versions > - it does not provide localized application descriptions > > And I do not think such amount of information should be put in URLs, it > is just too big. URLs should not hold data. For a start, as has been suggested elsewhere, it should be renamed to a generic “install” URI scheme, rather than apt. That's just cosmetic. Perhaps all that other information doesn't need to be included in the URL. The installation system could be backed up by a remote library that provides all the extra information. (Let's call this the Remote Universal Metadata Library idea.) The URL would only have to contain the name of the package that should be installed (and perhaps optionally a version range). Once the installation of a particular package/version has been initiated, the user's computer would request all the other information about that package/version from the remote library, a service running on some web server that's known to be trusted. The user's computer would have a list of library servers (provided by the distro, like the default repositories' addresses are); if one is unavailable it would try another. Encryption and so on would be applied as appropriate (and for anything else I fail to mention, assume the best solution you can think of). All library servers would be completely interchangeable as far as the user's computer is concerned. Either they would all be mirrors of each other and offer exactly the same information, applicable to all distros (and not necessarily restricted to Linux); or each server would hold a subset, and would (somehow) be able to redirect the user's computer to whichever server holds the appropriate subset for any case. I imagine that the major Linux vendors would each host a library server, SourceForge might have one too, as would some or all of the servers that currently provide mirrors for open source projects' downloads. Remember, we're only dealing with short snippets of metadata, not the installers themselves, so this isn't a universal repository of all software — just a universal repository of all software installation metadata (ideally). I assume something like Bazaar (with which I'm only cursorily familiar) could make it possible for all the servers to talk to each other peer-to-peer-style, so that even tiny distro makers can share their metadata with the big guys. And there'd be some magical system to ensure that no single library server gets pummelled harder than it has to — Mozilla's Bouncer tool might be in the right area. The user's computer would send to the library server the name (and version range) of the package to be installed, plus all the relevant details of the user's computer, presumably as a user agent string. The relevant details are probably (at least) distro, distro version, hardware architecture, user language/locale(s) and preferred installation method(s)—apt, rpm, source, whatever. The library server would know what the current version of the package is for that distro/version/architecture/language/install-method combination, what repositories and gpg keys need to be added (if applicable) and so on. If a package goes by different names in different distros, the library would know which names are equivalent and offer the right one for the user's distro. For distros that don't use a packaging system (such as those from Redmond and Cupertino), the library should be able to return the URL of an appropriate webpage or (distinctly) an installer. I'm visualising this library as a vast table with program versions down the left, and distro/version/etc combinations across the top. At the intersections are instructions like: http://bar.example.com";>foo Sometimes there are several instructions: http://bar.example.com";>foo http://baz.example.org/gpgkey For Windows (and similarly for OS X) the instructions might be: http://quux.example.net http://quux.example.net/monkeys.exe (That's choice for the user's computer; it needn't necessarily be shown to the user every time.) Gentoo might use: http://cheese.example.org/src.tar.gz (or however Gentoo works.) The library server would send back — possibly in a simple XML dialect, as above — all the information the user's computer needs to be able to install the software with no help from the user, although the user would probably be shown what was about to happen and would have to confirm the installation. Of course, the UI implementation would be up to each distro. So, given the name of a piece of software you want to install, and the details of the computer you want to install it on, this
Re: Announcement: One Click Installer
On Monday 06 August 2007 17:09, Chris Wagner wrote: > Every time someone comes up with a new, more-intuitive way to install > software on Linux, there seems to be more negative comments about it > than positive. I recall similar comments when Gdebi was proposed, but > it seems to have gone over okay. Gdebi at least uses packages intended for use in the Debian package management system (personally, I think it's a mistake for it to be installed by default, but that's another arguement). What I have yet to see is an automated way to make packages that consistently and reliably work across multiple architectures on diverse hardware. The issue isn't making installation easy, the issue is the reliability and usability of the underlying packages that have not been designed for our packaging system. I could see extending the gdebi UI to support multiple package installation, but before we get into making foreign packages easy to install, I think we should figure out if they are actually going to work reliably enough. Scott K -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Chris Wagner napisał(a): > Every time someone comes up with a new, more-intuitive way to install > software on Linux, there seems to be more negative comments about it > than positive. I recall similar comments when Gdebi was proposed, but > it seems to have gone over okay. > > I only see one major flaw in Krzysztof's model: security. (Am I wrong? > Are there other serious problems?) Unfortunately, that's arguably the > most important issue. Rather than shrug off this solution, though, why > not come up with a mechanism for making it (at least somewhat) secure? I completely agree the security is important. One Click Installer files can be signed using GPG key. If the file is unsigned, user is asked if he wants to proceed with explanation why he should not install not signed file and the default option is to cancel installation. In first implementation I have completely disallowed unsigned files, but it would prevent creating installation files by anyone else than distribution developer with access to its signing key. So I dropped it as too strict. But it is easy to provide, for example, a configuration option to forbid installing unsigned files and provide way for advanced users to skip it. If the file is signed, but the key is not trusted (see below), the installation stops with verification failure. The trust delegation is currently based on keys used by apt. If the key is trusted by apt to sign repositories, then it is trusted to sign installation files. In particular, keys used to sign Ubuntu archive are trusted as signers of installation files, so Ubuntu developers can sign installation files they think are trustworthy and they will be shown as trusted by Ubuntu users of One Click Installer. The rationale behind that is that if key is trusted to install packages, then these packages can do anything during installation or later as they run with root privileges during installation. The undesirable effect of this scheme is that if you install repository of some person you delegate the trust to create installation files to him. If someone can come up with better scheme, I would be happy to implement it in One Click Installer. > Krzysztof's solution seems like the quickest possible way to have a > cross-distro (even potentially to non-Linux OS's) method for installing > software. Exactly, One Click Installer file can hold any kind of installation data, even for FreeBSD, Solaris or any other OS. > Of course, the ideal solution would involve all Free Software > platforms using a common, all-in-one package management system, but that > day is a bit far off. Right. We have to do whatever we can until this day comes :) > Installing software via the Web is not just a bad habit created by > Microsoft Windows; it makes sense. What isn't a good idea, is > installing random bits of software from untrusted sources. Even as an > advanced GNU/Linux user, I would venture to say that I *usually* > discover new software via the Web. For me, a system like "One Click > Installer" is just an extra convenience (it often just saves me the time > of "apt-get install ..."). For most people, however, it could be the > difference between understanding how to get along with Linux, and not. I couldn't agree more. Thank you for your balanced and insightful post :) Krzysztof Lichota signature.asc Description: OpenPGP digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Greg K Nicholson napisał(a): > Conrad Knauer: >> On 8/6/07, Krzysztof Lichota <[EMAIL PROTECTED]> wrote: >>> Package installation applications (Synaptic, Adept) and apt repositories >>> do not solve the problem for the following reasons: >>> 1. Repositories must be added manually and this exceeds skills of >>> average Windows user. Keys must be added also and repositories updated. >>> Too many steps, too difficult. >> Solve this! :-) >> >> Seriously, this is the problem that needs a good solution. > > > The apt protocol ( https://wiki.ubuntu.com/AptFirefoxFileHandler ) will > fix this. Yes, this is similar to what I want to achieve, but: - it does not provide information for different distributions and other systems than APT - it does not provide multiple versions for different distribution versions - it does not provide localized application descriptions And I do not think such amount of information should be put in URLs, it is just too big. URLs should not hold data. Krzysztof Lichota signature.asc Description: OpenPGP digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Kevin Fries napisał(a): > On Mon, 2007-08-06 at 13:03 -0600, Conrad Knauer wrote: >> Individual DEB files installed with Gdebi provide this sort of thing >> currently (e.g. try http://www.getdeb.net/) > > Or even better: > > http://digg.com/linux_unix/Ubuntu_Install_applications_from_Internet_with_a_single_click?t=7711876 > > This solution works first of all within the existing distribution tools, > and second without trying to turn Linux into Windows. We all know how > well the first Windows turned out, and the OP does not get that point. > People are seeking something better than Windows. Many will tell you > otherwise, but when pushed, I think overall satisfaction with Windows is > right up their with the cell phone companies... Nobody is happy, but > don't feel that Linux or Mac are realistic choices... Resolving that > misconception about the usability of Linux is how we solve Bug #1. I am not suggesting to create installers like in Windows. If you look at the architecture of One Click Installer, it leverages good ideas in Linux software management (packages with software for easy uninstallation without leaving rubbish, dependencies, repositories, signing, etc.) to create ease of use similar to Windows installers or even better (one link to click for all versions, not a few). As for apt:// protocol idea, it has the same problem as Klik - centralization. In order to have flourishing software ecosystem we have to provide third party application developers, packagers and users opportunity to provide their own installation repositories, which suit their needs. Krzysztof Lichota signature.asc Description: OpenPGP digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Conrad Knauer napisał(a): >> The problem: >> - Users coming from Windows (and in general beginners) want installation >> of applications to be as easy as possible. Download, Next, Next, Done >> kind of experience. > > Individual DEB files installed with Gdebi provide this sort of thing > currently (e.g. try http://www.getdeb.net/) Yes, but many applications consist of more than one package. Example from the top of http://www.getdeb.net/: X-Moto 0.3.2 Download: xmoto (1.0 Mb) , xmoto-data (6.9 Mb) User must install 2 packages, in proper order, or the installation will fail. It also does not support security upgrades as you install deb, not repository. By combining http://www.getdeb.net/ with One Click Installer you can create great online software repository, exactly what I hope to become true. So thanks for pointing it out, I will contact them to see if they are interested. >> - If you start talking about command line and adding keys, repositories, >> etc. you have lost them. They will not understand and they will not >> _want_ to dig into technical details. > > It sounds like this step should be improved then; maybe a GUI tool to > add the most popular repositories? (e.g. I added Kubuntu's > "kde-latest", Medibuntu, Wine, Miro, Opera, VirtualBox and Google) Average user is not interested in "repository" concept, as I tried to explain in my post. They do not want understand why it is needed and they should not be forced to. It is technical detail. >> - There is plenty of packaging formats used on Linux and average users >> do not want to know the differences between them, they just want to >> install application. > > In my experience, almost everything I ever wanted has been available > as a DEB. You miss my point. There are DEBs for Debian based distros, RPMs for RedHat based distros, ebuilds for Gentoo, etc. User does not want to be shown a page: "please choose your packaging format: deb, rpm, ebuild, etc." because he does not understand what is the difference and he does not care. It should work. >> Package installation applications (Synaptic, Adept) and apt repositories >> do not solve the problem for the following reasons: >> 1. Repositories must be added manually and this exceeds skills of >> average Windows user. Keys must be added also and repositories updated. >> Too many steps, too difficult. > > Solve this! :-) > > Seriously, this is the problem that needs a good solution. Well, I have solved it in One Click Installer - it automatically adds repository and key, then installs selected packages. >> 2. Users are not used to going to package management application to >> install application. They want to click link on application web page, >> download, run, Next, Next, etc. > > Ack! > > What you are describing, as a general practice rather than as the > occasional procedure for a DEB, is a return to the ugly and slow way > of doing things that I left far behind in Windows. Please no! > Synaptic (and similar, e.g. gnome-app-install) in Ubuntu work so > nicely with so little fuss. You are free to continue using Synaptic if it suits you, One Click Installer files do not affect that. >> 3. Package management applications are too bloated with features and >> contain thousands of applications. > > Generally speaking, if a program has good defaults, a user won't mess > with more advanced features... Synaptic doesn't seem overly complex > to me though. Maybe I am just very used to it :) Also, complaining > that there are too many apps in Synaptic is like complaining that > there are too many books in a library! ;) I am not complaining that there are too many books, but that it is not convenient for users to find them according to their criteria. And no - adding search with Boolean operators is not what I am talking about, it just isn't usable by average users. > Do remember that "average users" will probably NOT install an > alternative media player... Though for basic software installation I > think a site like http://ubuntuguide.org gives some good tips. Exactly. They install apps recommended in software reviews, guides, by people in forums, etc. > >> Users want to have >> some context - other users comments, grades, etc. > > gnome-app-install partially does this (popularity stars). If they > really want to research a program, users should look on the forums or > do a Google search. Grading apps can be rather subjective, ne? Exactly. There should be more than one place where apps can be graded with different angles - sites for begginers, sites for French users (with taking into account quality/lack of translation), sites for graphic designers, etc, etc. > Also, > think of how big the comments database for the ~20K Ubuntu packages > would be unless you really moderated it... in which case it would look > rather like the current description I suspect :) That's why it should be split between many web sites, each with different scope, users, moderators, etc. >> 4
Re: Announcement: One Click Installer
On 8/6/07, Greg K Nicholson <[EMAIL PROTECTED]> wrote: > > The apt protocol ( https://wiki.ubuntu.com/AptFirefoxFileHandler ) will > fix this. > > Can anyone tell if this will be implemented in time for Gutsy? Wouter. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Every time someone comes up with a new, more-intuitive way to install software on Linux, there seems to be more negative comments about it than positive. I recall similar comments when Gdebi was proposed, but it seems to have gone over okay. I only see one major flaw in Krzysztof's model: security. (Am I wrong? Are there other serious problems?) Unfortunately, that's arguably the most important issue. Rather than shrug off this solution, though, why not come up with a mechanism for making it (at least somewhat) secure? A user already has the means to screw up her system, using things like Automatix and Gdebi. "One Click Installer" may make it that much easier, but you can't lock the liquor in a cabinet forever; at some point the curious child must be taught how to use it responsibly. Krzysztof's solution seems like the quickest possible way to have a cross-distro (even potentially to non-Linux OS's) method for installing software. Of course, the ideal solution would involve all Free Software platforms using a common, all-in-one package management system, but that day is a bit far off. Installing software via the Web is not just a bad habit created by Microsoft Windows; it makes sense. What isn't a good idea, is installing random bits of software from untrusted sources. Even as an advanced GNU/Linux user, I would venture to say that I *usually* discover new software via the Web. For me, a system like "One Click Installer" is just an extra convenience (it often just saves me the time of "apt-get install ..."). For most people, however, it could be the difference between understanding how to get along with Linux, and not. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
Conrad Knauer: > On 8/6/07, Krzysztof Lichota <[EMAIL PROTECTED]> wrote: >> Package installation applications (Synaptic, Adept) and apt repositories >> do not solve the problem for the following reasons: >> 1. Repositories must be added manually and this exceeds skills of >> average Windows user. Keys must be added also and repositories updated. >> Too many steps, too difficult. > > Solve this! :-) > > Seriously, this is the problem that needs a good solution. The apt protocol ( https://wiki.ubuntu.com/AptFirefoxFileHandler ) will fix this. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
On Mon, 2007-08-06 at 13:03 -0600, Conrad Knauer wrote: > On 8/6/07, Krzysztof Lichota <[EMAIL PROTECTED]> wrote: > > > I would like to share with you the project I have been working for some > > time now which I think could help solving bug #1. > > > > The problem: > > - Users coming from Windows (and in general beginners) want installation > > of applications to be as easy as possible. Download, Next, Next, Done > > kind of experience. > > Individual DEB files installed with Gdebi provide this sort of thing > currently (e.g. try http://www.getdeb.net/) Or even better: http://digg.com/linux_unix/Ubuntu_Install_applications_from_Internet_with_a_single_click?t=7711876 This solution works first of all within the existing distribution tools, and second without trying to turn Linux into Windows. We all know how well the first Windows turned out, and the OP does not get that point. People are seeking something better than Windows. Many will tell you otherwise, but when pushed, I think overall satisfaction with Windows is right up their with the cell phone companies... Nobody is happy, but don't feel that Linux or Mac are realistic choices... Resolving that misconception about the usability of Linux is how we solve Bug #1. Bug #1 is NOT, and I can not emphasize this enough, _NOT_ going to get fixed by offering the same old broken solution. Many of the problem with the Windows environment is caused by their software installation process (beyond the scope of this thread). The article above in my opinion offers the hope of a better solution, though this cookie is not completely baked. It allows users to seek better solutions in the forums, where they are more likely to be looking for one. It allows software distribution and support to be integrated, so that support leads to solution. This is not the same old broken system. It also encourages uses to discuss these things in forums, where developers can get a getter indication of what people are looking for. There are lots of wins here. I would love to see a similar setup for the repositories also. However, we need to proceed with caution here. If a user has to maintain too many repositories in order to get all their software, that becomes more difficult than anything on the market now. Imagine Oracle maintains their own repository, so does google, so does apache, etc. Having a few repositories actually decreases problems. Look at the Fedora situation... different sets of repositories that are incompatible with one another. If we really want to move backwards on bug #1, lets encourage lots and lots of people to go out and build their own repositories without some sort of approval process. Just my thoughts on this matter. -- Kevin Fries Senior Linux Engineer Computer and Communications Technologies, Inc. a division of Japan Communications, Inc. signature.asc Description: This is a digitally signed message part -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Announcement: One Click Installer
On 8/6/07, Krzysztof Lichota <[EMAIL PROTECTED]> wrote: > I would like to share with you the project I have been working for some > time now which I think could help solving bug #1. > > The problem: > - Users coming from Windows (and in general beginners) want installation > of applications to be as easy as possible. Download, Next, Next, Done > kind of experience. Individual DEB files installed with Gdebi provide this sort of thing currently (e.g. try http://www.getdeb.net/) > - If you start talking about command line and adding keys, repositories, > etc. you have lost them. They will not understand and they will not > _want_ to dig into technical details. It sounds like this step should be improved then; maybe a GUI tool to add the most popular repositories? (e.g. I added Kubuntu's "kde-latest", Medibuntu, Wine, Miro, Opera, VirtualBox and Google) > - There is plenty of packaging formats used on Linux and average users > do not want to know the differences between them, they just want to > install application. In my experience, almost everything I ever wanted has been available as a DEB. Its only rarely that I can only download a TAR of what I want and rarer still to only find a RPM. For Ubuntu, I think that this isn't a problem... unless a user is still in Windows mindset and wants to run EXEs ;) Then there's Wine (though they will likely soon figure out that DEBs work much better with their system :) > Package installation applications (Synaptic, Adept) and apt repositories > do not solve the problem for the following reasons: > 1. Repositories must be added manually and this exceeds skills of > average Windows user. Keys must be added also and repositories updated. > Too many steps, too difficult. Solve this! :-) Seriously, this is the problem that needs a good solution. > 2. Users are not used to going to package management application to > install application. They want to click link on application web page, > download, run, Next, Next, etc. Ack! What you are describing, as a general practice rather than as the occasional procedure for a DEB, is a return to the ugly and slow way of doing things that I left far behind in Windows. Please no! Synaptic (and similar, e.g. gnome-app-install) in Ubuntu work so nicely with so little fuss. > 3. Package management applications are too bloated with features and > contain thousands of applications. Generally speaking, if a program has good defaults, a user won't mess with more advanced features... Synaptic doesn't seem overly complex to me though. Maybe I am just very used to it :) Also, complaining that there are too many apps in Synaptic is like complaining that there are too many books in a library! ;) "Wer die Wahl hat, hat die Qual." As they say... > Even with categories it is hard to > find application that the user needs (think "I want a movie player"), > especially if they do not know name and are presented with 10 > applications which they do not know and all do the same or differ in > technical details (e.g. uses Xine or uses GStreamer). Do remember that "average users" will probably NOT install an alternative media player... Though for basic software installation I think a site like http://ubuntuguide.org gives some good tips. > Users want to have > some context - other users comments, grades, etc. gnome-app-install partially does this (popularity stars). If they really want to research a program, users should look on the forums or do a Google search. Grading apps can be rather subjective, ne? Also, think of how big the comments database for the ~20K Ubuntu packages would be unless you really moderated it... in which case it would look rather like the current description I suspect :) Maybe suggest adding such features to the packages.ubuntu.com website though... > 4. Application descriptions are in English (I know about DDTP, but AFAIK > it does not work). Many users do not know English and they want > information about applications in their language, on native portals with > applications (like localized Tucows). [...] http://www.flickr.com/photos/annoiato/275701797/ I would clearly describe that as a bug, yes, but something like DDTP should be the solution. > 5. User must know that he is using APT with DEB packages. As there are > separate APT repositories for each distribution version and user must > also know what distribution he is using which version, choose > appropriate repository, etc. This is just an extension of point #1... > 6. If user is using some other distribution than Debian-based he is even > more in pain, he has to know what package format to use (DEB, RPM, TGZ, > Ebuild, ...), what channel (APT, yum, Yast, ZMD, etc.), what distro, > which version. Um... how does this affect Ubuntu? I note, later on in your e-mail that you have in mind basically a front-end for just about any package management system. That's one way towards getting a unified Linux package management system, though Mark Sh
Announcement: One Click Installer
I would like to share with you the project I have been working for some time now which I think could help solving bug #1. The problem: - Users coming from Windows (and in general beginners) want installation of applications to be as easy as possible. Download, Next, Next, Done kind of experience. - If you start talking about command line and adding keys, repositories, etc. you have lost them. They will not understand and they will not _want_ to dig into technical details. - There is plenty of packaging formats used on Linux and average users do not want to know the differences between them, they just want to install application. Package installation applications (Synaptic, Adept) and apt repositories do not solve the problem for the following reasons: 1. Repositories must be added manually and this exceeds skills of average Windows user. Keys must be added also and repositories updated. Too many steps, too difficult. 2. Users are not used to going to package management application to install application. They want to click link on application web page, download, run, Next, Next, etc. 3. Package management applications are too bloated with features and contain thousands of applications. Even with categories it is hard to find application that the user needs (think "I want a movie player"), especially if they do not know name and are presented with 10 applications which they do not know and all do the same or differ in technical details (e.g. uses Xine or uses GStreamer). Users want to have some context - other users comments, grades, etc. 4. Application descriptions are in English (I know about DDTP, but AFAIK it does not work). Many users do not know English and they want information about applications in their language, on native portals with applications (like localized Tucows). 5. User must know that he is using APT with DEB packages. As there are separate APT repositories for each distribution version and user must also know what distribution he is using which version, choose appropriate repository, etc. 6. If user is using some other distribution than Debian-based he is even more in pain, he has to know what package format to use (DEB, RPM, TGZ, Ebuild, ...), what channel (APT, yum, Yast, ZMD, etc.), what distro, which version. Now compare it to installation on Windows - user goes to Google, types "movie player download" or browses some application catalog like Tucows, selects one with best reviews, downloads installer (in most cases he has to choose between installer for Windows 98/ME and installer for Windows 2000/XP), 3 clicks and he is done. So, here is my shot at solving this problem - One Click Installer (http://code.google.com/p/one-click-installer/). The idea is similar to this implemented in https://wiki.ubuntu.com/ThirdPartyApt, but with broader scope (supporting all distributions, not only Debian-based) and more features. Installation file can contain definitions for multiple distributions, multiple channel types (APT, YUM, etc.). There is a possibility to specify package sets in installation file to provide similar experience as in Windows installers (for example adding option to install documentation, fonts, language support, etc.). You can see example at this screenshot: http://one-click-installer.googlecode.com/svn/trunk/screenshots/en/mplayer-signed/step3-package-selection.png User is presented with single link which spawns installation wizard for any supported distribution. For screenshots of wizard see: http://code.google.com/p/one-click-installer/wiki/Screenshots Link can be put anywhere: on web page (online catalog, application home page), blog ("look what cool application I have found", forum ("install this application to get wireless connection management"), etc. Installation file format supports localization of descriptions which are shown to user when installing. Installation tool itself can also be localized using .po files. Using One Click Installer it is possible to turn the whole huge (and nightmare for average users) installation page for Scribus (http://www.scribus.net/index.php?name=Sections&req=viewarticle&artid=4&page=1) into one link: http://ola-os.com/inne/one-click-installer/oci/scribus-unsigned.oci";>Install Scribus See: http://code.google.com/p/one-click-installer/wiki/ExampleInstallationFiles A few words about implementation: - Installation file can be signed using distribution GPG key to provide safety against tampering and confirm that it is not malware. For now, keys added using apt-key are allowed as signing keys. There is also a possibility of creating unsigned installation files or signing using untrusted key (as a verification measure or when key is distributed using some other way). - Tool is implemented in Python. - Currently tool works on Ubuntu (should work also on Debian) using APT repositories, file format can handle also other software channels and package formats. - Tool frontend is written in Qt, but due to strict separation of front