Re: tlug: rpms

[Jonathan Byrne <j-byrne@example.com>]

Thomas O'Dowd (tom@example.com) wrote:


<Chris>
> > > To hell with that.
> > > 
> > > * Thou shalt not install precompiled binaries.
> > > * RPM != Linux
> > > * RPM != manual install, for that matter.
</Chris>



<Scott>
> > I concur, with one caveat - it's probably ok for most people to download
> > the .src.rpm and do an rpm --rebuild on YOUR box, so you know that
> > everything is compiled and linked against your libraries with your
> > compiler and such.
</Scott>

> I don't really agree with this. To a person who wants to hack around on their
> OS, learn all about it, perhaps write some code, configure procmail, uses vi
> or emacs or ex instead of notepad, who builds their own machines and tinkers
> with source code, yes, you won't need to go near rpms.
> 
> However rpms are making linux available to a wider audience (helixcode has
> taken it to the next level by putting a wrapper around package techniques,
> have a look at their updater). Some people believe it or not, want to use
> the productivity side of the OS (yes we're getting there), the suite of tools

Without even having to resort to the argument that using the productivity
side != a license to be ignorant (Chris will pounce on that himself)
and going on about how people who just want to have their Linux box
be a black box and thereby contribute to things like DDoS attacks
(for which I also heap some blame on distributors who ship ridiculous
configurations like telnet and ftp enabled by default - every single
line in my inetd.conf is commented out, and I'd call that a reasonable
default), I will say that there are some good, practical reasons for
doing what Chris and Scott suggest.

First, not all RPMs are created equal.  Quite a few distros all
use the RPM format, but those distros are not 100% mutuallly compatible.
A binary RPM built on and for one may well not work on another, but
you may be able to install it.  Then you may later find that you broke
something.  Case in point: talking about Helixcode Gnome, someone
(was it you?  I forgot) said he installed Helixcode Gnome and it
broke his Japanese environment.  Now, if you look at the compatibility
list for Helixcode Gnome, it does list TurboLinux 6, but makes
no comment on language versions.  What it should say is TurboLinux
6.0 English version.  You have to be careful what binaries you install.
RPMs do a reasonable job of keeping you from shooting yourself in the
foot, but they aren't perfect.  And of course, you can use the nodeps
flag to go ahead and blow your foot off anyway, if you really want to.

Tarballs, of course, will just let you go ahead and shoot.

So without discussing security implications like compromised binaries,
we now see that it's the case that compiling from source is your
best guarantee that a given package will work on your machine.
A Red Hat binary will like as not fail to work on TurboLinux
(non-English TL, especially), but if you build it from source
by typing RPM --rebuild your.src.rpm.here you may get a usable binary
RPM out of it.  Not always, but you might.

My practice is generally not use RPMs, except those that come with
the distro CD.  I prefer source tarballs, which all get installed
in /usr/local/.  Makes upgrading or reinstalling your OS pretty 
painless.

> graphics programs, etc. some perhaps want to run a small SOHO using linux.
> Most of these people aren't tinkerers, they don't want to know how things
> work, would die of fright if they had to compile something or look at a 

They already have computers for those people.  Honestly, if you don't
want to know how things work, you shouldn't be using Linux or any
other flavor of UNIX.  These are at their heart server operating systems.
By being willfully ignorant, people ignore their responsibility to have
a properly secured and configured system.  Anybody who doesn't want to
learn administrative level things shouldn't run NT (server, especially),
for the same reason.

Those who don't want to know can get an iMac or a Win9x machine and
do everything the nice paperclip tells them to.  I mean, c'mon, do you
really want people who jumped write on mail with an ILOVEYOU subject
line and opened up the attachment to be using Linux?  After all the 
warnings about not trusting any attachment you haven't virus-scanned
and even then not trusting it?

Yes, Linux has a lot of great productivity apps these days,and I use
some.  It also has what I consider to be the two best GUIs around, 
Gnome and KDE (I'm a Gnome guy myself).  But by saying "I don't
want to know, help me, paperclip, help me!" you can not only shoot
yourself in the foot, but others, too.

The real answer to the question, "When will Linux be ready for
the masses" is something like "When distributors start selling
distros that come with every service disabled by default, and you
have to know what it is and how and where to turn it on if you
want it, and the only place anyone can log in is at the local console."

OK, I know some people will say the real answer is "never," but
a really security-hardened Neophyte install level would help
a lot.  I understand Mandrake has different security levels from
Beginner to Hacker that it can be set to, and this sounds like a 
step in the right direction.


> configuration file. gnome, kde, package management programs like rpm are all
> making it more and more possible for people like these to use linux instead
> of ms.

I used to think this was definitely a GoodThing.  Now, as you can see, I'm
no longer so sure.  Yeah, it's great to have good hardware support, to
see vendors pay attention to Linux, and to see that supoprt come out in
a more timely manner.  It's great that we have more software of all
kinds to choose from than ever before.  But a standard Linux distro
is not something that should be unleashed on a newbie.  It's not
a matter of ease of use.  It's a matter of security, and the fact
that complex systems do (and should) require some knowledge on the
part of their users.  When I started with Linux back in 1997, it
was challenging enough to scare off people who didn't know computers.
I was already a pretty knowlegeable Windows user then, and built
my own computers rather than buy them.  But Linux was my first *nix,
and I found it quite challenging.  It was a lot harder to install
and make work then it is now.  All documentation and most
third-party books assumed prior UNIX experience.  I had none.

But I did have determination, lots or prior computer experience,
and lots of help from people in TLUG.  I've been using Linux
for nearly three years now, and still have quite a bit to learn.
Linux has changed a lot in that time, and I think those changes
are for the better, but it has not become an OS for those who
don't want to know.  Probably, it never will. That's not
a bad thing.  Those who don't want to know can keep buying
iMacs and Win9x boxes, and buying new cars and driving them
until they run out of oil and seize up because they don't want to 
know what's going on under the hood.  And don't forget to do
what the nice paperclip says.

This doesn't mean I don't welcome people new to Linux into the
community; I do.  If they have no prior UNIX, as I didn't, fine.
But I think you would find pretty broad support among Linux
users that the ante to get into the game is a desire to learn.
Those who want it all done for them will be dissapointed with
Linux and its community, because they won't find that here.
Those who want to learn will not be disapointed, because they
will find lots of knowledgeable and helpful people who are willing
to help them learn.

I would actually suggest BeOS to the DontWannaKnows, but then they would
be stuck in the situation Linux used to have.  Just about zero
productivity apps, which is what they need.  But BeOS is great.
If the apps were there, it would be something for MS to be scared
of.  Far more than they should be scared of Linux.  It's stable,
reliable, has a nice UI, and but doesn't have the
complexity of UNIX.  It's an end user oriented OS, and a good one.

Now, if you'll excuse me, I have to go back to working on the 
coffin that Chris was kind enough to send me plans(1) for  :-)

Jonathan Byrne <j-byrne@example.com>               Engineering Division
Exodus Communications K.K./Global Online Japan      http://www.gol.com/
Tel:  +81 3-5334-1700   Fax: +81 3-5334-1702        Direct: +81 3-5334-1756


(1) The Coffin-HowTo, of course  :-)

-----------------------------------------------------------------------
Next Meeting (w/ YLUG): June 16 (Fri) 19:00 Mizonoguchi Marui Family 12F
Next Technical Meeting: July 8 (Sat)  13:30 Topic: TBA
-----------------------------------------------------------------------
more info: http://www.tlug.gr.jp        Sponsor: Global Online Japan