1 |
On Wed, 14 Mar 2007 13:31:57 -0700 "M. Edward (Ed) Borasky" |
2 |
<znmeb@×××××××.net> wrote: |
3 |
> 1. As far as I'm concerned, the one thing that absolutely positively |
4 |
> should have happened now but hasn't is some scheme where you have |
5 |
> something like Red Hat/Fedora's "green checkmark/red bang" indicator |
6 |
> on your desk, indicating whether your system is up to date, and a |
7 |
> classification of the available updates into security, bug fixes and |
8 |
> enhancements. I don't ever remember how long Red Hat has had that, |
9 |
> and I know Debian and the other apt-based package managers have |
10 |
> something similar, even if it's just a command-line level. On Gentoo, |
11 |
> even with the latest Portage, I do "emerge --sync; emerge -puvDN |
12 |
> world" and just get a list. There's no way to tell which of those are |
13 |
> must-haves for security without reading changelogs. |
14 |
|
15 |
paludis has a --report that wouldn't be tooooo hard to copy or adapt |
16 |
for a graphical environment. The tree doesn't carry information about |
17 |
whether an upgrade is important or not, however (security aside), so |
18 |
one of the following would have to happen for non-security critical |
19 |
updates: |
20 |
|
21 |
* Affected versions would have to be package.masked |
22 |
|
23 |
* A GLEP 42 news item would have to be released |
24 |
|
25 |
* GLSAs would have to be extended to do non-security things. |
26 |
|
27 |
Personally I'd find the second option most useful, and it wouldn't be |
28 |
hard to deliver... |
29 |
|
30 |
> 2. Just last year, the organization that is developing the LSB (Linux |
31 |
> Standard Base) standards got around to forming a working group on |
32 |
> package management. Bluntly put, everybody's package management sucks |
33 |
> in some way or another, and there are three major Linux package |
34 |
> management systems (RPM, apt and Portage) in addition to Perl, |
35 |
> Python, Ruby, PHP and R all having their own package management |
36 |
> systems. But ... the Red Hat/RPM/yum folks were there ... the |
37 |
> Debian/Ubuntu/apt folks were there ... and I think the Perl and |
38 |
> Python people were there ... Gentoo wasn't! |
39 |
|
40 |
The LSB sucks even more than not having a standard at all. This one's |
41 |
been discussed at length previously. |
42 |
|
43 |
> > * Similarly, the belief that Portage defines Gentoo and represents a |
44 |
> > lot of work. The tree defines Gentoo, and contains far more code |
45 |
> > than a mere package manager. |
46 |
> > |
47 |
> The tree, like an ordinary tree, is a complex adaptive system, |
48 |
> including code, developers and users. I obviously don't have the same |
49 |
> insight as a developer, but I think it's in pretty good shape. As |
50 |
> near as I can tell, it's second only to Debian in terms of its size. |
51 |
> There may be more RPMs world-wide than there are .debs or ebuilds, |
52 |
> but they *aren't* all together in one place. |
53 |
|
54 |
The tree is in better shape than Portage, yes. If you think it's ideal, |
55 |
you're probably not asking yourself the right questions... |
56 |
|
57 |
> > * The wrong idea of what the user base is, and what the target user |
58 |
> > base is. Gentoo's direction is too heavily influenced by a small |
59 |
> > number of extremely noisy ricer forum users, many of whom don't |
60 |
> > even run Gentoo. Unfortunately, this self-perpetuating clique |
61 |
> > wields huge amounts of influence. |
62 |
> |
63 |
> You may not know what the user base is, but you can probably get a |
64 |
> pretty good idea of how *large* it is relative to Fedora, Ubuntu, |
65 |
> Debian and openSuSE by doing some simple web page hit statistics |
66 |
> research using publicly-available tools and data. And I think you'll |
67 |
> be amazed at how small that base is. Distrowatch was right about that |
68 |
> part -- Gentoo "share of mind" is dropping and dropping rapidly, |
69 |
> although I don't think it's because of misbehavior in the community. |
70 |
> I think it's because: |
71 |
> |
72 |
> a. Daniel Robbins left and went to Microsoft, leaving no "Mr. |
73 |
> Gentoo", and |
74 |
|
75 |
Eh, that's not really relevant. You're assuming that Daniel was hugely |
76 |
influential right up until he left. That isn't the case. |
77 |
|
78 |
> b. No effort to seek corporate support, at least none that I'm aware of. |
79 |
|
80 |
Gentoo can't deliver anything amazingly useful to corporations with |
81 |
Portage the way it is. If Gentoo had a package manager that could |
82 |
handle managing large numbers of non-identical systems with ease it |
83 |
would have a major selling point. |
84 |
|
85 |
Gentoo doesn't have lots of users because it has nothing to offer most |
86 |
people over the competition. What was unique five years ago is now |
87 |
largely irrlevant due to improvements in the competition. By not |
88 |
keeping up, Gentoo is getting Red Queened. |
89 |
|
90 |
-- |
91 |
Ciaran McCreesh |
92 |
Mail : ciaranm at ciaranm.org |
93 |
Web : http://ciaranm.org/ |
94 |
Paludis, the secure package manager : http://paludis.pioto.org/ |