On Wed, Jun 15, 2022 at 09:11:34AM +0200, Jan Engelhardt wrote:
On Wednesday 2022-06-15 02:51, Aaron Puchert wrote:
Am 14.06.22 um 10:55 schrieb Richard Brown:
Some problems this is trying to solve: Avoidance of the "one system version of X" issue.
[…] sounds great […does not work].
Containerising YaST enables us to have as few of those language stacks as possible in the base and lets us ensure we only ship YaST with a configuration we know YaST was built to work with.
[…]this encourages bad habits […] What often happens (and is the reason for pinning) is that developers rely on undocumented behavior that breaks in future versions […] Compiling or running software against different stacks often uncovers real issues. […] If some software needs precisely defined dependencies, it's likely just very brittle and the bugs […]
Reject agile development, return to normal hacking.
Agile development is great at sometimes for some things and bad at other times for other things. Wasn't Linux initially about choice?
* Avoidance of the "everything is installed on the system as root" issue. RPMs when installed effectively execute as root, not only installing the binaries where we tell them to, but running whatever scripts we like to touch whatever we want on your system.
How many post scriptlets are really needed? Of 11k %post, 4k are just for ldconfig alone -- the rest is likely custom shelling that's not immediately line-grepable but barely more than {ldconfig, update-alternatives, fc-cache, things like that} either. We ought to put a focus on using more file triggers.
Or maybe we should document rpm so people can use its features with confidence? Wait, there isn't any actual rpm specification. Some random blog posts and guides how to do something, sure. But spec file grammar? Exact meaning of the standard rpm tags? Nope. And we aren't the upstream so can't define what is the API and what is just property of current implementation and subject to change. In fact, many things do change from version to version, and some of the chages are quite unexpected and break things. Maybe if the very base of our distribution packaging is something that cannot be relied on then switching to containers makes a lot of sense - our distribution has that brittleness that containers workaround built inherently into its very base. Thanks Michal