[openFATE 307787] Protection against modifying of system libraries
Feature added by: Mircea Kitsune (MirceaKitsune) Feature #307787, revision 1 Title: Protection against modifying of system libraries openSUSE-11.3: Unconfirmed Priority Requester: Important Requested by: Mircea Kitsune (mirceakitsune) Description: A few days ago I made a mistake that caused me to brake my KDE and Linux installation. Although the fault was mine, I believe OpenSuse should have a protection against dangerous system changes or at least signal the user clearly when a change to system packages could damage important components. What I did was upgrading Pidgin messenger from version 2.5.1 to 2.6.2, but selecting the 32bit version from the repositories instead of the 64bit one (the installed 2.5.1 was the correct 64bit version). I didn't realize it and Yast replaced KDE and system libraries with 32bit versions, ripping the install apart. OpenSuse did not notify me that I would replace and brake system components, and everything appeared like a normal installation. Although I learned from my mistake and should have better reviewed the list of changes, I believe OpenSuse should have not allowed such a change rather than letting it seem like a normal installation. This is dangerous for new users who may not be aware of such dangers and only learn after braking their first OpenSuse install. Test Case: On a 64bit version of OpenSuse 11.1 KDE4 which has Pidgin 2.5.1-x.x-x86_64 installed: 1 - Open Yast -> Software Management, and add the following repository in Configuration -> Repositories: http://download.opensuse.org/repositories/GNOME:/Factory/openSUSE_11.1/ 2 - Refresh it then return to the search screen and search for Pidgin. Select pidgin from the packet list and in the Versions tab below select "2.6.2-x.x-i586 from gnome-repo" and click Accept. 3 - A conflict window will appear, mentioning you can either take some actions to resolve the conflict, not install pidgin, or ignore some of its dependencies. Under "Following actions will be done" there is a "369 more" list which includes important system libs that would be changed with 32bit versions. 4 - If the user is a Linux beginner and has commonly avoided such conflict windows, he may not give enough attention to this nor realize he has selected the i586 version and choose to replace the libraries. Once installation is done KDE and Linux core components are broken and the OpenSuse installation damaged. This is an example screenshot (I have the correct version of 2.6.2 already installed, consider it's 2.5.1-x86_64 at the top): http://img27.imageshack.us/img27/9106/installg.jpg -- openSUSE Feature: https://features.opensuse.org/307787
Feature changed by: Mircea Kitsune (MirceaKitsune) Feature #307787, revision 3 Title: Protection against modifying of system libraries openSUSE-11.3: Unconfirmed Priority Requester: Important Requested by: Mircea Kitsune (mirceakitsune) Description: A few days ago I made a mistake that caused me to brake my KDE and Linux installation. Although the fault was mine, I believe OpenSuse should have a protection against dangerous system changes or at least signal the user clearly when a change to system packages could damage important components. What I did was upgrading Pidgin messenger from version 2.5.1 to 2.6.2, - but selecting the 32bit version from the repositories instead of the - 64bit one (the installed 2.5.1 was the correct 64bit version). I didn't + but selecting the 32bit version from repository instead of the 64bit + one (the installed 2.5.1 was the correct 64bit version). I didn't realize it and Yast replaced KDE and system libraries with 32bit - versions, ripping the install apart. OpenSuse did not notify me that I - would replace and brake system components, and everything appeared like - a normal installation. + versions. OpenSuse did not notify me that I would replace and brake + system components, and everything appeared like a normal installation. Although I learned from my mistake and should have better reviewed the list of changes, I believe OpenSuse should have not allowed such a change rather than letting it seem like a normal installation. This is dangerous for new users who may not be aware of such dangers and only learn after braking their first OpenSuse install. Test Case: On a 64bit version of OpenSuse 11.1 KDE4 which has Pidgin 2.5.1-x.x- x86_64 installed: 1 - Open Yast -> Software Management, and add the following repository in Configuration -> Repositories: http://download.opensuse.org/repositories/GNOME:/Factory/openSUSE_11.1/ 2 - Refresh it then return to the search screen and search for Pidgin. Select pidgin from the packet list and in the Versions tab below select "2.6.2-x.x-i586 from gnome-repo" and click Accept. 3 - A conflict window will appear, mentioning you can either take some actions to resolve the conflict, not install pidgin, or ignore some of its dependencies. Under "Following actions will be done" there is a "369 more" list which includes important system libs that would be changed with 32bit versions. 4 - If the user is a Linux beginner and has commonly avoided such conflict windows, he may not give enough attention to this nor realize he has selected the i586 version and choose to replace the libraries. Once installation is done KDE and Linux core components are broken and the OpenSuse installation damaged. This is an example screenshot (I have the correct version of 2.6.2 already installed, consider it's 2.5.1-x86_64 at the top): http://img27.imageshack.us/img27/9106/installg.jpg -- openSUSE Feature: https://features.opensuse.org/307787
Feature changed by: Michal Marek (michal-m) Feature #307787, revision 5 Title: Protection against modifying of system libraries openSUSE-11.3: Unconfirmed Priority Requester: Important Requested by: Mircea Kitsune (mirceakitsune) Description: A few days ago I made a mistake that caused me to brake my KDE and Linux installation. Although the fault was mine, I believe OpenSuse should have a protection against dangerous system changes or at least signal the user clearly when a change to system packages could damage important components. What I did was upgrading Pidgin messenger from version 2.5.1 to 2.6.2, but selecting the 32bit version from repository instead of the 64bit one (the installed 2.5.1 was the correct 64bit version). I didn't realize it and Yast replaced KDE and system libraries with 32bit versions. OpenSuse did not notify me that I would replace and brake system components, and everything appeared like a normal installation. Although I learned from my mistake and should have better reviewed the list of changes, I believe OpenSuse should have not allowed such a change rather than letting it seem like a normal installation. This is dangerous for new users who may not be aware of such dangers and only learn after braking their first OpenSuse install. Test Case: On a 64bit version of OpenSuse 11.1 KDE4 which has Pidgin 2.5.1-x.x- x86_64 installed: 1 - Open Yast -> Software Management, and add the following repository in Configuration -> Repositories: http://download.opensuse.org/repositories/GNOME:/Factory/openSUSE_11.1/ 2 - Refresh it then return to the search screen and search for Pidgin. Select pidgin from the packet list and in the Versions tab below select "2.6.2-x.x-i586 from gnome-repo" and click Accept. 3 - A conflict window will appear, mentioning you can either take some actions to resolve the conflict, not install pidgin, or ignore some of its dependencies. Under "Following actions will be done" there is a "369 more" list which includes important system libs that would be changed with 32bit versions. 4 - If the user is a Linux beginner and has commonly avoided such conflict windows, he may not give enough attention to this nor realize he has selected the i586 version and choose to replace the libraries. Once installation is done KDE and Linux core components are broken and the OpenSuse installation damaged. This is an example screenshot (I have the correct version of 2.6.2 already installed, consider it's 2.5.1-x86_64 at the top): http://img27.imageshack.us/img27/9106/installg.jpg + Discussion: + #1: Michal Marek (michal-m) (2009-09-22 14:42:40) + The question is how such warning should be displayed, if the goal is to + catch attention of people who tend to ignore warnings in general... -- openSUSE Feature: https://features.opensuse.org/307787
Feature changed by: jpxviii jpxviii (jpxviii) Feature #307787, revision 6 Title: Protection against modifying of system libraries openSUSE-11.3: Unconfirmed Priority Requester: Important + openSUSE-11.4: Unconfirmed + Priority + Requester: Mandatory Requested by: Mircea Kitsune (mirceakitsune) Description: A few days ago I made a mistake that caused me to brake my KDE and Linux installation. Although the fault was mine, I believe OpenSuse should have a protection against dangerous system changes or at least signal the user clearly when a change to system packages could damage important components. What I did was upgrading Pidgin messenger from version 2.5.1 to 2.6.2, but selecting the 32bit version from repository instead of the 64bit one (the installed 2.5.1 was the correct 64bit version). I didn't realize it and Yast replaced KDE and system libraries with 32bit versions. OpenSuse did not notify me that I would replace and brake system components, and everything appeared like a normal installation. Although I learned from my mistake and should have better reviewed the list of changes, I believe OpenSuse should have not allowed such a change rather than letting it seem like a normal installation. This is dangerous for new users who may not be aware of such dangers and only learn after braking their first OpenSuse install. Test Case: On a 64bit version of OpenSuse 11.1 KDE4 which has Pidgin 2.5.1-x.x- x86_64 installed: 1 - Open Yast -> Software Management, and add the following repository in Configuration -> Repositories: http://download.opensuse.org/repositories/GNOME:/Factory/openSUSE_11.1/ 2 - Refresh it then return to the search screen and search for Pidgin. Select pidgin from the packet list and in the Versions tab below select "2.6.2-x.x-i586 from gnome-repo" and click Accept. 3 - A conflict window will appear, mentioning you can either take some actions to resolve the conflict, not install pidgin, or ignore some of its dependencies. Under "Following actions will be done" there is a "369 more" list which includes important system libs that would be changed with 32bit versions. 4 - If the user is a Linux beginner and has commonly avoided such conflict windows, he may not give enough attention to this nor realize he has selected the i586 version and choose to replace the libraries. Once installation is done KDE and Linux core components are broken and the OpenSuse installation damaged. This is an example screenshot (I have the correct version of 2.6.2 already installed, consider it's 2.5.1-x86_64 at the top): http://img27.imageshack.us/img27/9106/installg.jpg Discussion: #1: Michal Marek (michal-m) (2009-09-22 14:42:40) The question is how such warning should be displayed, if the goal is to catch attention of people who tend to ignore warnings in general... -- openSUSE Feature: https://features.opensuse.org/307787
Feature changed by: jpxviii jpxviii (jpxviii) Feature #307787, revision 7 Title: Protection against modifying of system libraries + Hackweek V: Unconfirmed + Priority + Requester: Mandatory openSUSE-11.3: Unconfirmed Priority Requester: Important openSUSE-11.4: Unconfirmed Priority Requester: Mandatory Requested by: Mircea Kitsune (mirceakitsune) Description: A few days ago I made a mistake that caused me to brake my KDE and Linux installation. Although the fault was mine, I believe OpenSuse should have a protection against dangerous system changes or at least signal the user clearly when a change to system packages could damage important components. What I did was upgrading Pidgin messenger from version 2.5.1 to 2.6.2, but selecting the 32bit version from repository instead of the 64bit one (the installed 2.5.1 was the correct 64bit version). I didn't realize it and Yast replaced KDE and system libraries with 32bit versions. OpenSuse did not notify me that I would replace and brake system components, and everything appeared like a normal installation. Although I learned from my mistake and should have better reviewed the list of changes, I believe OpenSuse should have not allowed such a change rather than letting it seem like a normal installation. This is dangerous for new users who may not be aware of such dangers and only learn after braking their first OpenSuse install. Test Case: On a 64bit version of OpenSuse 11.1 KDE4 which has Pidgin 2.5.1-x.x- x86_64 installed: 1 - Open Yast -> Software Management, and add the following repository in Configuration -> Repositories: http://download.opensuse.org/repositories/GNOME:/Factory/openSUSE_11.1/ 2 - Refresh it then return to the search screen and search for Pidgin. Select pidgin from the packet list and in the Versions tab below select "2.6.2-x.x-i586 from gnome-repo" and click Accept. 3 - A conflict window will appear, mentioning you can either take some actions to resolve the conflict, not install pidgin, or ignore some of its dependencies. Under "Following actions will be done" there is a "369 more" list which includes important system libs that would be changed with 32bit versions. 4 - If the user is a Linux beginner and has commonly avoided such conflict windows, he may not give enough attention to this nor realize he has selected the i586 version and choose to replace the libraries. Once installation is done KDE and Linux core components are broken and the OpenSuse installation damaged. This is an example screenshot (I have the correct version of 2.6.2 already installed, consider it's 2.5.1-x86_64 at the top): http://img27.imageshack.us/img27/9106/installg.jpg Discussion: #1: Michal Marek (michal-m) (2009-09-22 14:42:40) The question is how such warning should be displayed, if the goal is to catch attention of people who tend to ignore warnings in general... -- openSUSE Feature: https://features.opensuse.org/307787
Feature changed by: Otso Rajala (daedaluz) Feature #307787, revision 8 Title: Protection against modifying of system libraries Hackweek V: Unconfirmed Priority Requester: Mandatory openSUSE-11.3: Unconfirmed Priority Requester: Important openSUSE-11.4: Unconfirmed Priority Requester: Mandatory Requested by: Mircea Kitsune (mirceakitsune) Description: A few days ago I made a mistake that caused me to brake my KDE and Linux installation. Although the fault was mine, I believe OpenSuse should have a protection against dangerous system changes or at least signal the user clearly when a change to system packages could damage important components. What I did was upgrading Pidgin messenger from version 2.5.1 to 2.6.2, but selecting the 32bit version from repository instead of the 64bit one (the installed 2.5.1 was the correct 64bit version). I didn't realize it and Yast replaced KDE and system libraries with 32bit versions. OpenSuse did not notify me that I would replace and brake system components, and everything appeared like a normal installation. Although I learned from my mistake and should have better reviewed the list of changes, I believe OpenSuse should have not allowed such a change rather than letting it seem like a normal installation. This is dangerous for new users who may not be aware of such dangers and only learn after braking their first OpenSuse install. Test Case: On a 64bit version of OpenSuse 11.1 KDE4 which has Pidgin 2.5.1-x.x- x86_64 installed: 1 - Open Yast -> Software Management, and add the following repository in Configuration -> Repositories: http://download.opensuse.org/repositories/GNOME:/Factory/openSUSE_11.1/ 2 - Refresh it then return to the search screen and search for Pidgin. Select pidgin from the packet list and in the Versions tab below select "2.6.2-x.x-i586 from gnome-repo" and click Accept. 3 - A conflict window will appear, mentioning you can either take some actions to resolve the conflict, not install pidgin, or ignore some of its dependencies. Under "Following actions will be done" there is a "369 more" list which includes important system libs that would be changed with 32bit versions. 4 - If the user is a Linux beginner and has commonly avoided such conflict windows, he may not give enough attention to this nor realize he has selected the i586 version and choose to replace the libraries. Once installation is done KDE and Linux core components are broken and the OpenSuse installation damaged. This is an example screenshot (I have the correct version of 2.6.2 already installed, consider it's 2.5.1-x86_64 at the top): http://img27.imageshack.us/img27/9106/installg.jpg Discussion: #1: Michal Marek (michal-m) (2009-09-22 14:42:40) The question is how such warning should be displayed, if the goal is to catch attention of people who tend to ignore warnings in general... + #2: Otso Rajala (daedaluz) (2010-08-16 02:51:48) + Quick fix to problem: hide packages of differing architecture by + default in YaST. That way users are less prone to perform that kind of + fatal error, while maintaining the power and flexibility for advanced + users. Most apps relying on 32bit parts pull the remaining 32bit + dependencies automatically nevertheless. -- openSUSE Feature: https://features.opensuse.org/307787
Feature changed by: Michal Marek (michal-m) Feature #307787, revision 9 Title: Protection against modifying of system libraries Hackweek V: Unconfirmed Priority Requester: Mandatory openSUSE-11.3: Unconfirmed Priority Requester: Important openSUSE-11.4: Unconfirmed Priority Requester: Mandatory Requested by: Mircea Kitsune (mirceakitsune) Description: A few days ago I made a mistake that caused me to brake my KDE and Linux installation. Although the fault was mine, I believe OpenSuse should have a protection against dangerous system changes or at least signal the user clearly when a change to system packages could damage important components. What I did was upgrading Pidgin messenger from version 2.5.1 to 2.6.2, but selecting the 32bit version from repository instead of the 64bit one (the installed 2.5.1 was the correct 64bit version). I didn't realize it and Yast replaced KDE and system libraries with 32bit versions. OpenSuse did not notify me that I would replace and brake system components, and everything appeared like a normal installation. Although I learned from my mistake and should have better reviewed the list of changes, I believe OpenSuse should have not allowed such a change rather than letting it seem like a normal installation. This is dangerous for new users who may not be aware of such dangers and only learn after braking their first OpenSuse install. Test Case: On a 64bit version of OpenSuse 11.1 KDE4 which has Pidgin 2.5.1-x.x- x86_64 installed: 1 - Open Yast -> Software Management, and add the following repository in Configuration -> Repositories: http://download.opensuse.org/repositories/GNOME:/Factory/openSUSE_11.1/ 2 - Refresh it then return to the search screen and search for Pidgin. Select pidgin from the packet list and in the Versions tab below select "2.6.2-x.x-i586 from gnome-repo" and click Accept. 3 - A conflict window will appear, mentioning you can either take some actions to resolve the conflict, not install pidgin, or ignore some of its dependencies. Under "Following actions will be done" there is a "369 more" list which includes important system libs that would be changed with 32bit versions. 4 - If the user is a Linux beginner and has commonly avoided such conflict windows, he may not give enough attention to this nor realize he has selected the i586 version and choose to replace the libraries. Once installation is done KDE and Linux core components are broken and the OpenSuse installation damaged. This is an example screenshot (I have the correct version of 2.6.2 already installed, consider it's 2.5.1-x86_64 at the top): http://img27.imageshack.us/img27/9106/installg.jpg Discussion: #1: Michal Marek (michal-m) (2009-09-22 14:42:40) The question is how such warning should be displayed, if the goal is to catch attention of people who tend to ignore warnings in general... #2: Otso Rajala (daedaluz) (2010-08-16 02:51:48) Quick fix to problem: hide packages of differing architecture by default in YaST. That way users are less prone to perform that kind of fatal error, while maintaining the power and flexibility for advanced users. Most apps relying on 32bit parts pull the remaining 32bit dependencies automatically nevertheless. + #3: Michal Marek (michal-m) (2010-08-16 11:59:34) (reply to #2) + This would also hide the Acrobat Reader for instance... -- openSUSE Feature: https://features.opensuse.org/307787
Feature changed by: Daniel Zeleny (Leinad965) Feature #307787, revision 10 Title: Protection against modifying of system libraries Hackweek V: Unconfirmed Priority Requester: Mandatory openSUSE-11.3: Unconfirmed Priority Requester: Important openSUSE-11.4: Unconfirmed Priority Requester: Mandatory Requested by: Mircea Kitsune (mirceakitsune) Description: A few days ago I made a mistake that caused me to brake my KDE and Linux installation. Although the fault was mine, I believe OpenSuse should have a protection against dangerous system changes or at least signal the user clearly when a change to system packages could damage important components. What I did was upgrading Pidgin messenger from version 2.5.1 to 2.6.2, but selecting the 32bit version from repository instead of the 64bit one (the installed 2.5.1 was the correct 64bit version). I didn't realize it and Yast replaced KDE and system libraries with 32bit versions. OpenSuse did not notify me that I would replace and brake system components, and everything appeared like a normal installation. Although I learned from my mistake and should have better reviewed the list of changes, I believe OpenSuse should have not allowed such a change rather than letting it seem like a normal installation. This is dangerous for new users who may not be aware of such dangers and only learn after braking their first OpenSuse install. Test Case: On a 64bit version of OpenSuse 11.1 KDE4 which has Pidgin 2.5.1-x.x- x86_64 installed: 1 - Open Yast -> Software Management, and add the following repository in Configuration -> Repositories: http://download.opensuse.org/repositories/GNOME:/Factory/openSUSE_11.1/ 2 - Refresh it then return to the search screen and search for Pidgin. Select pidgin from the packet list and in the Versions tab below select "2.6.2-x.x-i586 from gnome-repo" and click Accept. 3 - A conflict window will appear, mentioning you can either take some actions to resolve the conflict, not install pidgin, or ignore some of its dependencies. Under "Following actions will be done" there is a "369 more" list which includes important system libs that would be changed with 32bit versions. 4 - If the user is a Linux beginner and has commonly avoided such conflict windows, he may not give enough attention to this nor realize he has selected the i586 version and choose to replace the libraries. Once installation is done KDE and Linux core components are broken and the OpenSuse installation damaged. This is an example screenshot (I have the correct version of 2.6.2 already installed, consider it's 2.5.1-x86_64 at the top): http://img27.imageshack.us/img27/9106/installg.jpg Discussion: #1: Michal Marek (michal-m) (2009-09-22 14:42:40) The question is how such warning should be displayed, if the goal is to catch attention of people who tend to ignore warnings in general... #2: Otso Rajala (daedaluz) (2010-08-16 02:51:48) Quick fix to problem: hide packages of differing architecture by default in YaST. That way users are less prone to perform that kind of fatal error, while maintaining the power and flexibility for advanced users. Most apps relying on 32bit parts pull the remaining 32bit dependencies automatically nevertheless. #3: Michal Marek (michal-m) (2010-08-16 11:59:34) (reply to #2) This would also hide the Acrobat Reader for instance... + #4: Daniel Zeleny (leinad965) (2010-08-17 20:27:49) + 3 - A conflict window will appear, mentioning you can either take some + actions to resolve the conflict, not install pidgin, or ignore some of + its dependencies. Under "Following actions will be done" there is a + "369 more" list which includes important system libs that would be + changed with 32bit versions. + + Don't create system which is smarter than user (Windows). User was + warned! And he ignored warning. When he wanted ignore warning, he have + to know, what he was doing... + #5: Daniel Zeleny (leinad965) (2010-08-17 20:28:23) + <cite>3 - A conflict window will appear, mentioning you can either take + some actions to resolve the conflict, not install pidgin, or ignore + some of its dependencies. Under "Following actions will be done" there + is a "369 more" list which includes important system libs that would be + changed with 32bit versions.</cite> + + Don't create system which is smarter than user (Windows). User was + warned! And he ignored warning. When he wanted ignore warning, he have + to know, what he was doing... + #6: Daniel Zeleny (leinad965) (2010-08-17 20:28:52) + 3 - A conflict window will appear, mentioning you can either take some + actions to resolve the conflict, not install pidgin, or ignore some of + its dependencies. Under "Following actions will be done" there is a + "369 more" list which includes important system libs that would be + changed with 32bit versions. + + Don't create system which is smarter than user (Windows). User was + warned! And he ignored warning. When he wanted ignore warning, he have + to know, what he was doing... -- openSUSE Feature: https://features.opensuse.org/307787
Feature changed by: Jan Engelhardt (jengelh) Feature #307787, revision 11 Title: Protection against modifying of system libraries Hackweek V: Unconfirmed Priority Requester: Mandatory openSUSE-11.3: Unconfirmed Priority Requester: Important openSUSE-11.4: Unconfirmed Priority Requester: Mandatory Requested by: Mircea Kitsune (mirceakitsune) Description: A few days ago I made a mistake that caused me to brake my KDE and Linux installation. Although the fault was mine, I believe OpenSuse should have a protection against dangerous system changes or at least signal the user clearly when a change to system packages could damage important components. What I did was upgrading Pidgin messenger from version 2.5.1 to 2.6.2, but selecting the 32bit version from repository instead of the 64bit one (the installed 2.5.1 was the correct 64bit version). I didn't realize it and Yast replaced KDE and system libraries with 32bit versions. OpenSuse did not notify me that I would replace and brake system components, and everything appeared like a normal installation. Although I learned from my mistake and should have better reviewed the list of changes, I believe OpenSuse should have not allowed such a change rather than letting it seem like a normal installation. This is dangerous for new users who may not be aware of such dangers and only learn after braking their first OpenSuse install. Test Case: On a 64bit version of OpenSuse 11.1 KDE4 which has Pidgin 2.5.1-x.x- x86_64 installed: 1 - Open Yast -> Software Management, and add the following repository in Configuration -> Repositories: http://download.opensuse.org/repositories/GNOME:/Factory/openSUSE_11.1/ 2 - Refresh it then return to the search screen and search for Pidgin. Select pidgin from the packet list and in the Versions tab below select "2.6.2-x.x-i586 from gnome-repo" and click Accept. 3 - A conflict window will appear, mentioning you can either take some actions to resolve the conflict, not install pidgin, or ignore some of its dependencies. Under "Following actions will be done" there is a "369 more" list which includes important system libs that would be changed with 32bit versions. 4 - If the user is a Linux beginner and has commonly avoided such conflict windows, he may not give enough attention to this nor realize he has selected the i586 version and choose to replace the libraries. Once installation is done KDE and Linux core components are broken and the OpenSuse installation damaged. This is an example screenshot (I have the correct version of 2.6.2 already installed, consider it's 2.5.1-x86_64 at the top): http://img27.imageshack.us/img27/9106/installg.jpg Discussion: #1: Michal Marek (michal-m) (2009-09-22 14:42:40) The question is how such warning should be displayed, if the goal is to catch attention of people who tend to ignore warnings in general... #2: Otso Rajala (daedaluz) (2010-08-16 02:51:48) Quick fix to problem: hide packages of differing architecture by default in YaST. That way users are less prone to perform that kind of fatal error, while maintaining the power and flexibility for advanced users. Most apps relying on 32bit parts pull the remaining 32bit dependencies automatically nevertheless. #3: Michal Marek (michal-m) (2010-08-16 11:59:34) (reply to #2) This would also hide the Acrobat Reader for instance... #4: Daniel Zeleny (leinad965) (2010-08-17 20:27:49) 3 - A conflict window will appear, mentioning you can either take some actions to resolve the conflict, not install pidgin, or ignore some of its dependencies. Under "Following actions will be done" there is a "369 more" list which includes important system libs that would be changed with 32bit versions. Don't create system which is smarter than user (Windows). User was warned! And he ignored warning. When he wanted ignore warning, he have to know, what he was doing... #5: Daniel Zeleny (leinad965) (2010-08-17 20:28:23) <cite>3 - A conflict window will appear, mentioning you can either take some actions to resolve the conflict, not install pidgin, or ignore some of its dependencies. Under "Following actions will be done" there is a "369 more" list which includes important system libs that would be changed with 32bit versions.</cite> Don't create system which is smarter than user (Windows). User was warned! And he ignored warning. When he wanted ignore warning, he have to know, what he was doing... #6: Daniel Zeleny (leinad965) (2010-08-17 20:28:52) 3 - A conflict window will appear, mentioning you can either take some actions to resolve the conflict, not install pidgin, or ignore some of its dependencies. Under "Following actions will be done" there is a "369 more" list which includes important system libs that would be changed with 32bit versions. Don't create system which is smarter than user (Windows). User was warned! And he ignored warning. When he wanted ignore warning, he have to know, what he was doing... + #7: Jan Engelhardt (jengelh) (2010-08-19 20:11:08) + 'Nuff said. -- openSUSE Feature: https://features.opensuse.org/307787
Feature changed by: Andreas Jaeger (a_jaeger) Feature #307787, revision 12 Title: Protection against modifying of system libraries - Hackweek V: Unconfirmed + openSUSE-11.3: Done Priority - Requester: Mandatory - openSUSE-11.3: Unconfirmed - Priority Requester: Important - openSUSE-11.4: Unconfirmed + openSUSE-11.4: Done Priority Requester: Mandatory Requested by: Mircea Kitsune (mirceakitsune) Description: A few days ago I made a mistake that caused me to brake my KDE and Linux installation. Although the fault was mine, I believe OpenSuse should have a protection against dangerous system changes or at least signal the user clearly when a change to system packages could damage important components. What I did was upgrading Pidgin messenger from version 2.5.1 to 2.6.2, but selecting the 32bit version from repository instead of the 64bit one (the installed 2.5.1 was the correct 64bit version). I didn't realize it and Yast replaced KDE and system libraries with 32bit versions. OpenSuse did not notify me that I would replace and brake system components, and everything appeared like a normal installation. Although I learned from my mistake and should have better reviewed the list of changes, I believe OpenSuse should have not allowed such a change rather than letting it seem like a normal installation. This is dangerous for new users who may not be aware of such dangers and only learn after braking their first OpenSuse install. Test Case: On a 64bit version of OpenSuse 11.1 KDE4 which has Pidgin 2.5.1-x.x- x86_64 installed: 1 - Open Yast -> Software Management, and add the following repository in Configuration -> Repositories: http://download.opensuse.org/repositories/GNOME:/Factory/openSUSE_11.1/ 2 - Refresh it then return to the search screen and search for Pidgin. Select pidgin from the packet list and in the Versions tab below select "2.6.2-x.x-i586 from gnome-repo" and click Accept. 3 - A conflict window will appear, mentioning you can either take some actions to resolve the conflict, not install pidgin, or ignore some of its dependencies. Under "Following actions will be done" there is a "369 more" list which includes important system libs that would be changed with 32bit versions. 4 - If the user is a Linux beginner and has commonly avoided such conflict windows, he may not give enough attention to this nor realize he has selected the i586 version and choose to replace the libraries. Once installation is done KDE and Linux core components are broken and the OpenSuse installation damaged. This is an example screenshot (I have the correct version of 2.6.2 already installed, consider it's 2.5.1-x86_64 at the top): http://img27.imageshack.us/img27/9106/installg.jpg Discussion: #1: Michal Marek (michal-m) (2009-09-22 14:42:40) The question is how such warning should be displayed, if the goal is to catch attention of people who tend to ignore warnings in general... #2: Otso Rajala (daedaluz) (2010-08-16 02:51:48) Quick fix to problem: hide packages of differing architecture by default in YaST. That way users are less prone to perform that kind of fatal error, while maintaining the power and flexibility for advanced users. Most apps relying on 32bit parts pull the remaining 32bit dependencies automatically nevertheless. #3: Michal Marek (michal-m) (2010-08-16 11:59:34) (reply to #2) This would also hide the Acrobat Reader for instance... #4: Daniel Zeleny (leinad965) (2010-08-17 20:27:49) 3 - A conflict window will appear, mentioning you can either take some actions to resolve the conflict, not install pidgin, or ignore some of its dependencies. Under "Following actions will be done" there is a "369 more" list which includes important system libs that would be changed with 32bit versions. - Don't create system which is smarter than user (Windows). User was warned! And he ignored warning. When he wanted ignore warning, he have to know, what he was doing... #5: Daniel Zeleny (leinad965) (2010-08-17 20:28:23) <cite>3 - A conflict window will appear, mentioning you can either take some actions to resolve the conflict, not install pidgin, or ignore some of its dependencies. Under "Following actions will be done" there is a "369 more" list which includes important system libs that would be changed with 32bit versions.</cite> - Don't create system which is smarter than user (Windows). User was warned! And he ignored warning. When he wanted ignore warning, he have to know, what he was doing... #6: Daniel Zeleny (leinad965) (2010-08-17 20:28:52) 3 - A conflict window will appear, mentioning you can either take some actions to resolve the conflict, not install pidgin, or ignore some of its dependencies. Under "Following actions will be done" there is a "369 more" list which includes important system libs that would be changed with 32bit versions. - Don't create system which is smarter than user (Windows). User was warned! And he ignored warning. When he wanted ignore warning, he have to know, what he was doing... #7: Jan Engelhardt (jengelh) (2010-08-19 20:11:08) 'Nuff said. -- openSUSE Feature: https://features.opensuse.org/307787
participants (1)
-
fate_noreply@suse.de