[softwaremgmt] Software Portal
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Just to give some more meat/background to the discussion, here are the ideas that lead us (Benjamin Weber and I) to implement the Software Portal (http://software.opensuse-community.org): 1) Applications - --------------- Newbies shouldn't be exposed to "packages" and only to a very limited extent to repositories, but, rather, to "applications". That means that they should be able to search for "firefox" or "amarok" in a central place and be able to install it easily from there. No libraries, no development packages, and applications being bundles of 1-n packages. Tagging is obviously a very useful tool for navigation as well, as people might just want to look for "games" or "email" instead of having to know the name of the packages/applications. 2) Web-based - ------------ The idea was also to have them use their web-browser to search and install stuff, as that is what most people just do. OneClickInstall (which was originally written by Benjamin Weber too) is used to trigger the package installation when they click on an "install" button. For those who don't know, it's implemented through the MIME type and handlers in the openSUSE packages of Firefox and Konqueror (as opposed to what Debian is doing through the "apt://" URIs which, we believe, is just plain wrong as to the RFC standards). There are some problems with OneClickInstall, such as still being too complex for newbies, and Garrett made some interesting mockups (*) for a nicer UI as well as a somewhat easier workflow. But one way or another, you _cannot_ relieve end-users from having to care about digital signatures. And that's really the key problem regarding usability (or rather easy of use) here. (*) http://linuxart.com/log/archives/2010/06/21/one-click-part-2/ 3) Use repository metadata - -------------------------- As we didn't think that there would be enough people to maintain/define applications manually, we took the route of having a software based solution that automatically defines/detects applications from package repository metadata using some heuristics. As already mentioned in my previous posts, a few of those heuristics are: * look for a .desktop file in the files list of a package (which identifies a package as being an application, because it'll show up in the menu) * merge packages based on their %{SOURCERPM} RPM metadata tag to assemble them as applications (which catches subpackages) * the ability to define regular expressions to match additional packages with an application * use categories from the .desktop file to define tags on the application One problem became clear once it was implemented and up&running: we have way too many repositories to be able to process all that metadata properly, at least without having to scale out to several servers. The RPM-MD metadata is fetched every hour, and it regularly clogs down the server when it has to process all that data. We did optimize the SQL to the MySQL instance quite a lot, so that's not the problem. The issue might be that we also do compute a lot in the database to detect - - new applications (that have been added) - - updates to existing applications - - applications that have been removed and all that requires quite some juggling in the database. Having OBS (or rather the OBS publisher) ping the system would be a great plus, simply for the sake of a simpler implementation, live content, and scalability. 4) User feedback - ---------------- Screenshots, ratings, comments, all of that was obviously implemented as well. We also wanted (but didn't implement) to be able to link to blog posts, openSUSE forum threads, etc... The idea with rating was to give users a quick look at whether the application packages can be trusted. In our implementation, only blessed users were allowed to give ratings. And no, we obviously didn't use iChain as an authentication and/or authorization backend, we have our own user+role database ;) 5) Desktop client - ----------------- Once the Software Portal had been finalized (**), we would also have expanded the REST API in order to make it possible to implement a desktop client. The desktop client wouldn't need OneClickInstall and would also know about which packages are installed on your system, hence offering an even better user experience. But it never got that far. (**) which never happened due to lack of interest from others (we made a presentation about it at the openSUSE conference in 2009 (***), as well as blogged about it quite extensively back then, which is why I'm surprised so many people never heard of it -- yes, I do hate you people for that), and because Benjamin and I simply didn't have enough time on our hands to continue implementing it on our own (***) the PDF of the presentation is here: http://linux01.gwdg.de/~pbleser/swp.pdf More details on the wiki page we wrote back then: http://old-en.opensuse.org/Software_Portal Some screenshots: http://bw.uwcs.co.uk/swp/ cheers - -- -o) Pascal Bleser http://linux01.gwdg.de/~pbleser/ /\\ <pascal.bleser@skynet.be> <guru@unixtech.be> _\_v The more things change, the more they stay insane. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.15 (GNU/Linux) iD8DBQFM1Urtr3NMWliFcXcRAhFFAKCE4RTwzNXBKbfcI4zuXvUlm1BPeACeKb0O x/byDkvQnZehEbfhNcdfiAQ= =0ZCE -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
Hey, On 11/6/10 1:32 PM, Pascal Bleser wrote:
But one way or another, you _cannot_ relieve end-users from having to care about digital signatures. And that's really the key problem regarding usability (or rather easy of use) here.
This signature part is not necessarily true. Users have to take care of a simple choice: ------------------------------------------------------------------------ This package comes from an untrusted source and might harm your system! [Install] [Cancel] [ ] Details [ ] Never ask me again ------------------------------------------------------------------------ Install == Ignore signature Cancel = Cancel Detail == Show details about the signature Never ask me again == Trust Signature This is a simple dialog every computer user can grasp and gets presented with, in various forms, everyday already. Henne -- http://www.opensuse.org -- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
Hello, Am Montag, 8. November 2010 schrieb Henne Vogelsang:
This signature part is not necessarily true. Users have to take care of a simple choice:
--------------------------------------------------------------------- This package comes from an untrusted source and might harm your system!
[Install] [Cancel]
[ ] Details [ ] Never ask me again --------------------------------------------------------------------
There was some discussion about this at the openSUSE conference in the zypp BoF. The results in short: - inherit trust: if a repo key is signed by a known key, display a "less dangerous looking" dialog or (config option or "never ask again" checkbox) no warning at all. Most prominent example: build service keys that are signed by the build service master key - for detail view: if a key is signed by other keys, display them. That gives at least the chance that someone verifies the key chain. Again build service repos are the best example. - IIRC nobody in the BoF said he verifies the fingerprint *) - there were more topics in the BoF, but not related to this question The following is my personal opinion: *) my guess: because it isn't easy enough. Having the key chain visible ("This key is signed by a key you already trust") would bring more security than just displaying a fingerprint nobody checks (you would need to download the key from the repo, verify its fingerprint, check who signed it, ....) The dialog should look more "dangerous" if a key is not signed by any key in the current keyring. The "never ask again" checkbox is a good idea for keys that are signed by an already known key (read: buildservice) - even if I'd never tick that box. For totally unknown keys, I'd recommend _not_ to offer such a checkbox.
Install == Ignore signature Cancel = Cancel Detail == Show details about the signature Never ask me again == Trust Signature
As a typical user, I'd expect a different meaning: Install == Trust this signature (there's no point in installing a package when you don't trust it) Never ask me again == Trust _all_ signatures (IMHO: as long as their key is signed with a already trusted key - see key chain above) Yes, I know that this would mean less security, but hey, I'm just wearing my "typical user" hat in this case ;-) and I also don't say it should be implemented this way. I'm just warning you what bugreports to expect: "Every time I add a repo, I'm asked again! But I ticked the 'never ask again' box!!!!!1!!111!!!!!!" ;-) Maybe the "never ask again" should have a more meaningful title like "never ask again for this signature" or "permanently trust this signature". Or we simply rework the existing way that asks about the key instead of the package - rename the "import" button to "trust permanently". Now choose your favorite way ;-) Regards, Christian Boltz --
In Yast2-System-Editor /etc/sysconfig-Dateien in System-Kernel-MODULES_LOADED_ON_BOOT ide-scsi eintragen. David, bitte wegschauen... Nein David, das hast Du nicht gesehen. Es ist alles OK, David... Ganz ruhig... :-) [> Arne Dieckmann und Thomas Hertweck in suse-linux] -- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
On 11/08/2010 11:38 AM, Henne Vogelsang wrote:
------------------------------------------------------------------------ This package comes from an untrusted source and might harm your system!
[Install] [Cancel]
[ ] Details [ ] Never ask me again ------------------------------------------------------------------------
Install == Ignore signature Cancel = Cancel Detail == Show details about the signature Never ask me again == Trust Signature
This is a simple dialog every computer user can grasp and gets presented with, in various forms, everyday already.
It can be of course improved. There are two problems here: - Asking too much. We talked about this during the conference and decided to implement transitive trusting (not asking if the key is signed by a already trusted key) - Wording. ZYpp supports a very complicated workflow. It can trust a key for one use, or remember the trust. The way you present it above is a wording of that workflow for a normal human being. YaST has a completely different dialog last time I checked. First it talks about "Import rpm key". 3/3 words non geeks do not understand. Then the dialog was simplified in a broken way, because it used to ask twice "trust?" "now or forever?", but instead of fixing the real problem the "trust now" option was removed and now you can only "import", which is a verb that has nothing to do with trust. The only mistake in your dialog is that we do trust on refresh of repositories. Not on package installation ;-) -- Duncan Mac-Vicar P. - Novell® Making IT Work As One™ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) -- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
Dne 6.11.2010 13:32, Pascal Bleser napsal(a): [...]
2) Web-based ------------ The idea was also to have them use their web-browser to search and install stuff, as that is what most people just do. OneClickInstall (which was originally written by Benjamin Weber too) is used to trigger the package installation when they click on an "install" button. For those who don't know, it's implemented through the MIME type and handlers in the openSUSE packages of Firefox and Konqueror (as opposed to what Debian is doing through the "apt://" URIs which, we believe, is just plain wrong as to the RFC standards).
BTW there already exists "Game Store" web application which uses OCI, see http://gamestore.gk2.sk/ I think it should be merged with the Software portal or it's parts could be reused there. We should be focused on just one software portal - to not confuse users and to not split developers across several projects... (Adding Pavol Rusnak, the Game Store author, to CC...) -- Best Regards Ladislav Slezák Yast Developer ------------------------------------------------------------------------ SUSE LINUX, s.r.o. e-mail: lslezak@suse.cz Lihovarská 1060/12 tel: +420 284 028 960 190 00 Prague 9 fax: +420 284 028 951 Czech Republic http://www.suse.cz/ -- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
On 2010-11-12 17:17:18 (+0100), Ladislav Slezak <lslezak@suse.cz> wrote:
Dne 6.11.2010 13:32, Pascal Bleser napsal(a): [...]
2) Web-based ------------ The idea was also to have them use their web-browser to search and install stuff, as that is what most people just do. OneClickInstall (which was originally written by Benjamin Weber too) is used to trigger the package installation when they click on an "install" button. For those who don't know, it's implemented through the MIME type and handlers in the openSUSE packages of Firefox and Konqueror (as opposed to what Debian is doing through the "apt://" URIs which, we believe, is just plain wrong as to the RFC standards).
BTW there already exists "Game Store" web application which uses OCI, see http://gamestore.gk2.sk/
I think it should be merged with the Software portal or it's parts could be reused there. We should be focused on just one software portal - to not confuse users and to not split developers across several projects...
We are very much aware of that :) That was actually what we discussed at the openSUSE Conference, and why this mailing-list was set up in the first place. cheers, -- -o) Pascal Bleser <pascal.bleser@opensuse.org> /\\ http://opensuse.org -- I took the green pill _\_v FOSDEM XI: 5 + 6 Feb 2011, http://fosdem.org
On 11/13/2010 02:16 PM, Pascal Bleser wrote:
We are very much aware of that :)
That was actually what we discussed at the openSUSE Conference, and why this mailing-list was set up in the first place.
I have to say that from all the user interfaces, the game store is the best one. However it is probably the one lacking most features (comments, ratings, OCS api) -- Duncan Mac-Vicar P. - Novell® Making IT Work As One™ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) -- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
On 11/15/2010 03:24 PM, Duncan Mac-Vicar P. wrote:
However it is probably the one lacking most features (comments, ratings, OCS api)
Actually, after checking it out, I found out it is a 100% html/js app, which takes the content from a JSON file. -- Duncan Mac-Vicar P. - Novell® Making IT Work As One™ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) -- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
participants (5)
-
Christian Boltz -
Duncan Mac-Vicar P. -
Henne Vogelsang -
Ladislav Slezak -
Pascal Bleser