The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

The Unified Package Manager

This an idea that I have been gradually developed over the last months.
Some rudimentary stuff already exists in an experimental package in
incoming. I think something like this would be very useful for us on our
Campus to have and perhaps would be good for the Debian Project too.

The Unified Package Manager
---------------------------

The Problem:
------------ 

I am administering a growing network of Linux Servers and I had a real hard
time keeping the software on our servers up to date. It was a catastrophe
with Slackware. Now we are using Debian which is much much better but
I still think there are still a lot of issues that need attention.

I notice people posting on the newsgroups having ancient software on
their machines. And it think that is due to the difficulty of handling
upgrades and the existing package managers.

The Unified Package Manager tries to address those issues and provide
backward compatibility with the existing software resources of both
distributions (and also Slackware Packages for that matter but that does not really
count. I was told Slackwares Packaging system is proprietory <G>.)

It is a practical solution, rather than focused on certain ideas.

Planned Features of the UPM
---------------------------

- Attempts to have a superset of features contained in Debian, Redhat and
  Slackware Packages

- Converters will be provided for all traditional Package Managers to UPM.
  (Not every package will be able to be converted naturally...)

- Sysadmin can freeze files or directories to not allow the package manager
  to disturb what was modified and what the sysadmin does not want to be
  touched at all.

- Multiple options on how configuration files can be updated. Can generate
  diffs to prior config files and then apply modifications to configuration
  files of prior releases to the ones provided with the current package
  (within limits of course). Can also update keyed files (like passwd,
  group, services) in an intelligent way. Methods can be defined for new
  ways of automatically upgrading configuration files.

- Immediate configuration of Packages. No delay for the configuration of
  daemons that might mean downtime (dselect).  No need for predependencies
  (dpkg).

- A copy of provided Configfiles is saved in a special UPM directory for easy
  reference and restoration of the default configuration.  (In case the
  package was messed up)

- Configuration Scripts are separate from the installation scripts and they
  can be repeatedly invoked without reinstalling the package.

- Verification and accounting for modifications and the presence of each
  file on the system.  For each file a checksum is stored in the package
  managers database to allow for the detection of modifications and viruses. 
  The package manager can list all files not managed by the packaging system
  and can be used by the sysadmin to easily group and control
  non-distribution files on a system.

- The package format is ascii (embedded uuencode binaries) and the package
  can be edited or written entirely with an editor.  There is no need for
  complicated package build commands. The package can simply be written with
  an editor and uuencoded binaries / tarfiles can be attached to that file.
  No rule file to maintain. In contrast to rpm the recipie is also the final
  package making for an ease of use unsurpassable.

- Screwed up package metainformation can be easily fixed up and the
  installation scripts can be reviewed so the sysadmin is clear about the
  dangers the scripts might pose to his system.

- A package can be signed by PGP and transmitted via e-mail without a problem.

- An e-mail message with a couple of packages can be fed directly into the
  package manager for installation.

- Packages are executable. Just type the name or click on the
  file from a filemanager and the package installs. No need to bother with
  complicated package manager interfaces.

- Automatic retrieval and installation of packages a package depends on.

- Meta packages: i.e. you can have a package STANDARD that will depend on
  a selection of packages that are standard for a distribution and it will
  install those by automatic retrieval.

- Library dependencies automatically handled by package manager according to
  information contained in the ELF binaries or ELF libraries.  No need for
  error prone maintainer specification of dependencies in most cases. (rpm
  has similar features)

- FAST operation through the Berkeley DB libraries with advanced hashing,
  btree techniques.  Text files are not consulted for metainformation (like
  dpkg does).

- Multiple Instances of UPM can use the Database simultaneously.
  (upm calls itself recursively to fulfill dependencies!)

- Packages with prefix ability can be installed in multiple locations.

- Support for multiple versions of a program on a system (such as Linux
  Kernels or libraries for example).

- Multi-Architecture support in one UPM package. The package can list
  what binaries would fit what architecture and the upm manager will
  install the correct parts on installation. (Of course it can also
  be in separate packages if the size of those binaries is big).

Example contents of a package (bug package of debmake):

#!/bin/upm
Package: bug
Version: 2.54
Depends: sed, perl, grep
Maintainer: Christoph Lameter <clameter@waterf.org>
Title: Bug Reporting Tool interfacing with the Bug Tracking System

%description
A script to ease the reporting of bugs. Automatically figures out version
numbers of the package reported and all depending packages. Adds
configfiles etc to the bugreport.
%copyright
See the debmake package
%changelog
First experimental demo package
%postinst
#!/bin/sh
echo "Example Postinst"

%config
#!/bin/sh
echo "Example Configure script"

%file /usr/man/man1/bug.1
.TH BUG 1L "Debian Utilities" "DEBIAN" \" -*- nroff -*-
.SH NAME
bug \- Report a bug to the Debian Bug Tracking System.
.SH SYNOPSIS
\fBbug\fP [ \fBoptions\fP ] package [\fBtext\fP] ...
.br
.SH DESCRIPTION
.I bug
will figure out what the current version of the package with the bug is on
your system. If the package is not installed then a generic bug report
will be generated.
....

%binary /usr/bin/bug archit=all
M(R$O8FEN+W-H"B,*(R!'96YE<F%T97,@82!B=6<@<F5P;W)T"B,*(R!#:')I
M<W1O<&@@3&%M971E<BP@3V-T;V)E<B-BP@,3DY-@HC"G-E="
90H*:68@
M6R)#$B(#T@(B(@73L@=&AE;@H)96-H;R57-A9V4Z(&)U9R!;;W!T:6]N
M<UT@/'!A8VMA9V5N86UE/B!;/'1E>'0^72+B(*"65X:70@,0IF:0H*:68@
M6R)%5)1"(@/2,"(@73L@=&AE;@H)96-H;R1FEL:6YG(&)U9R!R97!O
M<G1S('=I=&@@<W5P97)U<V5R('!R:79I;&5D9V5S(&ES(&EN<V5C=7)E(&%N
M9"!N;W0@<W5P<&]R=&5D+B(*"65X:70@,0IF:0H*=VAI;&4@97AP<B)#$B
M(#H@)RTN*B<@/B]D978O;G5L;#L@9&\*"6-A<V4@)#$@:6X*"0DM8RD)3D]#
M3TY&24<],0H)"0ES:&EF=)"0D[.PH)"2UQ*0E154E%5#TQ"@D)"7-H:69T
M"@D)"3L["@D)+6TI"4U!24Y4/3$*"0D)<VAI9G0*"0D).SL*"0DM<RD)<VAI
M9G0*"0D)4U5"2D5#5#TB)#$B"@D)"7-H:69T"@D)"3L["@D)+60I"7-H:69T
...

M9"(@?"!M86EL("1-041$4B
<R)%@B"G)M("]T;7"0*96-H;R0G5G
=(%)E<&]R="!S=6)M:71T960@=&\@)$U!1$12(@H`
`
end
%end
PGP-Signature could follow here.

Christoph Lameter, January 6, 1996


--- +++ --- +++ --- +++ --- +++ --- +++ --- +++ --- +++ ---
Please always CC me when replying to posts on mailing lists.


--
Please respect the confidentiality of material on the debian-private list.
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com