[maemo-developers] [maemo-developers] Re: [maemo-users] 'Locking down' software installation

From: Levi Bard taktaktaktaktaktaktaktaktaktak at gmail.com
Date: Thu Feb 15 21:07:01 EET 2007
> In the future, we hope to be able to provide official updates to the
> operating system itself via packages, and we need to give the
> end-users the confidence that when they intend to install a Nokia
> provided operating system update, they actually get what they think
> they are getting.

Great!  It'll be great to escape the backup->flash->restore->reinstall cycle!

> This means that the Application Manager will not allow you to update
> individual OS packages (or to install third party applications that
> require this), since you would have to remove the meta package for
> that.  It is still possible to install additional 'system' packages,
> just not to upgrade already installed ones.
> A second new feature is that the Application Manager will distinguish
> between "trusted sources" and "non-trusted sources" (based on the key
> used to sign the corresponding repository).  A package that has
> originally been installed from a trusted source will only be allowed
> to be updated (or replaced) from a trusted source.  The flash image is
> also treated as a trusted source, so you will only be able to update
> packages that are pre-installed in the device from trusted sources.

IMO the second new feature makes the first one irrelevant.  Locking
the OS metapackage to exact versions of depended packages will cause
headaches for nokia, developers, and users.

Say you've just released an OS metapackage, maemo 3.1 sturgeon, and
then one the guys working on cairo makes a huge breakthrough in speed
and stability.  You want users to be able to upgrade, but now you have
to release a new OS metapackage to do so, so you either need to make
users wait for another "full" release, or release a new OS metapackage
whose only change is an upgraded cairo dependency.  This potentially
means a lot of frivolous new OS releases.

However, the "trusted source" feature means that you don't have to
worry about this.  If you release OS metapackage maemo-3.2007-sturgeon
with the *greater than or equal*-style dependencies, people can only
upgrade those packages from Nokia.  This means that users don't have
to worry about the potential of getting a broken cairo package from
Joe's Repo, and that you can release a new cairo package when it's
ready without having to worry about synchronizing with other packages'
releases, announcing a new OS release, etc.

> The meta package could depend on 'this version or later' of a package
> instead of on "exactly this version'.  That would allow it to control
> the update just as much, but would not lock down the configuration of
> the device so much.  The motivation for this lock-down of the device
> configuration is that Nokia (probably, IANAL) doesn't want to support
> any other configuration, and having to 'hack' your system via the
> red-pill mode or similar is a good indication that you are now on your
> own.

I am wholly in favor of this, as may be gathered from my previous
paragraph.  And the "trusted repository" scheme means that the device
is just as locked down for support purposes.

It doesn't take a nukular scientist to pronounce foilage!  --Marge Simpson

More information about the maemo-developers mailing list