[maemo-developers] Why should it be so hard and should I even bother with Extras for fremantle?

From: Jeremiah Foster jeremiah at jeremiahfoster.com
Date: Mon Nov 2 01:32:18 EET 2009
On Nov 1, 2009, at 12:35, Graham Cobb wrote:

> On Sunday 01 November 2009 10:22:00 Andrew Flegg wrote:
>> On Sun, Nov 1, 2009 at 09:30, Martin Grimme  
>> <martin.grimme at gmail.com> wrote:
>>> it really looks wrong IMHO if stuff like socat, rootsh, or openssh
>>> turn up in the extras repository ready for end-users to be  
>>> installed.
>>> extras should only contain applications that are safe for everyone  
>>> to
>>> play around with.
>> However, if it is clear to users what to expect when they install
>> those apps; and they don't recklessly reduce the capability of the
>> system, I don't think they're that bad. So, perhaps, OpenSSH Server
>> should have a clearer warning that the root password it forces you to
>> choose should be strong, as it will allow anyone to log in to your
>> tablet if it is online and they know the password.
> I agree with Andrew.  These applications should be available to  
> everyone.
> There are two issues:
> 1) There will end up being a LOT of command line utilities.  Over  
> time I would
> expect a lot of debian utilities to be ported.  This will clutter up  
> the
> Application Manager with things of interest to a tiny number of  
> people.

Then Application Manager has to change. It does not scale to have  
categories when there are thousands of apps.
> The medium term solution, I think, is to create a new category: user/ 
> advanced
> or user/command-line.

I'm not so keen on this. I think it excessively cautious.
> In the short term, I suggest we look at creating a user/utilities  
> meta-package
> called something like "Command Line Tools" which would depend on the  
> (non
> user/) tools themselves.  Whenever someone ports one of these tools  
> they
> would work with the maintainer of the "Command Line Tools" package  
> to have it
> added to the Description and to the dependencies.  We might even  
> manually
> force the promotion of the new "Command Line Tools" package if someone
> (X-Fade?) is happy that it is just a trivial port.
> 2) Some of the tools may be fairly dangerous.  But then that is true  
> of many
> of the tools already on the system (mke2fs?).  I don't see that as a  
> problem
> if it is marked as an advanced tool except for cases (like OpenSSH  
> Server)
> where just installing it does something potentially dangerous to  
> your system
> (another example might be something which installs a daemon which does
> something very useful but which reduces battery life).
> In this case, the medium term solution is, again, to put it in a  
> user/advanced
> category and the short term solution is, I think, just to make it  
> explain how
> it is dangerous in BIG LETTERS!

UNIX, and Linux, has always been a system in which you can do  
significant damage to your system by issuing the wrong command. I  
don't think you can dumb it down and still keep its power and  
flexibility. I realize that there are interfaces to GSM and other data  
that users oughtn't touch, but I think the warnings and safeguards we  
have are sufficient.


More information about the maemo-developers mailing list