[maemo-developers] MeeGo
From: Kimmo Jukarainen kimju-maemo-dev at inside.orgDate: Wed Feb 17 13:51:52 EET 2010
- Previous message: MeeGo
- Next message: MeeGo
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
>>> Harmattan is going to stay DEB based, despite being the first MeeGo >>> implementation on Nokia devices. This is IMHO good news. >>> Now we only need to convince them to stick to it even after Harmattan... >> I would _love_ to see that happen. > then contribute here: > http://wiki.maemo.org/DebForMeeGo Well, I don't have any hope for that MeeGo would switch to .deb. It has been said on several times on the moblin-dev list (even today) that the reasons to choose rpm were technical, but I haven't seen even one technical reason published. So for now I'll believe that it was mostly political decision and as such can not be changed anymore. Anyway, I'll document here my pet peeve about rpm-format. And after that suggest how to limit the damage that this might (will) cause. If you don't like details, just skip to the last chapter at the end of this mail. :) First, lets choose a package that exists in both Moblin and Maemo and that uses few libraries. I'll pick evince, just because I have used it and know what it does. user at host:~/tmp$ wget http://repo.moblin.org/moblin/releases/2.1/ia32/os/i586/evince-2.26.1-4.12.moblin2.i586.rpm --2010-02-16 12:16:28-- http://repo.moblin.org/moblin/releases/2.1/ia32/os/i586/evince-2.26.1-4.12.moblin2.i586.rpm Resolving repo.moblin.org... 74.86.162.225 Connecting to repo.moblin.org|74.86.162.225|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 1462309 (1,4M) [application/x-redhat-package-manager] Saving to: `evince-2.26.1-4.12.moblin2.i586.rpm' 2010-02-16 12:16:30 (943 KB/s) - `evince-2.26.1-4.12.moblin2.i586.rpm' saved [1462309/1462309] user at host:~/tmp$ wget http://repository.maemo.org/extras/pool/diablo/free/e/evince/evince_2.21.1-1.maemo8_armel.deb --2010-02-16 12:16:32-- http://repository.maemo.org/extras/pool/diablo/free/e/evince/evince_2.21.1-1.maemo8_armel.deb Resolving repository.maemo.org... 217.212.252.193, 217.212.252.161 Connecting to repository.maemo.org|217.212.252.193|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 559882 (547K) [application/x-debian-package] Saving to: `evince_2.21.1-1.maemo8_armel.deb' 2010-02-16 12:16:32 (9,38 MB/s) - `evince_2.21.1-1.maemo8_armel.deb' saved [559882/559882] Then, lets see what dependencies does the rpm package from Moblin has: user at host:~/tmp$ rpm -qpR evince-2.26.1-4.12.moblin2.i586.rpm rpm: To install rpm packages on Debian systems, use alien. See README.Debian. error: cannot open Packages index using db3 - No such file or directory (2) error: cannot open Packages database in /var/lib/rpm warning: evince-2.26.1-4.12.moblin2.i586.rpm: Header V3 DSA signature: NOKEY, key ID 79fc1f8a /bin/sh /bin/sh /bin/sh /bin/sh GConf2 GConf2 GConf2 GConf2 libICE.so.6 libSM.so.6 libX11.so.6 libatk-1.0.so.0 libc.so.6 libc.so.6(GLIBC_2.0) libc.so.6(GLIBC_2.1) libc.so.6(GLIBC_2.1.3) libc.so.6(GLIBC_2.2) libc.so.6(GLIBC_2.3.4) libc.so.6(GLIBC_2.4) libcairo.so.2 libdbus-glib-1.so.2 libevdocument.so.1 libevview.so.1 libfontconfig.so.1 libfreetype.so.6 libgcc_s.so.1 libgconf-2.so.4 libgdk-x11-2.0.so.0 libgdk_pixbuf-2.0.so.0 libgio-2.0.so.0 libglib-2.0.so.0 libgmodule-2.0.so.0 libgnome-keyring.so.0 libgobject-2.0.so.0 libgthread-2.0.so.0 libgtk-x11-2.0.so.0 libm.so.6 libm.so.6(GLIBC_2.0) libnautilus-extension.so.1 libpango-1.0.so.0 libpangocairo-1.0.so.0 libpangoft2-1.0.so.0 libpoppler-glib.so.4 libpthread.so.0 libpthread.so.0(GLIBC_2.0) librt.so.1 libspectre.so.1 libstdc++.so.6 libstdc++.so.6(CXXABI_1.3) libtiff.so.3 libxml2.so.2 libz.so.1 rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1 scrollkeeper scrollkeeper Quite a list. And it seems to include three types of dependencies: 1. File name based. Such as /bin/sh, libgtk-x11-2.0.so.0 and libnautilus-extension.so.1 2. Package name based. Such as GConf2 and scrollkeeper 3. Third one seems to be feature based. For example rpmlib(CompressedFileNames) <= 3.0.4-1 Of these, the last two are ok, I can easily see what additional packages I need to get and install to satisfy these. But the first one. What package provides libnautilus-extension.so.1? Or libevview.so.1? And even if I find out what package has these specific files, is there any version dependencies? Now, lets see what the Maemo version depends on. user at host:~/tmp$ dpkg-deb -f evince_2.21.1-1.maemo8_armel.deb depends | sed 's/,\ /\n/g' libatk1.0-0 (>= 1.12.2) libc6 (>= 2.5.0-1) libcairo2 (>= 1.4.10) libdbus-1-3 (>= 0.94) libdbus-glib-1-2 (>= 0.74) libdjvulibre15 (>= 3.5.20) libgconf2-6 (>= 2.13.5) libglade2-0 (>= 1:2.3.6) libglib2.0-0 (>= 2.12.12-1osso10) libgtk2.0-0 (>= 2:2.10.12-0osso15) libhildon1 (>= 1.0.11) libhildonfm2 (>= 1:2.0.5) libjpeg62 libkpathsea3 (>= 2.0.2-1) libosso-gnomevfs2-0 libosso1 (>= 2.16) libpango1.0-0 (>= 1.16.4) libpoppler-glib2 (>= 0.6) libtiff4 libx11-6 libxml2 (>= 2.6.27) zlib1g (>= 1:1.2.1) gconf2 (>= 2.10.1-2) unrar unzip Quite a list here too. But, all the dependencies are based on package names, not random file names. It's easy to see what is needed. I know that rpm allows you to specify the package names as dependencies. It can even be seen on the Moblin package above. But, as this requires some (quite minimal) effort from the packager to do so, most packagers seem to be lazy and use only the automatic dependencies generated from the file names of the used libraries. With deb packages this problem can not occur. As the package maintainer should already know which other packages his package depends on, not just what files it uses, I strongly prefer that the maintainer spends the few seconds needed to specify the correct package dependencies. This will save a tremendous amounts of every users' time when they are trying to install the package. This is just a small detail, but it is still reason enough for me to avoid rpm-based distributions when ever I can. Some of the other reasons are that I just prefer the Debian style tools and utilities, for example apt/aptitude over yum, dpkg-buildpackage over rpmbuild and debmirror over blindly mirroring the whole repository. Also, the autobuilders and tools to manage a private repository. Etc. So, to avoid this problem, I hope that MeeGo repositories will add a check to reject any .rpm that contains even one dependency based on file name and only allow the package based dependencies to be used. This would at least limit the damage done. -kimju
- Previous message: MeeGo
- Next message: MeeGo
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]