Date: Wed, 7 Mar 2012 11:28:47 -0500 From: David Jackson <djackson452@gmail.com> To: freebsd-questions@freebsd.org Subject: Still having trouble with package upgrades Message-ID: <CAGy-%2Bi-faTgPPFya8TD8rjkHG0=4E8S6Pvy2XiawXMru6z=pRQ@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
I still have yet to find a resolution to the problems I have had with binary packages and upgrades on FreeBSD. Binary upgrading is broken with every tool I have tried. There is no real reason why FreeBSD should not provide a facility for users to be able to binary upgrade to the most recent version of all packages with a simple upgrade command. One faulty argument I heard was that it is often not a good idea to upgrade to new software release. The whole purpose of having a release cycle for programs is to provide stable, tested releases for the public to install that will will work properly, and improve upon and fix problems with older releases. This is why mainline release are differentiated from betas and the CVS downloads which are experimental. So you really do want the most recent release, especially for corrections to any security problem. Making upgrades more difficult actually makes the system more insecure by exposing people for a long time to security problems that were fixed in software but making it difficult for people to upgrade. As for the security issues of downloading binary packages. The fact is source packages are not safer than binary packages, more on that in a bit. I am astonished that people here would not realise the obvious, having safe binary installs is do-able from mirror sites, just have the package management software download MD5s from many mirror sites, compare them and test the downloaded package, is they are off, then the package will not be installed the user will be prompted to allow a notification of the problem to be sent to the FreeBSD administrators. The fact is, binary releases are no more dangerous than source releases, someone could just as easily insert bad code in a source code package on a mirror, you need automated MD5 checking anyway, for both binary or source upgrades. So the idea that source upgrades are safer is false, just dead wrong. As for compile options, the solution is simple, compile in all feature options and the most commonly used settings into the binary packages, for the standard i386 CPU. If people want customisations then they can build the software for themselves. A good software philosophy is to allow software to work out of the box with as little configuration as possible, but allow everything to be configured by the user if they want, by shipping software with reasonable defaults which can be overridden by the user. Make simple things easy and complicated things doable. In GUI, by default, complexity can be hidden from users, but if people want fine grain control, they should be free to use advanced screens of the GUI to get complex, fine grained control. In GUI design, more commonly used settings can be provided more upfront while advanced features for use by experts can be placed deeper in advanced or expert screens oft the GUI. Everything should be able to be configured or accomplished by both GUI and CLI and API. A good user friendly model for a useable OS is to allow for binary packages of the entire system to be upgraded with a single upgrade command. It should work out of the box without hassle. Keeping software up to date to recent releases is good practice, remember what I said about the purpose of software releases. make it easy. why dont the freebsd administrators just have a build machine that automatically compiles the software and makes them available as the ports are updated. The user should be able to keep their system up to date without doing any system wide all at once OS-release upgrades at all. There is no reason why kernel and userland programs have to be upgraded at the same time. Especially considering its a good design practice for kernel to provide backward compatability. Instead the system would be piecemeal updated over time, including the kernel, in a piecemeal fashion. The need for system wide OS distribution version numbers like FreeBSD 9.0 is becoming obsolete. Versions are still very valuable for the kernel, but for collections of the entire system software, it has become much less relevant. This was from an age when people would receive a Tape or CD in the mail and update everything all at once, now software can be upgraded in a piecemeal way over time with automatic updates. The CD-based upgrade and all at once system wide upgrades actually for reasons are inferior, in that it meant often months would go by before a software program was updated, delying the application of vital security fixes. Before the age of the internet and the hacker, that may have been acceptable. Its not anymore. With Firefox and Flash for instance, security fixes are made sometimes weekly, with an system wide at once upgrade model, it could be a very long time between upgrades of such software between releases of the OS software distribution CD. The idea of waiting on a FreeBSD kernel release to upgrade firefox is absurd, and the idea that firefox must be upgraded during a kernel upgrade is also absurd. The piecemeal model is much more convenient for users, providing more up to date packages and no OS release upgrade hassle. There really should be little reason for release upgrades anymore these days, when the different parts of the system can be upgraded independantly through a binary package management tool, including kernel and user programs. When a new kernel is released, there is no reason to reinstall all of the packages on the system at the same time. Since the kernel and userland packages have different development cycles, there is no reason why there has to be synchronization of the upgrading. Some here suggested PC-BSD, it was no better at all than FreeBSD, In fact in its documentation it demanded a complete system reinstall just to upgrade to a new kernel version. An OS that requires a user to reinstall everything just to upgrade the kernel is not user friendly. It creates more trouble and difficulty for users and ironically makes the system more user unfriendly, and makes these users suffer due to the design faults of the system, a user having to upgrade userland packages for a kernel upgrade is a symptom of serious design faults and deficiencies. These two parts should be able to be upgraded independently and a good system assures backwards compatability support so older packages can run on a newer kernel. For now I have totally given up on FreeBSD, all I had with FreeBSD were problems, big problems. The lack of smooth binary upgrades, and the poor virtual box support made it very difficult to use.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAGy-%2Bi-faTgPPFya8TD8rjkHG0=4E8S6Pvy2XiawXMru6z=pRQ>