This should not be news, but I feel like saying it anyway in light of some recent events in the Linux distribution ecology:
Hot take: packaging open source software is actual work (and is sometimes what we demurely call 'non-trivial' in this field). I say this as a sysadmin who has sometimes had to deal with the results of not packaging software and then not keeping up with the state of the software we didn't package but installed anyway.
(Sure, sometimes you get lucky and the packaging instructions are easy to write (Debian rules, RPM specfiles, whatever Arch uses, etc). And sometimes they aren't.)
Part of the work of packaging software is in identifying and collecting all of its dependencies, in the right version, and making sure that the versions are all coherent with the rest of the system. Some of it is in testing the resulting whole system. A certain amount of it is in making a particular piece of software conform to the standards you've set up for a particular environment or distribution; for example, Debian has a specific scheme for how Apache is configured, and the general idea is used by Debian for a bunch of other software. Sometimes you fix bugs or pull in as yet unreleased changes.
(Debian also writes a bunch of manpages.)
But a significant amount of packaging software is in turning a 'make install' into something that is both confined and reversible. so that people can reliably uninstall the package again. Reliable and easy uninstalls is one of the big features of a good package system. Sometimes this is simple, because the software only installs a few files in a few places and you can easily list them all in the packaging instructions. Sometimes this is a lot of work because the software normally wants all sorts of things from the system, like new accounts and changes to other software and so on.
(Various forms of containers all more or less punt on this, right up to the extreme version of shipping a little Unix user space system image. I take this as an illustration of how hard it can be to do this; shipping an entire mini-Unix that's had your 'make install' executed in it is certainly one brute force way out.)
PS: A related issue is that distribution packaging needs to consider how the upstream handles things. This is a subset of how packing isn't a one time blind thing; to do it well, you need to know a certain amount about the upstream and then to keep track of it (per my 'keeping up with the state of the software' above). That's work too, and work that necessarily stretches into the future.
from Hacker News https://ift.tt/6dAqNCU
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.