-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 BTW.. hi James ;)
James Ogley wrote: >> Indeed. There are mostly packman, my site, the suse-people repository, James >> Ogley's >> usr-local-bin.org and a few packages from various packagers (see >> ftp.gwdg.de, the suser-* stuff). > > Wouldn't it be neat if some of these (the main, trusted ones really) > were available to select as install sources in YaST after the main > install, so that they could then be available for installing more > packages, or indeed for updates. The biggest problem people have with > third-party packages at the moment is finding out about them. Hmm... yes and no. On one hand, obviously, not everyone knows about those repositories. Installing them is rather straightforward (when using YaST2), and at least they're advertised on the openSUSE wiki now: http://opensuse.org/index.php/Download ==> http://opensuse.org/index.php/YaST_package_repository At least for the RPM collections hosted at gwdg.de (that includes James', Packman, mine, scorot, oc2pus, suse-people, and quite a few others), we also have apt metadata. Apt is certainly not targetted at beginners but just got easier to use with SUSE 10: it's included into the base distribution (and media), albeit unsupported. Talking about "unsupported", that's where I have my gripe with including "trusted" repositories into YaST's configuration. YaST would need a few refinements for that: 1) downloading a list of repositories from a central location (e.g. download.opensuse.org) to keep up-to-date with new repositories or changes within these, to be able to "refresh" the list of 3rd party repositories, like YOU is doing now for mirrors 2) have a description field for YaST2 repositories, where we could give information about what to expect in a repository (e.g. multimedia (with a warning about possible infringements depending on the country you live in), experimental gnome packages, etc etc) 3) manage RPM keys in a secure manner, because YaST currently doesn't check package signatures 4) have a "level of trust" or a stable/unstable/experimental label on the repositories, just to let the users know whether they're taking a risk or not ;) With those features, yes, it would be a great benefit for many users if they could just add the 3rd party repositories from YaST. After installation, YaST would be preconfigured with the current sources and you would have an option to add supplemental repositories, but instead of having to find out the information on the internet, it would be fetched/refreshed from a central location and shown as a list where the user could just select which repos to add. And maybe another thing to spend a few brain cells on: a "central" mailing-list at opensuse.org for the maintainers of those RPM repositories. We certainly all have few time for that and already subscribed to a dozen other mailing-lists, but I think it could be kept rather low-traffic if it's a closed mailing-list. That could be used to coordinate package maintainance across those 3rd party repositories, to avoid having duplicates that could break one another's packages, make peer reviews of spec files, etc.. Maybe this should be discussed on opensuse instead of opensuse-optimize. Feedback welcome. cheers - -- -o) Pascal Bleser http://linux01.gwdg.de/~pbleser/ /\\ <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> _\_v The more things change, the more they stay insane. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) iD8DBQFDF/7ar3NMWliFcXcRAjl2AKCtADF1PTvR33bbbAE5ARG2nEQlEgCfaVIg LveuseacK8BPmpzOwt4AXaE= =wST6 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
