On Mon, 25 Jun 2001, Federico Sevilla III wrote:
> On Mon, 25 Jun 2001 at 06:22, Edwin Casimero wrote:
> > I still say TAR files are the best. (for MySQL, Apache and PHP) Use
> > the source Luke! (I know, RPMers will get angry again)
I don't think its an issue of getting "angry". Nor am i singling out
anyone or knocking them personally for their choice of technology [read: i
don't want to get into another flamewar]. It's plainly an issue of
pointing out that _technioally_ tarballs are an inefficient way of
deploying any linux application on a distro.
Forgive the "anger" that is noticed ebcause is probably is just
"frustration" because the items i have explained about source rpms and how
(the lack of) package managment makes a linux distribution unmaintainable
seems to be missed by others. Maybe Jijo's explanation will have better
success.
>
> I'm not an "RPMer" (I use Debian, and I _LOVE_ apt/dpkg). I'm not angry.
> But I have some comments for this one.
>
> I don't know if source RPMs have changed that much since they were since
> "src.rpm" and not "spm" files, but AFAIK the only difference of a source
> RPM and a tarball is that the source RPM comes with a SPEC file that
> predefines how the RPMs are to be built.
This is what source RPMS are, plus plus. Exact-o-men-to ! \8)
RPMS also come with supplementary files like init scripts, standard config
files, supplementary docs, sometimes contrib packages that make the main
package more wholesome, and functional. In short, the SRPM add ons
'complete' the package.
> Because of the inclusion of the SPEC file (and possibly even some
> patches), I think source RPMs are better than plain tarballs. Why?
>
> First this allows you to create custom-built RPMs as customized as you
> could customize your tarball, and still be prevent messing up dependencies
> and everything else that one can benefit from using a package management
> system.
>
> Second this allows a user, particularly someone in the "learning stage"
> (and shouldn't we all be continuously be in that stage?) to discover how
> the package maintainer builds the distribution's copy of that program.
> There are nuances to every distribution, and if there's one way to learn
> this, it's through how the packages are built.
I could not have said it better myself.
> Debian sources come in three files. First is the original tarball. Second
> is a dsc file that comes with descriptive information on the package that
> will subsequently be built into the package for the package manager to be
> able to extract this information. Third is a diff file that basically
> creates a debian subdirectory with scripts that create the customized
> debian file and do various checks to make sure a package conforms to
> Debian's standard.
Curious. Does the debian package system maintain stuff like MD5
signatures for the files, as well as version and release information? In
what format is it stored? For instance, if a box has been hacked, can
youn dpkg with a switch that will allow you to check the md5 sigs of each
file in its database?
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
