LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

LWN Weekly Edition

Front page
Security
Kernel development
Distributions
Development
Announcements
->One big page

 

This page

Previous week
Following week

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Distributions

SCALE: Projects and distribution unfriendliness

March 2, 2011

This article was contributed by Don Marti

Fedora engineering manager Tom "spot" Callaway, who actively maintains a Fedora-compatible package repository for the Chromium web browser, said Friday he has "given up" on getting the browser — which does work well on Fedora — into the distribution proper. In November 2009, he explained why Chromium is not an official Fedora package on his blog, and those issues remain. In a talk at the Southern California Linux Expo (SCALE) entitled, "This is why you FAIL," Callaway, who maintains more than 350 packages in Fedora, listed some of what he sees as "points of FAIL," or distribution-unfriendly software development practices, using Chromium as an example for many of them.

"Having your software be distribution-friendly is a key to success," he said. In the Fedora Activity Day event earlier at SCALE, users brought in systems in a variety of "states of disrepair", he said, which were caused by attempting to install third-party software. Distribution-friendliness also reflects on other channels, he said. The same "points of FAIL" that affect distribution maintainers are also problems for intermediaries who are putting the software on embedded devices or running it as a hosted service.

In the talk, which summarized his chapter, "How to tell if a FLOSS project is doomed to FAIL" from the book The Open Source Way, Callaway discussed the bundled dependency problem. It's worth FAIL points to include a private copy of a library on which a program depends, and extra FAIL points for building a modified version. A key problem, Callaway said, is that when a distribution does a security update for a library, it also has to do updates for any packages that include their own copies. (Fedora has a No Bundled Libraries policy, and Fedora package maintainers do modify the build process for software that the distribution packages, in order to make it build with a system copy of the library.) "Chromium is perhaps the worst offender I have ever seen in my entire career," Callaway said.

Chromium developer Evan Martin, who was not at the event but had posted a list of third-party code distributed with Chromium on his blog, replied to that in email:

Briefly, it's a lot of extra work to support system libraries. With a few more years of experience on it, I now see the pain of finding cases where there's been a bug or missing API in a system library or software, we've fixed the bug (and even contributed it upstream), but because distros are so slow to push out updates our users will be stuck with the old version. Like in his example in his [Callaway's] post with sqlite, the fact is that the additional sqlite API can take months to cycle out to real users' computers, which doesn't help us much.

Callaway did recognize that some versions of system libraries might not work. The build process should make the system copy the default, though. If the build configuration comes up with "I found this library and I can't use it because it has rabies or something," then it could build an alternate copy. Martin said that the Chromium team is willing to accept outside contributions to facilitate this:

We have some contributors from the open source world who write patches for things like this, so if they write a good patch we'll accept it. With some libraries we've had to switch between system and non-system as the Chrome versions of the libraries skew.

Chromium requires a copyright assignment agreement for code changes, which Callaway said he has not accepted. "After review with a lawyer, they advised me that agreeing to that would give Google a license to use my contributions under any copyright license terms that they'd like, including non-free terms," he said later. "I'd be more than willing to give them my changes under the terms of a Free license, but Google wants to continue to distribute a proprietary version of their browser (Google Chrome), and I have no interest whatsoever in helping them with that effort," he added.

Much of the advice in Callaway's talk applied not to large-scale projects like Chromium, but to new, lower-profile projects. He reserved some of the FAIL warnings for projects that don't offer basic documentation, such as how to do a build and how to begin interacting with the source control system. "Lots of programmers coming through school have never seen a source control system," he said. A project web site should include instructions for how to check out the code and how the project wants to receive incoming code changes. It also counts for substantial FAIL if "all your web site has is a picture of a marijuana leaf," as he said one small-scale open source project does.

The build and install process is another key area. "If your code forces an install into /opt or /usr/local you're probably running Oracle and I'm very very sorry," he said. Running "make install" should just work. "Make the decision that you're going to have an installable program that works outside the source directory."

Some software comes in a problematic archive format; RAR archives are a problem, he said, because the format is proprietary. A developer once asked Callaway about making Fedora packages for his new archiving tool, which came in an archive created by the same tool. "He didn't see why this was a problem and I couldn't tell him because I was crying," Callaway said.

A history of having been proprietary is worth more fail the longer it was proprietary before the initial open source release. "Red Hat has bought some real shiny turds," he said, giving Netscape's email server as an example. "We buried it in the backyard," he said.

The good news is that many of the points of FAIL are relatively easy to correct. Including a copy of the software license and setting up a mailing list are minor tasks. The bundled dependency problem, on the other hand, has turned out to require lots of skilled attention from both the project maintainers and distributions, so that one is still with us.

Both library-bundlers and library-splitters have their points. Bundling creates more long-term issues for administrators, but library-splitting takes up valuable development time, especially for cross-platform projects that need to bundle the libraries for target platforms that don't practice library splitting. But bundled libraries are a problem for many Linux distributions and one that we will likely be facing for some time to come.

Comments (7 posted)

Brief items

Fedora 13 ARM Beta Release

Paul Whalen has announced the availability of Fedora 13 ARM Beta. "There are still a number of packages that haven't been built for ARM due to build failures or missing dependencies. Because we're a little behind the primary architectures we have the ability to look at later releases to see if these failures have been fixed - thankfully a large number include support for ARM. Because of this we expect that with Fedora 14 and 15 we will be closer in line with the primary architectures." The release notes are here.

Comments (none posted)

FreeBSD 8.2-RELEASE Available

The FreeBSD Release Engineering Team has announced the availability of FreeBSD 8.2-RELEASE. This update includes improved Xen support, ZFS v15, BIND and OpenSSL updates, and much more. See the release notes for more information.

Full Story (comments: none)

Mandriva 2011 Alpha2

The second alpha of Mandriva 2011 is available for testing. "Among the most noticeable features are the simplification of the initial setup steps, both when running the image in Live mode, or before the installation, update to kernel 2.6.37.2, integration of the latest networkmanager-mdv plugin by Andrey Borzenkov, switch from scim to ibus for input framework, more indepth systemd integration into the system, and, of course, lots of packages updates all around."

Comments (none posted)

MeeGo 1.1 update 3 and MeeGo 1.0 update 7

There are two updates for MeeGo; MeeGo v1.1.3 for Core, Netbook and In-Vehicle, MeeGo v1.0.7 for Core and Netbook. These releases will "enhance the stability, compatibility, and security of your devices".

Full Story (comments: none)

OpenEmbedded Release-2011.03

OpenEmbedded 2011.03 has been released. From the release notes: "This release is currently in development. This will be tested for several combinations as listed below in the table. This does not cover all the possible combinations The list provides the information about what different DISTRO, MACHINE, IMAGE combinations were tested, along with what version of bitbake and what host distribution."

Full Story (comments: none)

openSUSE 11.4 RC2

The second release candidate for openSUSE 11.4 is available. "The recent Bug Squashing day saw 132 bugs updated so few serious issues remain. Improvements in the 'backend' work includes some tweaks to Wifi supplicant and drivers, and a host of small fixes across the distribution which enhance stability and performance. The addition of MediaCurl backend with zsync support to libzypp iut is already being noticed."

Full Story (comments: none)

PC-BSD 8.2 Released

The PC-BSD Team has announced the release of PC-BSD 8.2 (Hubble Edition), running FreeBSD 8.2-RELEASE, and KDE 4.5.5. There are a number of enhancements and improvements in this release. See the changelog for details.

Comments (none posted)

Distribution News

Debian GNU/Linux

Bits from ARM and Embedded Sprint

The Debian Project held a productive ARM and Embedded Sprint. "The sprint worked really well, with lots of input from a good range of people, with cross-pollination between people's interests, and plenty of concrete outputs in the form of useful patches and repositories. The balance between hacking an discussion worked well. ARM's facilities worked really well." Topics in the report (click below) include ARM ports, Multiarch, Bootstrapping a.k.a. Cyclic dependencies issues, FreedomBox, Flash-kernel, and Cross toolchain support.

Full Story (comments: none)

Red Hat Enterprise Linux

Red Hat Lifecycle Support for Red Hat Enterprise Linux 4

Red Hat has sent out a 1-year end-of-life notification for Red Hat Enterprise Linux 4. The company has also announced the availability of Extended Lifecycle Support (ELS) for Red Hat Enterprise Linux 4. "ELS, an optional Add-On for Red Hat Enterprise Linux, extends an existing Red Hat Enterprise Linux subscription for an additional three years over its standard seven year life-cycle. As a result, subscription customers have a choice of purchasing ELS to extend their use of Red Hat Enterprise Linux 4, or to upgrade to a more recent Red Hat Enterprise Linux 5 or 6 version."

Comments (none posted)

Newsletters and articles of interest

Distribution newsletters

Comments (none posted)

Linux Mint 11 "Katya" to use GNOME 3 (The H)

The H reports that Linux Mint 11 will feature GNOME 3, but without Unity or GNOME Shell. "[Clement] Lefebvre notes that Linux Mint users can optionally add Unity or the GNOME Shell themselves but it will not be included by default in Linux Mint 11, adding that "by default the desktop will look similar to the one we're using at the moment"."

Comments (none posted)

Shuttleworth: Mistakes made, lessons learned, a principle clarified and upheld

On his blog, Mark Shuttleworth has responded to the recent Banshee controversy to explain Canonical's position. "We know that we need a healthy and vibrant ecosystem of application developers. We think services should work for them too, and we're committed to sharing revenue with them. We want to be entirely aligned in our interests: better code means a better result for both of us, better revenue means more resources to do what we love even better. Our interests, and upstream interests, should be perfectly aligned in this. So we have consistently had the view that revenue we can attribute to a particular upstream should create a revenue share for that upstream. We support Mozilla in this way, for example. The numbers are not vast, but nor are they insubstantial, and while we are not obliged to do so, we do so happily." The comment thread on the post is interesting as well, including a lengthy explanation from Shuttleworth on his views regarding the perception of divergent interests between Canonical and the Ubuntu community.

Comments (78 posted)

Page editor: Rebecca Sobol
Next page: Development>>

Copyright © 2011, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds