Fedora: RFC: X.Org X11 modularization project - rpm package driver naming
Fedora: RFC: X.Org X11 modularization project - rpm package driver naming
Posted Aug 29, 2005 19:52 UTC (Mon) by maney (subscriber, #12630)In reply to: Fedora: RFC: X.Org X11 modularization project - rpm package driver naming by elanthis
Parent article: Fedora: RFC: X.Org X11 modularization project - rpm package driver naming
Or, as the article says (and even the excerpt mentions this, albeit specifically about drivers), it allows a finer grained update when required to fix serious bugs or security issues. Now a buffer overflow in one program needn't cause everyone to fetch 50MB of mostly-unchanged binaries - that's worth quite a bit, actually.
Posted Aug 29, 2005 21:16 UTC (Mon)
by tzafrir (subscriber, #11501)
[Link] (1 responses)
Compare that to libc6 and to coreutils (that were actually merged from three packages to 1 a couple of years ago). Each of the two is larger.
Posted Sep 1, 2005 14:44 UTC (Thu)
by evgeny (subscriber, #774)
[Link]
Posted Aug 30, 2005 7:59 UTC (Tue)
by niner (subscriber, #26151)
[Link]
In case of Fedora the package system would be rpm. And as I see on my SuSE system, rpm can handle patch rpms and binary deltas, so even after a complete reinstall of SuSE 9.3 (which is soon half a year old) I still do not have to download more than 10MB of security updates, including kernel and kernel source.
This is the way and not uselessly modularizing every big package and thus slowing the system down with huge package databases.
On Debian Sarge the size of the deb xbase-clients is 2MB, and the instlled package size is 5MB . Fedora: RFC: X.Org X11 modularization project - rpm package driver naming
You missed the dependencies issue. E.g., out of the entire xbase-clients package I need only xauth for the ssh X forwarding. But some other executables from this package are linked against Mesa, so I have to install it too (another 11 MB). Instead of mere 32kb of a single exec, I end up with 16MB and a few dozens of absolutely unused files - which need to be periodically updated, backed up, checked for intrusion violations, etc. So modularization is a good thing. Of course, a dummy meta package can be defined (under the old name) that depends on all the individual components to make life easy for inexperienced users.Fedora: RFC: X.Org X11 modularization project - rpm package driver naming
If you have to download a whole 50MB package to fix a security issue in just one 20kb binary, then your package system is flawed and should be fixed, and not the packages ajusted to this broken system.Fedora: RFC: X.Org X11 modularization project - rpm package driver naming