sorry,
but I can't seem to find anywhere a weblist of who is creating / maintaining / working / updating pups and other associated pup files.
Is there one anywhere?
i'm about to start on a ssl parallel webserver conversion to puppy format as a trial and need to discuss a couple of earlier pup conversions with their creators to see what problems were found and workarounds added.
It would save me reinventing the wheel and creating problem solutions again.
the main two packages I first need to know about is
1- if anyone is working on an apache2 pup otherwise I need to start from there. I would also like to talk to the creator of the apache1 pup if they have time.
and
2- if anyone is working on pup for a rolling checksum program that can sit in the background constantly checking against a ro list-file and reloading any found out of spec.
regards
scsijon
creators / maintainers / updaters of Pup packages?
-
jonyo
Hi 
Here's some info,
http://www.murga-linux.com/puppy/viewtopic.php?t=19374
not aware of anyone workin on this part:
"2- if anyone is working on pup for a rolling checksum program that can sit in the background constantly checking against a ro list-file and reloading any found out of spec".
Here's some info,
http://www.murga-linux.com/puppy/viewtopic.php?t=19374
not aware of anyone workin on this part:
"2- if anyone is working on pup for a rolling checksum program that can sit in the background constantly checking against a ro list-file and reloading any found out of spec".
-
jonyo
Couldn't find the info either but stumbled on what (I think) you're looking for.
http://www.puppylinux.com/development/p ... gement.htm
"DotPup is a simple package installation system developed by GuestToo and is described at" www.puppylinux.org/wikka/DotPups
Good stuff here http://www.murga-linux.com/puppy/viewtopic.php?t=10960
http://www.murga-linux.com/puppy/index.php?f=11
http://www.puppylinux.com/development/p ... gement.htm
"DotPup is a simple package installation system developed by GuestToo and is described at" www.puppylinux.org/wikka/DotPups
Good stuff here http://www.murga-linux.com/puppy/viewtopic.php?t=10960
http://www.murga-linux.com/puppy/index.php?f=11
It is interesting that none of the
At present Barry takes overall responsibility for the PETs in unleashed (PETget) but beyond that there is no QA.
The dotpup system is very powerful and very useful for helping newbies, it is also very dangerous. It encourages users to run unchecked binaries and is just waiting to be exploited. As the puppy userbase grows this mechanism could become an attactive target for creating a zombie net or whatever. I'm not saying there are no checks as most dotpups and PETs are eventually installed by someone that would notice malicious software. This might happen to late.
At the moment anyone can post a dotpup on the forum. Recent converts may not be aware that there is no QA on these. There are some peoples offerings that I install without hesitation but definately others that I always unpack the PET or dotpup and examine its contents first to decide how risky it is to install.
The biggest unofficial software repository is probably the aggregation provided by MU's PSI. This a valuable, comprehensive resource, yet much of it has not been through any acceptance procedure. Much of the software is in binary form only, that which does include source contains no waranty that the binary is compiled from the source provided.
It is boring and not boundary pushing stuff but I think that the distro needs to establish levels of trust and warranties for software which it distributes. This involves a database of software, holding reputations for those publishing, distribution, checking and maintaining software.
If PETget is official/accepted then most of us are running software in unofficial/testing all the time, this is not a state to be in for conquering the world (if that is what one wants to do).
I suppose an alternative is more heavy use of somebody elses trust system and to promote existing repositories of debs, rpms and (Slackware) tgzs. I believe there are puppy tools for utilising all of these though have never done so myself.
(Oh dear my rants are getting longer)
have replied to this. Some of the most prodigious pup/pet producers would end up with a hell of a lot of packages to maintain, though they do so at present informally anyway.creators / maintainers / updaters of Pup packages?
At present Barry takes overall responsibility for the PETs in unleashed (PETget) but beyond that there is no QA.
The dotpup system is very powerful and very useful for helping newbies, it is also very dangerous. It encourages users to run unchecked binaries and is just waiting to be exploited. As the puppy userbase grows this mechanism could become an attactive target for creating a zombie net or whatever. I'm not saying there are no checks as most dotpups and PETs are eventually installed by someone that would notice malicious software. This might happen to late.
At the moment anyone can post a dotpup on the forum. Recent converts may not be aware that there is no QA on these. There are some peoples offerings that I install without hesitation but definately others that I always unpack the PET or dotpup and examine its contents first to decide how risky it is to install.
The biggest unofficial software repository is probably the aggregation provided by MU's PSI. This a valuable, comprehensive resource, yet much of it has not been through any acceptance procedure. Much of the software is in binary form only, that which does include source contains no waranty that the binary is compiled from the source provided.
It is boring and not boundary pushing stuff but I think that the distro needs to establish levels of trust and warranties for software which it distributes. This involves a database of software, holding reputations for those publishing, distribution, checking and maintaining software.
If PETget is official/accepted then most of us are running software in unofficial/testing all the time, this is not a state to be in for conquering the world (if that is what one wants to do).
I suppose an alternative is more heavy use of somebody elses trust system and to promote existing repositories of debs, rpms and (Slackware) tgzs. I believe there are puppy tools for utilising all of these though have never done so myself.
(Oh dear my rants are getting longer)
Will
contribute: [url=http://www.puppylinux.org]community website[/url], [url=http://tinyurl.com/6c3nm6]screenshots[/url], [url=http://tinyurl.com/6j2gbz]puplets[/url], [url=http://tinyurl.com/57gykn]wiki[/url], [url=http://tinyurl.com/5dgr83]rss[/url]
contribute: [url=http://www.puppylinux.org]community website[/url], [url=http://tinyurl.com/6c3nm6]screenshots[/url], [url=http://tinyurl.com/6j2gbz]puplets[/url], [url=http://tinyurl.com/57gykn]wiki[/url], [url=http://tinyurl.com/5dgr83]rss[/url]
official and tested versus unofficial
Yes, I've not been using Puppy for long (but am already hooked - I think its great), however, I think you are spot on about the need for Quality Assurance testing of apps if the Puppy community want their distribution to be more than a hobby system for enthusiasts.
Not having QA is great for encouraging the rapid generation and spread of applications, but that very description is pretty viral! Of course QA is very timeconsuming, restrictive and, even from an open source point of view, expensive. Furthermore, even if volunteers could be found to check all submitted apps thoroughly, the volunteers themselves would need to be sufficiently skilled and, even more important, trusted. The QA procedures would need to be well-defined and rigourous. I imagine that all QA systems require some kind of tight security hierarchy, well-defined procedures and no-shortcuts or holes. I can't help feeling however that that the inherently restrictive nature of QA would inevitably take some of the fun out of being involved in the Puppy Community. But what does Puppy want to be: a serious desktop contender that not only provides the security we would like but also the utility, or a hobby system where we playfully enjoy the benefits but accept the risks?
Linux kernel development, though open-source, has always involved a tight QA hierarchy; there is not a single thing that goes into the official kernel that isn't tested and vetted thoroughly. That's why we trust Linux so much; its not just because it is open-source (not everyone has time to read thousands of lines of code!)
Whilst happy to accept some "risk" I do feel that there should always be "official package distributions" and "unofficial ones", though of course the unofficial should be able to become official once they have successfully gone through the defined QA procedures (and there should be some clearly defined mechanisms in place that allow and encourage that to happen). But the "official packages" should always be thoroughly vetted and known as such.
What do you think?
Not having QA is great for encouraging the rapid generation and spread of applications, but that very description is pretty viral! Of course QA is very timeconsuming, restrictive and, even from an open source point of view, expensive. Furthermore, even if volunteers could be found to check all submitted apps thoroughly, the volunteers themselves would need to be sufficiently skilled and, even more important, trusted. The QA procedures would need to be well-defined and rigourous. I imagine that all QA systems require some kind of tight security hierarchy, well-defined procedures and no-shortcuts or holes. I can't help feeling however that that the inherently restrictive nature of QA would inevitably take some of the fun out of being involved in the Puppy Community. But what does Puppy want to be: a serious desktop contender that not only provides the security we would like but also the utility, or a hobby system where we playfully enjoy the benefits but accept the risks?
Linux kernel development, though open-source, has always involved a tight QA hierarchy; there is not a single thing that goes into the official kernel that isn't tested and vetted thoroughly. That's why we trust Linux so much; its not just because it is open-source (not everyone has time to read thousands of lines of code!)
Whilst happy to accept some "risk" I do feel that there should always be "official package distributions" and "unofficial ones", though of course the unofficial should be able to become official once they have successfully gone through the defined QA procedures (and there should be some clearly defined mechanisms in place that allow and encourage that to happen). But the "official packages" should always be thoroughly vetted and known as such.
What do you think?
Last edited by mcewanw on Fri 07 Sep 2007, 02:49, edited 1 time in total.
looks like 2.20 is going to be able to use much of what is in the slackware repositories
experimentation with gslapt in 2.20 alpha here:
http://www.murga-linux.com/puppy/viewtopic.php?t=21497
experimentation with gslapt in 2.20 alpha here:
http://www.murga-linux.com/puppy/viewtopic.php?t=21497
Will
contribute: [url=http://www.puppylinux.org]community website[/url], [url=http://tinyurl.com/6c3nm6]screenshots[/url], [url=http://tinyurl.com/6j2gbz]puplets[/url], [url=http://tinyurl.com/57gykn]wiki[/url], [url=http://tinyurl.com/5dgr83]rss[/url]
contribute: [url=http://www.puppylinux.org]community website[/url], [url=http://tinyurl.com/6c3nm6]screenshots[/url], [url=http://tinyurl.com/6j2gbz]puplets[/url], [url=http://tinyurl.com/57gykn]wiki[/url], [url=http://tinyurl.com/5dgr83]rss[/url]
Looking forwards to that
mmm, using something like gslapt sounds like a very positive move. The only obvious problem with using raw slackware packages, however, is that they are unlikely to be cutdown in any way, whereas a specially pruned puppy version may take up less memory and disk space.