Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Mon 28 Jul 2014, 12:44
All times are UTC - 4
 Forum index » Taking the Puppy out for a walk » Suggestions
The State of Package Management
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 11 of 15 [222 Posts]   Goto page: Previous 1, 2, 3, ..., 9, 10, 11, 12, 13, 14, 15 Next

Should Puppy's package format be changed?
Yes, without backwards compatibility.
28%
 28%  [ 11 ]
Yes, with backwards compatibility.
25%
 25%  [ 10 ]
No, but the PET format should be standardized/stricter.
20%
 20%  [ 8 ]
No, the PET format works fine.
25%
 25%  [ 10 ]
Total Votes : 39

Author Message
jpeps

Joined: 31 May 2008
Posts: 3220

PostPosted: Wed 22 Feb 2012, 13:34    Post subject:  

The bug may be too much woof-woof
Back to top
View user's profile Send private message 
sunburnt


Joined: 08 Jun 2005
Posts: 5010
Location: Arizona, U.S.A.

PostPosted: Wed 22 Feb 2012, 14:40    Post subject:  

disciple; It`s no theory that a Squash file is impervious to viruses.
Though where there`s a will there`s a way, I`m sure it could be done...
The Save file is loose files so it`s open to all the usual problems.
And Squash files are less likely to be corrupted from all the reasons that it
can happen as it`s read-only, and being one file as opposed to thousands.
Both frugal and full installs can rot, but by it`s nature frugal`s more secure.

Last edited by sunburnt on Thu 23 Feb 2012, 19:26; edited 1 time in total
Back to top
View user's profile Send private message 
jpeps

Joined: 31 May 2008
Posts: 3220

PostPosted: Thu 23 Feb 2012, 00:33    Post subject:  

Here's a detailed explanation by pemasu on the builtins. Another example of all the thought that has gone into the present product.

http://murga-linux.com/puppy/viewtopic.php?t=71755&start=660
Back to top
View user's profile Send private message 
disciple

Joined: 20 May 2006
Posts: 6426
Location: Auckland, New Zealand

PostPosted: Thu 23 Feb 2012, 06:17    Post subject:  

Quote:
disciple; It`s no theory that a Squash file is impervious to viruses.

Question
The real question is not whether a squash file is impervious to viruses, but rather whether using squash files makes the system more secure.
It doesn't. Because of the magic of unionfs if Puppy somehow managed to catch a virus, regardless of whether you have a full or a frugal install it would affect you the same and be equally likely to happen.

_________________
DEATH TO SPREADSHEETS
- - -
Classic Puppy quotes
- - -
Beware the demented serfers!
Back to top
View user's profile Send private message 
Karl Godt


Joined: 20 Jun 2010
Posts: 3956
Location: Kiel,Germany

PostPosted: Thu 23 Feb 2012, 15:27    Post subject:  

if you are able to create a binary that works as a daemon with a weird name like /usr/bin/fds6rtg , make a pet with a pinstall script , that sed's some lines into a file in /etc/init.d to start it at bootup ...

I really think that Puppy gets too fast updated to make people run Puppy longer than two month .

There is too much MS updated my [anti-]virus psychology warfare , that it hurts to read such thoughts . Razz
Back to top
View user's profile Send private message Visit poster's website 
jpeps

Joined: 31 May 2008
Posts: 3220

PostPosted: Thu 23 Feb 2012, 20:46    Post subject:  

I think this script accurately gets all the builtin pet specs from woof:

Code:

#!/bin/sh

## Searchs woof-installed-packages for pet.specs
## Useage:   builtin-specs [ package ]


cd /root/.packages

var=`cat DISTRO_PKGS_SPECS | grep "|${1}|"`

list=`echo "$var" | cut -d\| -f3`
[ ! "$list" ] && list=`echo "$var" | cut -d\| -f2`

list=${list//,/ }


echo      "${1}:"
echo      " ________________"

for i in  $list; do

var=`cat woof-installed-packages |egrep  ".*\|${i}*\|.*\|.*\|.*\|.*\|.*\|.*\|.*\|.*\|.*"`
[ "$var" == "$var2" ] && var=""
 [ "$var" ] && echo "$var"
var2="$var"
 echo
done

builtin-specs.png
 Description   
 Filesize   19.19 KB
 Viewed   513 Time(s)

builtin-specs.png


Last edited by jpeps on Thu 23 Feb 2012, 22:36; edited 1 time in total
Back to top
View user's profile Send private message 
jpeps

Joined: 31 May 2008
Posts: 3220

PostPosted: Thu 23 Feb 2012, 22:03    Post subject: Re: The State of Package Management  

2byte wrote:

Insn't that odd, they are listed twice and the duplicates are identical....

From the 'pkgname' field in the above pet specs, duplicates ignored
perl_5.10.1
perl-base_5.10.1
perl-modules_5.10.1



I'm wondering if this isn't an artifact of the search, since I couldn't replicate (I'm testing in exprimo). The pet-specs themselves contain long file names that get repeated within the same spec...so it can be deceptive; especially the perl files. (I accounted for that in my posted script)
Back to top
View user's profile Send private message 
crankypuss

Joined: 10 Feb 2012
Posts: 5

PostPosted: Fri 24 Feb 2012, 06:07    Post subject:  

Lobster wrote:
We could use .debs which are compressed if the PARM project becomes a Upup (similar to Lucid) or Dpup compile . . .
http://en.wikipedia.org/wiki/Deb_%28file_format%29

Are there advantages to having our own Puppy debs (optimised and junk removal offered)? Maybe so . . .

I believe Android, Apple and Ubuntu have got package manage right
scroll through packages. Install or uninstall.


Okay, I am new here, but if you think Ubuntu has got package management right you are way mistaken imo.

Ubuntu 11.10 starts out by installing everything on the planet or close to it, we are talking *lots* of files that are just sitting there. And something, I've been told it's "metapackages", is causing additional ruckus.

For example there was a recent security update to "Vorbis". It's audio compression stuff which I don't use, so I figured just to remove it. That seems to be the only way to clean up a Ubuntu install, remove things you don't need as they are updated. Anyway to remove this Vorbis thing, it would also be necessary to remove half the system's guts, things like gnome-commander and various indicators that have nothing at all to do with audio compression.

I'd say that if you want to have great package management on Puppy then what you are going to have to do is take a fresh look at the whole concept. Build a very smart package manager with some new package format that actually works, which will also handle deb and rpm packages so far as they can be handled.

I also think that Puppy might be leaning too far in the direction of compression. The first step to having a small clean system is not compression, the first step is eliminating things that are unnecessary, *then* looking at compression.

But I am seeing things from my own viewpoint. A little over two months ago I was stuck on Windows. I started into Linux with Ubuntu and for all its flaws it does work. I'm looking for a better base though, something I can take in what might be another direction, something modular that starts small with just basic functions that can then be added to.

Before you go off imitating Ubuntu make sure you're going to like what you have when you get done.
Back to top
View user's profile Send private message 
linuxbear

Joined: 18 Apr 2009
Posts: 621
Location: Las Vegas, Nevada, USA

PostPosted: Fri 24 Feb 2012, 16:25    Post subject:  

crankypuss wrote:


For example there was a recent security update to "Vorbis".



It's too bad that more audio players do not read .ogg (vorbis)
audio files because it is vastly superior to the antiquated mp3
format
Back to top
View user's profile Send private message 
Q5sys


Joined: 11 Dec 2008
Posts: 1047

PostPosted: Sat 25 Feb 2012, 11:43    Post subject:  

sunburnt wrote:
I agree with amigo in that loading apps. into ram is a waste of ram space.
The Squash file takes ~1/3 the apps. size, and running it uses more ram.
Same with a swap, uses ram, slows the O.S. down, and works the H.D.
But to do without a swap a PC needs at least 1GB of ram ( arguably more ).

I always thought the config. files in one save and app. installs in another.
Mixing everything together is a mess and prone to save file corruption.
But if there`s a Linux partition, why have a save file? Use save directories.


Nothing will ever remove the need for backups. The thing I like about save files is to backup my entire configured system I just have to make a copy of 1 file. If my current setup gets nuked... copy a backup and I'm back to work. Done in 1 simple step. I make a weekly backup of my savefiles and purge them after 3 months. So I have no worry if the save file gets corrupted. Mixing everything together can be a mess if you're a looney and dont properly back up things. But thats less a problem with the system design and more problem of user lunacy. Mixing everything together in a save file (as frugal does) can be a MASSIVE blessing if you do keep proper backups. Besides putting everything in one save file makes dealing with multiple installs more manageable.

As for the ram thing. Realize that running in Ram is one of those Puppy features that attracts people. It's the main reason I came to puppy in the first place. And the reason I stick with it. I want to run my entire OS from ram. Running from a disk is so 20th century. Wink The fact that puppy runs from RAM with such ease and uses savefiles is the reason I have not fully switched over to using Arch or Slackware exclusively.
Yes I understand that RAM is limited on some people systems. But herein lies the beauty of puppy. Its flexibility allows those with large amounts of RAM to run everything from there and have a blisteringly fast system. While those that do not, can go on their merry way the 'old fashioned tried and true way'.


crankypuss wrote:
Okay, I am new here, but if you think Ubuntu has got package management right you are way mistaken imo.


+1

crankypuss wrote:
Ubuntu 11.10 starts out by installing everything on the planet or close to it, we are talking *lots* of files that are just sitting there. And something, I've been told it's "metapackages", is causing additional ruckus.

For example there was a recent security update to "Vorbis". It's audio compression stuff which I don't use, so I figured just to remove it. That seems to be the only way to clean up a Ubuntu install, remove things you don't need as they are updated. Anyway to remove this Vorbis thing, it would also be necessary to remove half the system's guts, things like gnome-commander and various indicators that have nothing at all to do with audio compression.


Thats the problem with Ubuntu, it focuses so much on 'user simplicity' that the system suffers as a result. For a common user thats not too much of a problem, but for people that want things a certain way... its a headache.

crankypuss wrote:
I also think that Puppy might be leaning too far in the direction of compression. The first step to having a small clean system is not compression, the first step is eliminating things that are unnecessary, *then* looking at compression.


Amen Brother. Razz

crankypuss wrote:
Before you go off imitating Ubuntu make sure you're going to like what you have when you get done.


I dont hate Ubuntu, but there are so many Ubuntu fanboys out there in the linux community, so many seem to think that the 'Ubuntu way' is the best way.

crankypuss wrote:
But I am seeing things from my own viewpoint. A little over two months ago I was stuck on Windows. I started into Linux with Ubuntu and for all its flaws it does work. I'm looking for a better base though, something I can take in what might be another direction, something modular that starts small with just basic functions that can then be added to.


You might like the way Arch does package management. Granted its command line work intimidates some people, but its a very controllable system. You install what you want when you want. If there are optional dependencies that are not needed but you may want, it'll even let you know what they are. Then you make the decision on if you want to install them. It wont install them by default. It will install what you told it to install, and when its done, it'll then let you know there are other options if you care. It doesnt give you the option before so that you dont bloat your system by hammering the 'y' answer during an install.

If I understand what you're looking for out of Linux, Puppy may work out great for you. With its SFS system you can load optional packages when you need them, and have a solid slim core system thats flexible enough to go wherever you need it, as long as you have the willingness to tinker to get it the way you want it.

_________________



My PC is for sale
Back to top
View user's profile Send private message 
Moose On The Loose


Joined: 24 Feb 2011
Posts: 508

PostPosted: Sat 25 Feb 2012, 12:42    Post subject:  

jemimah wrote:
Moose On The Loose wrote:


This brings to mind a suggestion I made before. Perhaps if things are being worked on, it should be considered:

Make the layers like this:

*************************
Current work
*************************
root & my-documents & perhaps my-applications
*************************
All hardware related settings installed pets etc
*************************
Any loaded extending SFS files
*************************
The main SFS file
************************

This way, when someone changes machines or changes versions of puppy the documents he is working on etc can appear in the new machine or version without trouble. It would mean having two save files but other than that it would not be a major change to the way things are done except keeping track of the files from the pets. We know what directories have the
settings.

The order I show has the pets replacing the SFS files when there is a conflict. I think that this is the right order because the pets are usually done only after the first re-boot if you want to use some SFS.


AUFS really only writes to the top layer. Splitting the writable layers is not really feasible. What you can do is setup puppy how you like, then convert the contents of your save file to a pet, which you could install if you needed to start over for some reason. It's generally better to save documents and such in a location outside the save file.


Will AUFS allow you to have more than one layered file system? What I am thinking is making a mount point and mounting a second layered file system there. This way, we could get the effect of being able to write into lower layers. The "lower layer" really would be the top layer of the main file system. The "root" could be the mount point for the second system.
Back to top
View user's profile Send private message 
Q5sys


Joined: 11 Dec 2008
Posts: 1047

PostPosted: Sat 25 Feb 2012, 13:21    Post subject:  

sunburnt wrote:
disciple; It`s no theory that a Squash file is impervious to viruses.
Though where there`s a will there`s a way, I`m sure it could be done...
The Save file is loose files so it`s open to all the usual problems.
And Squash files are less likely to be corrupted from all the reasons that it
can happen as it`s read-only, and being one file as opposed to thousands.
Both frugal and full installs can rot, but by it`s nature frugal`s more secure.


Yes it would be possible to corrupt a squash file. But it would require quite a fair amount of work. Since squash files are compressed you just cant run a script that would alter certain bytes of the file to introduce arbitrary code. Because you'd have to write to an entire block of compressed data. Is that still possible, well yes it is, but thats alot more work. You'd have to directly alter the file contents without really accessing it via the OS. (hex editor comes to mind) However, If you're using a new SFS with XZ compression then you're a bit better off. That uses the LZMA compression algo, which would be alot harder to be able to overwrite a single block of data within the SFS.
But you've still got options.
You could decompress the SFS into temp memory, introduce your altered code and then recompress... but thats very bulky and the user would be bound to notice their CPU usage spike for a while.

So all of this said, yes its possible to corrupt a SFS and introduce arbitrary code, but its not really that simple. There are so many other simpler and more effective attack vectors that could be used to gain a foothold in a system. And the above two methods I just described would require so much code overhead to execute and run that they would be instantly noticed. Remember, most virii are small. Having to download a hex editor along with scripts to then do the dirty work, along with copies of the data you plan to replace/change. Yea it'd be way to bulky for something stealthy.

_________________



My PC is for sale
Back to top
View user's profile Send private message 
sunburnt


Joined: 08 Jun 2005
Posts: 5010
Location: Arizona, U.S.A.

PostPosted: Sat 25 Feb 2012, 14:53    Post subject:  

Q5sys; Yes, the long version of what I was saying. Well put...

disciple; The main bulk of files in Puppy are in the SFS file.
So most all of the files are more secure, mainly the critical exec.s and libs.
But loose file installs are open to attack ( .pet ) as they go in the Save file.
But adding SFS apps. does not have the loose file problem and is secure.
The Save file`s mostly config. files ( or it should be...), less damage done.
Back to top
View user's profile Send private message 
amigo

Joined: 02 Apr 2007
Posts: 2221

PostPosted: Sat 25 Feb 2012, 15:10    Post subject:  

"Running from a disk is so 20th century." And running from a CD is so what? It's still a mechanical, moving item... just less easy to work with.
Wait, don't get me wrong, I do understand the utility of running from RAM, but I think it should be a one-off behaviour and the polls here indicate that it *is* a one-off choice for Puppy users -usually when they need to fix something that was needlessly broken by bunches and gobs of init and shutdown mess.
Back to top
View user's profile Send private message 
disciple

Joined: 20 May 2006
Posts: 6426
Location: Auckland, New Zealand

PostPosted: Sat 25 Feb 2012, 18:27    Post subject:  

sunburnt wrote:
Q5sys; Yes, the long version of what I was saying. Well put...

disciple; The main bulk of files in Puppy are in the SFS file.
So most all of the files are more secure, mainly the critical exec.s and libs.
But loose file installs are open to attack ( .pet ) as they go in the Save file.
But adding SFS apps. does not have the loose file problem and is secure.
The Save file`s mostly config. files ( or it should be...), less damage done.

The save file is anything that something tries to change. So if the hypothetical linux virus wants to modify or delete a program, it does so, regardless of whether you have a frugal or full install. Your ability with a frugal install to get the original program back because it is in the .sfs is not really different from getting the original back from the install CD / live CD / repository with a traditional full install.
Squashfiles are great, but they are not a security feature. If you are paranoid about security you should look at other things, like for starters:
1) never creating a save file
2) not running everything as root
Or are you guys not actually talking about squashfiles, but squashfiles that are only mounted, not unioned? Isn't that pretty impractical for libs, as you'd end up including duplicates in every squashfile which has an app that depends on them?
Isn't it simpler just to make places like /usr read-only (hint: don't run as root)*.

* Note that I am a "root forever" guy... but if someone else wants to be paranoid about security, that's their choice.

_________________
DEATH TO SPREADSHEETS
- - -
Classic Puppy quotes
- - -
Beware the demented serfers!
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 11 of 15 [222 Posts]   Goto page: Previous 1, 2, 3, ..., 9, 10, 11, 12, 13, 14, 15 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Taking the Puppy out for a walk » Suggestions
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1234s ][ Queries: 15 (0.0062s) ][ GZIP on ]