[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[long] Re: [school-discuss] Which is the fastest Desktop distro for schools?
PreScriptum: my words are based on experience, and I'm in charge
for technology in Linux support startup here in Ukraine. Sorry
that I mention that but it might help understanding the problems
_we_ have to deal and have to solve for our customers and things
learned to start all of that in the first place.
Having also on-hands experience in deploying Linux in Liceum and
Kiev University I've graduated from, teaching "hobby" Linux
course at the very same Liceum and later professional courses for
a fee at one of the major local software corporations (they do
training too and were in need of people), and running production
systems ranging from package-based to stripped down right to a
floppy -- sorry but I just shouldn't waste more time of people
who ask for more high-level answers here with low-level technical
details (which follow).
So let's label this subthread as "freebuilders vs packagers" and
get it closed as this is just one more question you can have both
ways (as with any other flammable [off]topic).
On Wed, Nov 17, 2004 at 04:11:39AM -0800, Wm.G.McGrath wrote:
> Michael Shigorin <email@example.com> wrote:
> : Sorry but I digress.
(disagree, of course :)
> : dd'ing root partition with zeroes is a matter of minutes.
> Yes, yes of course. But dd'ing root would reveal their presence
> - not something an experienced cracker wants to do.
I mean losing root is in fact THE end for systems control.
> As I said originally, ease of use isn't necessarily a good
> thing, but disabling your pkgmgr, for example, is one of a
> number of ways around this.
Around ease of use or around getting the system restored?
rpm -Va is the first command to run when doing forensics after
saving the state (for rpm-based). "Disabling" package manager
doesn't help with updates installation as well.
Restricting access to its data may help but I don't think it's
critical in an educative environment -- then you'd better
restrict access to /boot, /lib/modules, and home directories.
> Oh boy. 'Standards' is what we're up against.
> ie Microsoft. It produces a monolithic mindset that believes
> one size fits all.
It's not a standard, it's twisted thing that can be defined as
"de facto standard".
We've had people from IBM talking about the importance of the
_open_ standards as a warranty of sustaining systems and
platforms, and I agree with that, being involved in distro
development for several years and seeing much too often home-made
standards where nobody would agree on some sane _common_ one.
So *please* don't be MS's spokesperson who spreads their
interpretation of the term "standard" -- it plain wrong.
(but also it's offtopic I'm afraid...)
> Every system is different, every school is different.
Sure. Just as every real home is different, and not "stock".
> Globalized thinking is wreaking havoc elsewhere in the world on
> many levels. I suggest you reflect on this some more.
I agree with you having done that for years.
> Automation has its downside.
> In this case 'automagic' pkgmgrs push competence, knowledge and
> training upstream and transform admins into dumb users.
BS again (sorry again). It's a possibility, nobody takes
precious /usr/local away -- it's FUD spread by those who can't
understand that they don't _have_ to use convenient tools
developed for them, it's what makes Linux different.
I prefer to edit most of the configuration with vim but then
again, things done rarely tend to be done faster and more
reliably with some "dumb user" tools. Write a printcap or two
and you'll agree. (CUPS can be even more fun :)
> Management loves the MS business model. Every month, RedHat
> becomes more and more like MS.
Ugh. I'm not using RedHat for... some... 5 years or so.
> We are responsible for *ALL* of the children in our care -
> little princes or not
We're responsible for those who follows us. Even if little
prince hasn't come and told it personally.
> : > However, Vector Linux does offer a choice of package managers.
> : Front-ends for tar or technologically?
> : It doesn't matter whether to untar stuff with This Cool GUI or
> : That 1337 Tool -- it _does_ matter if you can answer "where's
> : this file from?" and "what files belonging to package X are
> : changed and how?".
> Well, I'd say you're contradicting yourself.
Where exactly? (hope I've left the part you've meant)
> First you're arguing for ease of use, but now the depth of your
> arguement easily surpasses the ordinary admins level of
> knowledge, skill and above all need.
The depth of arguments of those who create CPUs we use easilu
surpasses even unordinary [...].
> You have to understand that often the school admin is not an IP
> professional, but a teacher with IP responsibilities.
I'm talking *exactly* from this experience.
> And this level of arguement also misses something very basic.
> If an admin has a question, any question, he normally has
> access to the telephone and email. He does not have to rely
> solely upon his pkgmgr.
He hasn't to. But package base and proper tools may make a long
cold lonely night over console and phone more alike 5 minutes in
the evening without the need to disturb people at all. (yes,
otherwise they did disturb me too, with configure keys and all
the hell of remembering the peculiarities of that particular
broken combination of compiler and libraries)
> Finally, I'd say that above all, this level of integrated
> complexity will convince most that Debian is still a hackers
I use ALT Linux, it's sometimes described as "Debian meets
Mandrake [and goes Russia]". It may be not as low-maintenance as
Debian/debconf in the long run in its current state but the
entrance level seems considerably lower -- it Just Works for most
of the installations.
And yes, people sometimes ask the names of the packages to
install with Synaptic (or, later, with apt-get for those who fall
prey of the console :). And yes, the time spent answering isn't
near the time spent copiloting the complicated build by phone.
> For example, try explaining the intricacies of maintaining a
> mixed distro to the average user, given the stratification of
But why? Don't invent the problems that didn't exist before.
(and yes, I was maintaining such a system at home some 3 years
ago and still give out advice on the topic occasionally -- so
> No surprise. But, as above, a 'proper packaging system'
> produces a globalized, generic, monolithic system.
No. Don't label down things you just don't understand, it's way
> By replacing, or even seeking to replace, all scripts you place
> yourself at your vendors mercy.
But what if I control my vendor to some degree being one of the
developers? And people who need that control can ask me to proxy
some thoughts or complants there so that the whole thing works
better for all of us users?
Sorry, I'll not comment that -- it would be severe offtopic
bordering personal flaming. :-)
In short, no -- till you _can_ fork (delay, rebuild, retest...)
> : > Can you provide links or flesh this 'debate' out a bit?
> : To what? apt/synaptic/aptitude? :)
> Well, black humour aside, here's your original quote. Apply
> some intelligence, try again and get back to us. Seriously, I'd
> be interested to follow said thread.
Ah, thanks. Unfortunately it was also mainly in Russian
(although that should be babelfish-grokkable).
> : That's the point of large amount of educative holy wars
> : with slackwarists and gentooists on my part
> No. Ignorance is not bliss.
Sure. But you're spreading FUD that seems to be based on
emotions [and ignorance?], and I just tell things that I know
*technologically* by hand. Wrong? Then let's go private on
technology, maybe there are things to discuss.
Getting back to the topic, the impact is that "wild", ad-hoc
administration *is* too demanding for exactly those skills in
school staff you're telling as widely lacking. And pushing Linux
systems with /usr/local full of fantazy by sysadmin-of-the-day
doesn't help to maintain the systems or to involve outside help
-- when you have _open_ standards, you have certainity (that
this package is built by reasonable maintainer you can know
personally, that this version doesn't contain known security
holes, that you can ask for help with exact build, not something
vague and hardly reproducible).
And proposing waste of time is quite contradictive: yes the
schools may win Openness then but it will just cost them *more*.
> It doesn't matter which distro you use, there is no substitute
> for a competent administrator - the guy with the answers - or
> at least some of them.
Absolutely. But one admin per one host is utopia (or anti-utopia
I'd propose a homework comparing "TCO" of different approaches in
terms of time at least but it needs quite a timespan and
considerably more effort than is reasonable for average person
arguing on Internet, including myself.
> : It _is_ relevant though when you stumble upon the one you badly
> : need right now but have to figure out what it needs to build and
> : run if it's not packaged.
> No it isn't. Try 'man alien' and get back to us.
Been there, done that. Did you *use* that? Did you notice how
the dependencies can be really alien in different distros?
And if you ignore dependencies, you just get yourself more
footwork at some point at best. At worst it will belong to those
who have to maintain the systems ever after.
> : Packaging is distilled experience of building, tuning and using
> : software.
> Yet it still remains naive.
Sure. The problem is, the ones mentioned do work and work better
than everything else I've stumbled upon (AIX's smith is less
naive AFAIH but never had AIX box at hand). :-)
> The first generations of package managers are monolithic.
If you take 16-megabyte perl package from RedHat as a monolythity
of package manager, then it's their fault they didn't develop or
adopt more high-level package management tools like APT to make
full installs of behemoth packages the only reasonable way to
install a RedHat system -- but *please* don't spread their
problem on everyone else in the field without first looking at
> They grab control of your filesystem
No. They give *you* control of the technical part of the
filesystem which becomes total PITA and headache in a year or two
when managed manually.
> One system does not suit all and the sooner package manager
> designers learn this the better.
PMs are not "the system", they are tools aiding in construction
of the system.
(side note: folks at Conectiva seem to be developing something
yet more sophisticated than present apt-rpm they've ported from
Debian; will be interesting to look at probably)
> For example, there is no real way (yet) to integrate the
> management of a secondary root with pkgmgrs.
What do you mean? rpm can operate on chroots (that's exactly how
the installation is being done where I've looked at it), and if
you mean replication, then I see just no problem since PM data
are just data that can be just copied around, no magic involved.
> For a dumb user, upstream mangagement is fine, but lots of us
> have a large need for local control.
But nobody takes that from you. And if you feel that at some
place they try to, you just switch the place -- these are many.
> Personally, I've come a long way since Windows 3.1. B-?
Avoided like plague being an old CP-M/86, DOS and more funny
things user :-]
> : > What good is a ton of software you don't need?
> : Then nobody forces you to use it. Still if you spend your time
> : to package stuff for e.g. Debian Jr then it benefits not only
> : your users but fellow colleagues and their users, too.
> Well, assuming it's out there. It isn't. It's not just a
> question of packaging. It's a question of people with
> programming talents collaborating with educators and fulfilling
> their needs. Why is it that we can have 10,000+ packages
> 'available' but still say we have a shortage of basic
> educational apps?
Ah, you're talking of development. But then you just mix up
different abstraction layers again (did they teach you logic?):
development is done by developers, and packaging/maintenance is
done by packagers/maintainers (who can be developers but more
often act like /meta-administrators/ of the systems to run
packages by them, investing their time into improving what can be
improved mostly _around_ the software of a given version.
It's like cars -- somebody is happy with Mercedes, someone
prefers AMG tuning of the same Mercedes. The difference is that
affordability level is either the same or even lower in the
latter case when talking of free software.
> BTW, I don't subscribe to the religion of the one true distro.
> This message is written on a Debian system sitting behind a
> Slackware firewall. And I've used others. :-)
I've used some 5 distros seriously, a couple more to have a
feeling and maybe some dozen to skim around looking for
interesting ideas. It's about GNU/*/Linux only :-)
Ergo: good luck to all of us, using whatever suits the best. :-)
---- WBR, Michael Shigorin <firstname.lastname@example.org>
------ Linux.Kiev http://www.linux.kiev.ua/