Talk:RPM Package Manager
From Wikipedia, the free encyclopedia
Contents |
[edit] Alien
Shouldn't this article mention alien? Debian-based distros use alien to install rpms.
[edit] Naming
According to rpm.org, the name is "RPM Package Manager". For more discussion, see: http://www.wikipedia.org/wiki/Talk%3ARed_Hat_Package_Manager --Tero 20030806t1415 EET
[edit] Porting
Which other OSes has rpm been ported to? BL 14:07, May 2, 2004 (UTC)
I added a link to the page at RPM.org that lists the various operating systems to which it has been ported. Better this way than to have to continually update it whenever a new port is made. Avalyn 10:05, 6 May 2005 (UTC)
[edit] MD5
Use of the (now seriously broken) MD5 algorithm is listed as an advantage. Is this still true (in which case it should surely be listed as a disadvantage!), or has RPM transitioned to a more secure method already (in which case that should be mentioned in the article)? --62.173.111.114 12:26, 14 November 2005 (UTC)
Since rpm-4.1, rpm metadata content (like the MD5 file digest) usually comes from a signed header.
So the issue of whether MD5 is "broken" or not is moot, one has to break the digital signature on the header in order to change the file MD5 digest, and that requires breaking DSA or RSA, not MD5.
Furthermore, rpm-4.4.6 permits replacing the file MD5 with any modern digest up to and including SHA-512.
The "advantage" comes from verifying a digest while installing, and verifying the signature (if present) on the header (where the file digest tag resides) whenever desired, not just when the package is installed. This is a (at least) reasonably secure persistent verification mechanism when used correctly.
[edit] Redundancy
Isn't the "Package Manager" in "RPM Package Manager" redundant?
- That's the idea of recursive initialisms. Chris Cunningham 14:15, 31 August 2006 (UTC)
[edit] Update
Can someone with the expert knowledge please update the description for rpm naming format for the release naming convention. The description is lacking for the .rf and .at, they seem to indicate packagers but i'm not certain enough make an update to the article. Thank you.
<release>.<distribution>.rf.<arch> <release>.<distribution>.at.<arch>
There are many release naming conventions that are currently deployed. No one scheme is dominant or accepted sufficiently widely that it needs documenting.
[edit] Recursive abbreviation
RPM is not a "recursive acronym". It is a "recursive abbreviation".
- To be precise, it's a recursive initialism. I've edited the article appropriately. Chris Cunningham 14:15, 31 August 2006 (UTC)
[edit] types of RPM's
I don't mean to bother anyone, but shouldn't it be prudent to make seperate sections for the existing types of RPM's:
- Normal RPMs
- Source RPMs
- Delta RPMs
Any ideas?
Binary (not "normal") and source RPM's have a handful of explicit differences, the most important of which is that binary *.rpm's have ptr's to the source rpm from which they were built, and *.src.rpm payloads do not specify any hierarchical directory structure.
Patch RPM's were an an interesting patch from SuSE that is largely historical. The idea behind patch RPM's was a delivery mechanism for partial packages that would be merged, rather than installed, with whatever content had previously been installed. The changes to the rpm install state machine, and the difficulty of creating patch packages (i.e. patches for all possible released software need to be produced) have made the idea of patch packages unworkable outside of a narrow vendor-specific distribution context.
SuSE today prefers Delta RPM's instead of Patch RPM's afaik.
There are also ""Repackaged RPM's" that can be produced before erasing the older package when upgrading to a newer package. Repackaged RPM's are a best effort (i.e. content on the file system may have been modified or deleted) attempt to recreate the original package from what had been installed on the file system.
Well, I fixed something that was inaccurate as I can understand , i.e. that RPMs have sources, only SRPMs have source.
Sebelk 17:26, 23 January 2007 (UTC)
[edit] Please review and delete the external link to "Who Maintains RPM?"
[edit] =============================
(apologies for being a wikipaedia idiot, I don't know the correct way to make this request)
While overall the RPM page is quite objective and sufficiently complete, I am personally concerned by the external link to "Who Maintains RPM?" since it mentions me by name. I have gone to great lengths to preserve my privacy and anonymity (most of RPM was written by me) Much of the content about RPM has been supplied by me, e.g. to "The Red Hat RPM Guide" by Eric Foster-Johnson, and to LSB only under conditions of "anonymous contribution".
However, as the subject of the published article, I'm clearly biased. I will leave it to someone else to make the call whether an external link to "Who Maintains RPM?" is relevant or not. I am personally threatened by an ongoing and organized campaign (there is a slander of me at kuro5hin published in May 2006, and these people have appeared multiple times on mailing lists with aggresssive and hostile attacks that are coupled to my name) that has continued over several years that is ultimately based on a bugzilla report #119185 from the year 2004.
Meanwhile, I'll be happy to supply any information regarding RPM that you want (as long as my name is "anonymous")
Jeff Johnson <n3npq@mac.com>
[edit] Disadvantages
Someone has removed this section. If they have a valid reason and read this, could they explain why? I feel that this section should remain, any one else agree? 87.102.23.39 05:24, 15 December 2006 (UTC)
[edit] When was first released
When was first released rpm package Manager?. —The preceding unsigned comment was added by 89.22.70.236 (talk) 16:26, 28 December 2006 (UTC).
[edit] On Portal:Free software, RPM is currently the selected article
(2007-01-23) Just to let you know. The purpose of selecting an article is both to point readers to the article and to highlight it to potential contributors. It will remain on the portal for a week or so. The previous selected article was Advanced Packaging Tool. Gronky 14:50, 23 January 2007 (UTC)
