Dear jean-seb,<br>If you don't mind, can you help me about these aspects that I have to consider more about apt as a update-tool.<br>1. About protocols are supported by apt-rpm, I care so much about http and ftp because they both issue security threats: http using plan text to pass through their passwords for communication and so easily for hacker to do session hijack, in addition ftp passive mode also can be considered as a security threat too. Can you give me more advices for that issue?
<br>2. I have tried puppet as a update tool for my system beside apt (puppet is a configuration management tool). If you tried puppet, do you think can I use both apt and puppet as an update solution for a huge rpm embedded Linux network system (apt as a front-end update tool on client, and puppet-puppetmaster as administration host)?
<br>Hope to see your reply soon,<br>Best regards,<br>Nguyen Anh Quan.<br><br><div class="gmail_quote">On Jan 14, 2008 4:04 PM, js <<a href="mailto:jsh@interlug-fr.org">jsh@interlug-fr.org</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="Ih2E3d">Quan phongvan wrote:<br>> Dear jean-seb,<br>> I'm so surprised at receiving your reply so fast, thank you very much.<br></div>I'm at work, so I've time :)<br><div class="Ih2E3d"><br><br>
> But if you don't mind, may i ask you a favour to help me clear out<br>> some issues that confused me.<br>> 1. As you mentioned: "I tested urpmi, apt and yum". While you tested<br>> both three update tools: urpmi, smart, apt, what were the most
<br>> important aspects that had impacts on your judgement for choosing the<br>> best update tools candidate (in your case is apt-rpm). And comparing<br>> to urmpi and yum, what were obstacles that make urpmi and yum did not
<br>> match with your requirements as a update tool?<br></div>urpmi: use perl, ocaml, and C ; a good tool but too big and slow.<br>yum: too buggy , slow and need python to run.<br><br>It was 3 years ago, before yum begin to be the default update tool in
<br>Fedora.<br><div class="Ih2E3d"><br><br><br>> 2. As I knew, apt-rpm has LUA as a interpreter embedded language that<br>> provide users a lot of powerful option in apt-* command line, because<br>> I'm just beginner in LUA, can you give more instructions and advices
<br>> to skilled in LUA as apt-rpm power tool (I easily followed the<br></div>> intructios that <a href="http://apt-rpm.org" target="_blank">apt-rpm.org</a> <<a href="http://apt-rpm.org" target="_blank">http://apt-rpm.org
</a>> provides but I think<br><div class="Ih2E3d">> they not enough for me toseriously use it).<br><br></div>I'm not a power user of Lua too :)<br>the main cool stuff is the gpg-check lua script than you can find everywhere
<br>(it is in this rpm too:<br><a href="http://www.gralinux.org/gralinux/AS3/i686/SRPMS/apt-0.5.15cnc7-5gral.src.rpm" target="_blank">http://www.gralinux.org/gralinux/AS3/i686/SRPMS/apt-0.5.15cnc7-5gral.src.rpm</a><br><div class="Ih2E3d">
)<br><br><br>> 3. Because my progess is under investigeting phrase and I'm still<br>> transparent from my target machine's configuration, so I'm sorry that<br>> I doesn't have more specified specs for you. If you don't mind, I hope
<br>> to receive your help in near future for that issue.<br>> Hope to see your reply soon.<br>> Best regards,<br>> Nguyen Anh Quan.<br>><br><br></div>That's the main problem:<br>If your embedded system is a big one (Like the model we use at
<br>air-austral); you don't need to tweak a lot the system;<br>so after all, you can use yum or whatever you want.<br><br>But if your cpu is slow (<100Mhz) and you have limited ram (4 or 8 Mo)<br>.. I think you will need a specific distro .. and maybe use debian
<br>instead of Rpm based distro:<br>so .. apt or nothing :)<br><br>Regards<br><br><br>js.<br><div class="Ih2E3d"><br><br><br>> On Jan 14, 2008 2:20 PM, js <<a href="mailto:jsh@interlug-fr.org">jsh@interlug-fr.org</a>
<br></div><div><div></div><div class="Wj3C7c">> <mailto:<a href="mailto:jsh@interlug-fr.org">jsh@interlug-fr.org</a>>> wrote:<br>><br>> Quan phongvan wrote:<br>> > Dear Jean-seb,<br>> > It's so kind of you to answer all of my issues with very useful
<br>> > informations. I really appreciate it.<br>> > But I still have some things from your reply, and I hope that<br>> you can<br>> > clear them for me, thank you in advance.<br>> > 1. You mentioned: "No, it use apt only, personally I hate yum and
<br>> > don't understand why create an other tool for rpm based distro, apt<br>> > was already here and do the work well; and the best,". I think that<br>> > while yum has released its stable version so long time ago,
<br>> apt-rpm is<br>> > still under developing (testing version). In addition, yum has a<br>> huge<br>> > developer resource behind, if we consider update tool from business<br>> > point of view, can yum become a update tool candidate?
<br>><br>> Linux, the glibc, gcc, KDE are still in development too :)<br>> apt is very very stable and do the job nicely for years (I use the old<br>> apt from conectiva, before to update to the Lorg version).
<br>> That's not because apt is still in devel than it is not ready for<br>> production.<br>><br>><br>> > 2. About yum and python, I was already clear, thank you for your<br>> > model, it's so easy for me to understand the problem. If you don't
<br>> > mind, have you ever tried smartpm as a update tool on your embedded<br>> > system (smartpm similar to yum and apt-rpm, it uses python also), if<br>> > yes do you have any advice for me about smartpm?
<br>><br>> smartrpm??? I never test it.<br>> apt was used by conectiva linux for the whole distro, but smartrpm not<br>> .... and smartrpm was too young 3 years ago.<br>> Maybe now, you can take time to test it and see if it is the good
<br>> tool<br>> for you.<br>> To me, an important thing was to have one update tool for both Debian<br>> and Rpms distro; so ... apt was used :)<br>> yum was ... sorry but, a real crap (I tested urpmi, apt and yum)
<br>><br>> > 3. My target system run on a very tiny Linux clone (mini-ram<br>> embeeded<br>> > Linux - RPM system, like VxWorks), it lacks development tool such as<br>> > gcc and XWindow, so will apt-rpm run well on these systems?.
<br>> I think, yes.<br>> You have some specs??<br>><br>><br>> > Beside, our update tool connect Internet through firewall for<br>> security<br>> > purpose to do system-update, so we must consider some security
<br>> issues<br>> > such as: session hijack or disguise of server. Do you have any<br>> > comments for me with apt-rpm to deal with these problems?<br>> All the rpms are signed, and don't install if the rpm is not
<br>> signed with<br>> the right gpg key :)<br>> This is in the apt-get lua config (see /etc/apt/apt.conf :<br>><br>> Scripts<br>> {<br>> Init { "gpg-import.lua"; };
<br>> PM<br>> {<br>> Pre { "gpg-check.lua"; };<br>> Post { " upgradevirt.lua"; };<br>> };<br>> AptGet<br>> {<br>> Upgrade { "upgradevirt.lua
"; };<br>> DistUpgrade {"upgradevirt.lua"; };<br>> Install::SelectPackage { "upgradevirt.lua"; };<br>> Install::PreResolve { "upgradevirt.lua"; };<br>> Install::TranslateArg { "
upgradevirt.lua"; };<br>> };<br>> Synaptic<br>> {<br>> DistUpgrade { "upgradevirt.lua"; };<br>> }<br>> }<br>><br>><br>> So, if a bad guy changes one or more rpms, they will not be installed,
<br>> and the only way to install them will be to deactivate the<br>> gpg-check.lua<br>> script<br>> or use the command rpm -ivh yourRPM.rpm by hand.<br>><br>> Regards<br>><br>> js.
<br>><br>><br>><br>> > Thank you very much.<br>> > Hope to see your reply soon.<br>> > Best regards,<br>> > Nguyen Anh Quan.<br>> ><br>> ><br>> > On Jan 13, 2008 12:09 AM, jean-seb <
<a href="mailto:jsh@interlug-fr.org">jsh@interlug-fr.org</a><br>> <mailto:<a href="mailto:jsh@interlug-fr.org">jsh@interlug-fr.org</a>><br></div></div><div><div></div><div class="Wj3C7c">> > <mailto:
<a href="mailto:jsh@interlug-fr.org">jsh@interlug-fr.org</a> <mailto:<a href="mailto:jsh@interlug-fr.org">jsh@interlug-fr.org</a>>>> wrote:<br>> ><br>> > Quan phongvan a écrit :<br>> > > Dear Jean-seb,
<br>> > > It's so nice for me to hear that from you. If you don't mind,<br>> > can you<br>> > > give me more advices for my issues:<br>> > > 1. For your mentioned RHEL clone that you used on your
<br>> embedded<br>> > > system, Does it have yum as RPM packages management<br>> systems. If yes,<br>> > > can apt-rpm beats yum as a update tool?<br>> ><br>> > it is use in Debian and Rpm based distro, so when you swith
<br>> into<br>> > Debian<br>> > and Rpm distro, no problem: apt-get update, apt-get dist-upgrade<br>> > ... :)<br>> ><br>> ><br>> > > 2. As you mentioned "apt is faster than light , and it
<br>> don't need<br>> > > python; so the memory it use is not a big issue.", I think<br>> > apt-rpm has<br>> > > a big dependency list (especially when I compiled apt-rpm from
<br>> > source<br>> > > code, it required a lot of packages such as: beecrypt,<br>> zlib,...).<br>> > > About python, does it really become the most biggest obstacle<br>
> > for yum<br>> > > or even smartpm (an update tool for RPM packages similar<br>> to yum and<br>> > > apt-rpm).<br>> > Yum use python and a lot of sub-modules (how it query the rpm
<br>> > database?);<br>> > the main problem I see: you need a pre-interpreter to run yum:<br>> > So you can resume it by:<br>> > kernel -> glibc -> python -> pre-compiling -> yum+ extra
<br>> modules<br>> ><br>> > for apt:<br>> > kernel -> glibc -> libs (stdc++, zlib) -> apt<br>> ><br>> > Pre-compiled software runs always faster ( C and C++ are
<br>> faster than<br>> > Python).<br>> ><br>> > If you have time: you can test this 'theory' with gdb and<br>> see what<br>> > program (yum or apt) use the most of memory :)
<br>> ><br>> ><br>> > > 3. In addition, can you give more details why did you mention<br>> > about HP<br>> > > Server ProLiant in: "it is faster that the same version in
<br>> Proliant<br>> > > Servers ! (maybe because /var is in ram?)".<br>> ><br>> > We use one distro (Gralinux AS 3; a RHEL clone with some tweaks;<br>> > webmin,
<br>> > openvpn, more iptables modules etc..) on both Embedded<br>> systems and<br>> > Servers: the binaries are strictly the same.<br>> > we have a lot of HP proliant and when i apply updates, apt
<br>> is far<br>> > faster<br>> > on embedded devices than on the big Proliant :) : a<br>> read/write issue i<br>> > think ;)<br>> > We all know than hard drive are .. slow :-/ , specially
<br>> with Raid<br>> > 5 ...<br>> ><br>> > > Hope to receive your advice soon,<br>> > > Best regards,<br>> > > Nguyen Anh Quan.<br>> >
<br>> > Regards<br>> ><br>> > js.<br>> ><br>> > Air-Austral flight Company.<br>> > <a href="http://www.air-austral.com" target="_blank">http://www.air-austral.com
</a><br>> ><br>> > ><br>> > > On Jan 11, 2008 7:13 PM, jean-seb <<a href="mailto:jsh@interlug-fr.org">jsh@interlug-fr.org</a><br>> <mailto:<a href="mailto:jsh@interlug-fr.org">
jsh@interlug-fr.org</a>><br>> > <mailto:<a href="mailto:jsh@interlug-fr.org">jsh@interlug-fr.org</a> <mailto:<a href="mailto:jsh@interlug-fr.org">jsh@interlug-fr.org</a>>><br>> > > <mailto:
<a href="mailto:jsh@interlug-fr.org">jsh@interlug-fr.org</a> <mailto:<a href="mailto:jsh@interlug-fr.org">jsh@interlug-fr.org</a>><br></div></div><div><div></div><div class="Wj3C7c">> <mailto:<a href="mailto:jsh@interlug-fr.org">
jsh@interlug-fr.org</a> <mailto:<a href="mailto:jsh@interlug-fr.org">jsh@interlug-fr.org</a>>>> > wrote:<br>> > ><br>> > > Quan phongvan a écrit :<br>> > > > Dear friends,
<br>> > > ><br>> > > > I've studied apt-rpm as a candidate update tool for RPM<br>> > packages<br>> > > > management system, because my target device run on
<br>> > embedded Linux<br>> > > > (like Vxworks - an RTOS of windriver).<br>> > > > If you don't mind, I hope that someone has tried using<br>> > apt-rpm on an
<br>> > > > embedded system such as VxWorks and can share me his<br>> > experiences. I<br>> > > > really appreciate it.<br>> > > > Thank you for your attention,
<br>> > > > Nguyen Anh Quan.<br>> > > > --<br>> > > > Never walk alone<br>> > > ><br>> > ><br>> > > I use apt in a RHEL clone for embedded systems (openvpn,
<br>> > firewall and<br>> > > tons of stuffs like snort etc..):<br>> > > it runs on a Via C3 533Mhz, 512Mo ram (256 for the system<br>> > memory, and<br>
> > > 256 for /var and /tmp in read/write mode);<br>> > > the rest of the system is on a CF 512mo in read only<br>> (ext3 with<br>> > > some tweaks)<br>
> > ><br>> > > apt is faster than light , and it don't need python;<br>> so the<br>> > memory it<br>> > > use is not a big issue.<br>> > >
<br>> > > it is faster that the same version in Proliant Servers<br>> ! (maybe<br>> > > because<br>> > > /var is in ram?)<br>> > ><br>
> > > A good choice for a "big" embedded system.<br>> > ><br>> > ><br>> > > Regards.<br>> > ><br>> > > js
<br>> > ><br>> > > Air-Austral flight Company.<br>> > > <a href="http://www.air-austral.com" target="_blank">http://www.air-austral.com</a><br>> > >
<br>> > ><br>> > > _______________________________________________<br>> > > Apt-Rpm mailing list<br>> > > <a href="mailto:Apt-Rpm@lists.laiskiainen.org">
Apt-Rpm@lists.laiskiainen.org</a><br>> <mailto:<a href="mailto:Apt-Rpm@lists.laiskiainen.org">Apt-Rpm@lists.laiskiainen.org</a>><br>> > <mailto:<a href="mailto:Apt-Rpm@lists.laiskiainen.org">
Apt-Rpm@lists.laiskiainen.org</a><br></div></div>> <mailto:<a href="mailto:Apt-Rpm@lists.laiskiainen.org">Apt-Rpm@lists.laiskiainen.org</a>>> <mailto:<br><div class="Ih2E3d">> > <a href="mailto:Apt-Rpm@lists.laiskiainen.org">
Apt-Rpm@lists.laiskiainen.org</a><br>> <mailto:<a href="mailto:Apt-Rpm@lists.laiskiainen.org">Apt-Rpm@lists.laiskiainen.org</a>><br>> <mailto:<a href="mailto:Apt-Rpm@lists.laiskiainen.org">Apt-Rpm@lists.laiskiainen.org
</a><br>> <mailto:<a href="mailto:Apt-Rpm@lists.laiskiainen.org">Apt-Rpm@lists.laiskiainen.org</a>>>><br>> > ><br>> ><br>> <a href="http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org" target="_blank">
http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org</a><br>> > <<br>> <a href="http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org" target="_blank">http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org
</a>><br>> > ><br>> > ><br>> > ><br>> > ><br>> > > --<br>> > > Never walk alone<br>> > ><br>> >
<br>> ------------------------------------------------------------------------<br>><br>> > ><br>> > > _______________________________________________<br>> > > Apt-Rpm mailing list
<br>> > > <a href="mailto:Apt-Rpm@lists.laiskiainen.org">Apt-Rpm@lists.laiskiainen.org</a><br>> <mailto:<a href="mailto:Apt-Rpm@lists.laiskiainen.org">Apt-Rpm@lists.laiskiainen.org</a>> <mailto:
<br>> <a href="mailto:Apt-Rpm@lists.laiskiainen.org">Apt-Rpm@lists.laiskiainen.org</a> <mailto:<a href="mailto:Apt-Rpm@lists.laiskiainen.org">Apt-Rpm@lists.laiskiainen.org</a>>><br>> > ><br>
> ><br>> <a href="http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org" target="_blank">http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org</a><br>> <<a href="http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org" target="_blank">
http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org</a>><br>> ><br></div><div><div></div><div class="Wj3C7c">> <<a href="http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org" target="_blank">
http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org</a> ><br>> > ><br>> ><br>> > _______________________________________________<br>> > Apt-Rpm mailing list
<br>> > <a href="mailto:Apt-Rpm@lists.laiskiainen.org">Apt-Rpm@lists.laiskiainen.org</a><br>> <mailto:<a href="mailto:Apt-Rpm@lists.laiskiainen.org">Apt-Rpm@lists.laiskiainen.org</a>> <mailto:
<br>> <a href="mailto:Apt-Rpm@lists.laiskiainen.org">Apt-Rpm@lists.laiskiainen.org</a> <mailto:<a href="mailto:Apt-Rpm@lists.laiskiainen.org">Apt-Rpm@lists.laiskiainen.org</a>>><br>> ><br>>
<a href="http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org" target="_blank">http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org</a><br>> <<a href="http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org" target="_blank">
http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org</a>><br>> ><br>> ><br>> ><br>> ><br>> > --<br>> > Never walk alone<br>> ><br>> ------------------------------------------------------------------------
<br>> ><br>> > _______________________________________________<br>> > Apt-Rpm mailing list<br>> > <a href="mailto:Apt-Rpm@lists.laiskiainen.org">Apt-Rpm@lists.laiskiainen.org</a> <mailto:
<a href="mailto:Apt-Rpm@lists.laiskiainen.org">Apt-Rpm@lists.laiskiainen.org</a>><br>> ><br>> <a href="http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org" target="_blank">http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org
</a><br>> <<a href="http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org" target="_blank">http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org</a>><br>> ><br>><br>> _______________________________________________
<br>> Apt-Rpm mailing list<br>> <a href="mailto:Apt-Rpm@lists.laiskiainen.org">Apt-Rpm@lists.laiskiainen.org</a> <mailto:<a href="mailto:Apt-Rpm@lists.laiskiainen.org">Apt-Rpm@lists.laiskiainen.org</a>>
<br>> <a href="http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org" target="_blank">http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org</a><br>><br>><br>><br>><br>> --<br>
> Never walk alone<br>> ------------------------------------------------------------------------<br>><br>> _______________________________________________<br>> Apt-Rpm mailing list<br>> <a href="mailto:Apt-Rpm@lists.laiskiainen.org">
Apt-Rpm@lists.laiskiainen.org</a><br>> <a href="http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org" target="_blank">http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org</a><br>><br><br>_______________________________________________
<br>Apt-Rpm mailing list<br><a href="mailto:Apt-Rpm@lists.laiskiainen.org">Apt-Rpm@lists.laiskiainen.org</a><br><a href="http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org" target="_blank">http://lists.laiskiainen.org/listinfo.cgi/apt-rpm-laiskiainen.org
</a><br></div></div></blockquote></div><br><br clear="all"><br>-- <br>Never walk alone