1 - Of the package tools that are now offered for Fedora (rpm, yum,
up2date, apt?, red-carpet, others?), which ones are able to
automatically get the package from the net? Which ones automatically
also get the dependencies? Which ones who me a list of all of the ones
that are available (like Debian's aptitude or the dreaded dselect)?
up2date will give you a nice list of updated packages that are available. Yum can do the
same thing (try yum check_update). I know that yum will follow and install dependencies;
not as sure about up2date because I don't use it too often. There are options to show
you *all* packages available.
2 - I tried up2date once. It seemed like it was headed down the right
track of addressing the issues that I had with RedHat in the past,
regarding automatic downloads from a central source. However, it
*seemed* as though it was merely getting security-patched releases of
selected packages. For example, if I had installed Foo 1.0 and Bar 1.0
with the release CD, and then a new version of Foo (1.1) comes out and a
security-patch for Bar (1.0.1) comes out... it seemed that up2date would
only get the Bar 1.0.1. In short, you're still stuck with the old
I haven't seen this, so I can't comment. If new versions appear, I seem to get
them without any effort.
versions and their old capabilities, unless there is a security issue
or
serious bug that needs fixing. Contrast this with Debian, where I can
point my apt sources.list file to the "unstable" store and I've always
You can use yum to obtain the latest packages, although this is not always for the
faint-of-heart. By default, I don't think any of the tools are configured to apply
test patches.
got the latest releases of everything (except major version-number
changes. For example, I had to delibrately de-select Apache and select
Apache2 to move from Apache 1.x to Apache 2.x. But, up to that point,
merely selecting Apache had moved me through Apache 1.1, 1.2, and 1.3 as
they were released).
If a package called apache-.... is on your system, then yum/up2date will consider
apache2-.... to be different softwawre. As I remember, there was a desire to keep Apache
1.x available for those who needed to stick with it. So I don't take this as a
deficiency in package management tools.
I guess another way to put it is that... if you had installed RedHat
8,
then running up2date would only ensure that you had a fairly secure
version of the packages (and versions thereof) that originally came with
RH8.
I take this to be Red Hat policy. If I want to encourage you to buy my RH8 boxed set, and
then my RH9 boxed set, I don't want to give you RH9 for free in dribs and drabs.
Debian's approach is necessarily different.
On the other hand, with Debian, if I install Debian 2 and run apt
regularly, as Debian 3 is nearing release, my machine would gradually be
picking up the new Debian 3 versions of packages as they passed testing.
On the day Debian 3 was released, the versions of all of the packages on
my machine would, essentially, match those on the release CD of Debian 3
Was I just imagining that, or is that how up2date really works? Do the
other Fedora management tools work differently? It would be a pain to
have to manually select newer minor version numbers of hundreds of packages
I think this is a matter of policy and not a tool limitation. In many cases, FC(n+1) is
very different from FC(n). If I am on a particular version of Fedora Core, I don't
want to mix versions. I might not want to switch from devfs to udev, or adopt X0rg vs.
XFree86. Simply continuing to update would take me in directions I might not want to go.
So our repositories allow me to either continue to receive backported fixes for older
versions, or I can upgrade versions by migrating to a new release. Given the high rate of
change in Fedora, I would have it no other way.
3 - With Debian, there are oodles of packages available on the official
site and mirrors. Of the several hundred packages I have installed on
our server, I think I've got one or two that come from third-party
"average Joe" sources. On the other hand, from what little I've read
about configuring apt for RedHat thus far (which isn't much, I'll
admit), it seems that there's a much higher occurence of third-party
sources in the apt sources.list files. For those using any of the
automatic-package-and-dependency-download-and-install tools,
approximately what percentage of your packages (especially new versions
of packages) come from NON-official RedHat sources?
For me, zero. I either get "genuine Fedora" software, or I build my own. Doing
otherwise is too much work. :-)
Hope this helps. Erik
Regards,
- Joe