On Tue, 19 Aug 2008, José Matos wrote:
FWIW, as promised, the talk slides can be found here:
http://jamatos.fedorapeople.org/talk-user2008.pdf
I am aware that there are some typos.
The thesis of the talk was that the relation between Fedora and R can placed
in a more general context, in this case between linux software distributions
and free software script languages.
The free languages like perl, python, tex, php and R (among others) have
developed a set of procedures to cope with installation and updating in
different operating systems.
On the other hand in Fedora (and other linux distributions) we have to deal
with different packaging models of open source languages and that give us a
different view point regarding the problem of installing and updating the
language and its libraries.
As you can see there is nothing earth shattering here. :-)
Well, big changes sometimes occur from modest beginnings. There is
a growing problem with the common perception that packages can
only be installed with root privileges.
Many end-user applications like R can exist and run very nicely
without special privileges. There are really only two reasons
root privileges are needed to install the majority of end-user apps:
1. to update a global database of installed packages
2. to guard against a malicious user installing a trojan on
multi-user machines.
As you note, many apps have app-specific package systems, so you
can end up installing in a way that fails to update the global
database.
In practice, those of us who work in environments where root
privileges are in short supply (and asking to have them invoked
often results in real $ charges to your budget) tend to use
the app-specific packaging when we can, but then there can
be confusion (user a gets result X from the package installed
by the administrator, while user b gets result Y from the
package installed from CXAN).
We are starting to see tools to manipulate packages, e.g., to
create rpm .spec files from the TeX Live packages, to create
null rpm .spec files for installation into personal rpm databases
so prerequisites will be satisfied without forcing the install.
One of the difficulties in discussing these issues is that no
one person is likely to encounter the full range of environments
that need to be supported. There are very different security and
control problems for a server running R to produce offical statistics
than for a student's personal workstation. Certainly security can
be enhanced if we minimize the use of root to manage end-user apps.
This says we need to move to a multi-level packaging approach that
supports packaged installs under user/group control without root
privileges.
--
George N. White III <aa056@xxxxxxxxxxxxxx>
_______________________________________________
Fedora-r-devel-list mailing list
Fedora-r-devel-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-r-devel-list
