Rant on package managers

By 2014-11-24 Buffalo + Plex, General

I’ve started my Linux adventures with Slackware 4 in about 1999. That distribution lacked any kind of package management. You just downloaded the “tgz” file, unzipped it and ran the binary. Life was simple and Linux was gaining popularity.

Fast forward to 2014 I’ve had troubles with ipkg, dpkg, apt-get, aptitude, synaptic, yast, yast2, yum and rpm to manage packages on linux distributions. It seems that every distribution tried to solve the package management and dependency problem by introducing their own standards. (Mandatory XKCD link about standards…) For a while I was along the ride and I understood the message and to be frank it was so convenient to use them as long as you stayed in line and did what the developers had in mind. As soon as you tried to do something extra, all hell broke lose. I think YaST (Yet Another Setup Tool from the SuSE distribution) was the easiest to break, SuSE was just so integrated. As soon as you wanted to install a third-party application with dependencies you were out in the cold. RPM was as bad, I often had to unpack packages and try to manually install things, especially when I wasn’t on a RedHat distribution. (Because the package maintainer conveniently chose to only package for RedHat.) Third-party RPMs were the worst: they assumed you had the dependencies they were looking for and reconfigured your whole system if you didn’t. (Breaking everything else.) I liked Debian’s apt-get and aptitude for a while, but try to fix a dependency break when the distribution supports one version of a library but your application expects another.

Even ipkg gave me troubles when I wanted to compile the transmission versions for the custom firmware. You need to uninstall wget (an underlying dependency to ipkg) and install wget-ssl or else you will not be able to download packages from some HTTPS sites because of a bug. It’s so much easier to deal with applications without the package managers. The Plex Media Server for example contains a compatible version of Python so it doesn’t have to rely on old/incompatible versions on the system. They just don’t want to mess with someone else’s system and kudos to them for that.

So I started looking into Flexget and they are so nice because they even have a howto on how to install it on the Linkstation. Charming, let’s get to it. First step: install the package manager for python so you can download FlexGet…

So, if you were able to manage the package managers of the operating systems, now feel free to enter madness at the dependencies of programming languages’ package managers. I mean, I get it. I love how Eclipse plugins smoothly integrate into your development environment and how NuGet makes Visual Studio like heaven. But why do I have to install a whole environment when I only want to run one application? (This goes for the number of Visual C/C++ redistributables too…)

Plex got it right. “I need Python 2.7 and I don’t care which version you’ve got, I brought mine.” Does it suck that you need to install Python multiple times? It does. But it sucks less then worrying about dependencies that you can’t even meet properly.

So, all in all, FlexGet requires Python 2.7 but to even try the application I need to use pip, the Python dependency/package manager to install it. Afterwards I can hand pick the files I need and package them for the firmware. Maybe I can even use Plex’s python to run it so I don’t package my own Python 2.7 version, although it’s a bad idea because of the above. You might have Python 2.7 in the next firmware twice, together with Python 2.5 which is used by Buffalo by default.

Oh, and to add insult to injury pip fails at the first step, because it can’t download from a HTTPS site. Conveniently it has a “–cert” option which allows you to list the certificates that the site uses so it considers them valid, but then you face the SSLv3 bug which the Python site fixed. But not the old pip package in optware. So you need to hack pip open and force it to overlook any certificate issues… This feels so familiar. I think I’ve seen it before in operating system package managers…