Fresh from the Lab
You may have heard of this project before—another attempted solution to a software installation problem with Linux. What is the problem, you ask?
How do you install new software on Linux easily, in a uniform manner that won't scare off a shy Windows user? This area often needs attention, and we turn a blind eye because we're used to using apt or something similar. Are systems like apt really sufficient though? What if the program I want to install isn't within a distributions's archive? What if it's too old? What if I want a newer version than my distribution's archive provides, without upgrading a gig's worth of my whole system to satisfy all the other niggling dependencies? What if my distro dies off and its archives disappear? What if I simply want to do the same thing on each system?
Zero Install is the next in line for tackling this issue where projects like Autopackage failed, but will it tickle the fancy of the larger Linux audience?
Thankfully, a large number of binaries are available, and they will probably cover your system's needs. I grabbed the Etch .deb, and it worked without any hassles. If your system isn't covered though, the site includes a source tarball that contains a Python script, plus instructions on how to use it. There aren't any real obscure dependencies, so chances are the base package will install without any issues.
Initial usage is more of a command-line affair, which puts the Zero Install System in a different league from Autopackage immediately. Once the Zero Install Injector has been installed, you can install packages simply by typing 0launch and pasting the URL of the package into the shell after it. However, finding the page of available packages took me a minute—it's available at 0install.net/injector-feeds.html. Once you've found a package that interests you, copy the URL of the package and do as follows:
$ 0launch http://insertyourURLhere
An installer window will pop up, displaying the package name and any dependencies you may require. In a few seconds, a window may appear, presenting you with a trust key (a GPG signed key), asking you whether to allow this key to run, which is similar to when your browser asks whether to accept a site's Authentication Certificate. As there aren't a great deal of packages available yet, trusting these keys is fine for now, but should they become popular, you will want to examine closely the key presented. Once the key business is out of the way, press Run, and the download of the new package will start along with any other dependencies. Once the download has finished, the new program should launch right away. If not, any error messages will appear in the shell.
This is all okay for the first time, but any other attempts to run the new program will require the same arduous steps each time. Thankfully, with some clever scripting, a local link is made that puts a filename into your path without the need for root privileges. It will require you to enter the URL once more though, coupled with the command 0alias and your chosen alias name, as follows:
$ 0alias alias http://insertyourURLhereagain
As a real-world example, I had success with a game called Barrage, and the shell input looked like this:
$ 0alias barrage http://people.freenet.de/LinuxCNC/0install/barrage
Now I can run the program in the future simply by entering barrage at the command line. Included on the package page is a selection of tools for simplifying some of these tasks, but the above steps are still required for installing them.
Zero Install definitely has an interesting interface with its own unique take on distro-independent packaging. I'm guessing many people will be turned off by the command-line nature of this beast, especially with the copying and pasting from a Web browser (command lines and GUIs have never made the best of comrades). Also, many of the tools seem to be based on the Rox file manager—a great lightweight system but still relatively obscure to the larger Linux audience.
Personally, I mourn the demise of Autopackage, an outspoken project that received a great deal of hostility from the traditional distro packagers, such as Debian, that ultimately sparked its demise. Other similar projects take a more pragmatic approach—some with a more “Windowsy” installer (not necessarily a bad thing), others as unique as this one. Zero Installer may gain popularity simply by not being Autopackage and subsequently not angering the apt-get overlords. However you see it, I hope all these distro-independent packaging projects are sending a message to the developer community that not everyone is happy with the idea of being reliant on repositories, and a major change is required soon in software installation methods. This issue won't go away.
John Knight is the New Projects columnist for Linux Journal.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Death of RoboVM
- BitTorrent Inc.'s Sync
- The Humble Hacker?
- The US Government and Open-Source Software
- Open-Source Project Secretly Funded by CIA
- ACI Worldwide's UP Retail Payments
- New Container Image Standard Promises More Portable Apps
- AdaCore's SPARK Pro
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide