Zero Install, the decentralised cross-distribution software installation system, announced 0install 1.0 today, after 8 years in development. 0install allows software developers to publish programs directly from their own web-sites, while supporting features familiar from centralised distribution repositories such as shared libraries, automatic updates and digital signatures. It complements, rather than replaces, the OS’s package management. As well as allowing developers to create a single package that works across Linux, BSDs, Mac OS X and Windows, it could help make software available on more minor platforms. OSAlert covered decentralised installation systems in 2007.
Decentralized software installation is something both Windows and MacOS do well, yet Linux completely fails at. The consequences for Linux are dire: little to no Linux portable apps, no standard way to install third party software, no standard automatic update, no distinction between distro and third party software, just name a few.
Projects like Zeroinstall, Autopackage, Klik, Listaller, and several others have been trying to solve the problem for years, but apparently nobody cares: users just use the distro repositories, most ISVs just target other operating systems, and stories about Zeroinstall are getting virtually no comments. Then people wonder why the Linux desktop is stuck in single digit percentages.
Agreed. One of the great things I remember from when I first started releasing software for Linux (about 1998): people would get it direct from my web site, compile it and run it. If there was a bug, they’d write to me, I’d fix it, and often they’d have a working version the same day.
But when they get my software from their distribution, the bug reports I get are 6 months out of date. The problem is often already fixed, but it will be another 6 months before they can get the working version.
That really kills any chance of rapid improvement and feedback through community involvement, which should be what free software does best.
PPAs are OK if you’ve got an army of packagers to backport every release to every distribution, but most software isn’t popular enough for that. I wonder why more developers don’t give 0install a try?
I covered Autopackage years ago in Tux Magazine and it seemed to have more potential to me than others, including 0install. One of the major barriers seemed to be Debian people, who went all religious on their ‘ass’, and even banned Autopackage developers from their IRC channels. That sort of thing was really demoralising, and despite the fact it had interest from parties like IBM, idiotic zealots from other projects killed it.
Sometimes we’re our own worst enemies.
I wasn’t nearly as much a fan of 0install last time I tried it (although I imagine it’s much improved over the years) as the very familiar and intuitive interface as Autopackage, but heck, good luck to ’em.
I remember when we first got 0install into the Debian repository, I had to spend quite a long time convincing them that it wasn’t like Autopackage!
I think the main issue was this: if an Autopackage needed a newer version of a library than the one Debian had installed, it would move Debian’s copy out of the way and replace it with its own. So there was a risk that other programs on the system would stop working, and Debian would get confusing bug reports.
0install never does that: a library added by 0install is only visible to other 0install programs (and, in fact, only to those which depend on it explicitly).
Having just visited several seporate websites and update utilities, for newer program versions unvetted by the Windows distribution maintainer, I’m rather happy to get home to my Debian boxes and find all the updates vetted and waiting through a single command.
I don’t think the issue is the distribution repository model since anyone can simply setup a third party repository to include in. Webmin and Mondo Rescue both do this with fantastic results, I get there code directly from them but still through my central package manager.
The truly universal package format is still the tarball; crossing distributions, kernel and processor types. Zeroinstall is interesting also though. If it premotes more *nix native development and faster bug/vuln report turn around times without imposing stupid dependencies then have at it. I just don’t want my prefered distro to suddenly require bloated crap dependencies imposed by someone elses ideas. (Evolution – a PIM app – required just to display a Gnome desktop? Really? And Debian is inheriting this sillyness from Canonical now it seems.)
In the end though, wouldn’t Zeroinstall have to be feeding an abstraction layer like Android apps requiring Dalvik abstraction on top of the OS? The natural differences between distributions would seem to become an issue otherwise where one distro includes dependencies or versions that another does not?
That’s a good question. What happens is that each program specifies what it needs in its XML “feed”. For example, a program that requires libexpat1 >= 2.0 might say:
<pre>
<requires interface=”http://repo.roscidus.com/lib/expat1“>
<version not-before=”2.0″/>
</requires>
</pre>
The expat feed says where to download various versions of the library, and also gives the name of the distribution package for various distributions (actually, the feed currently only gives one package name).
If you run the program on a system where the distribution’s package of libexpat1 is installed and has version >= 2.0 then it will use that.
If libexpat isn’t installed through the distribution (or it’s too old) then 0install may download a newer version to the 0install cache and run the program using that (without affecting other programs, which continue to use the distribution’s version).
Or, it might use PackageKit to install or upgrade the distribution package, if a suitable version is available (requires confirmation and admin access).
As the author of the program, all you need to know is that you require libexpat1 >= 2.0. You don’t need to know the different names that different distributions use, or whether a 0install package for it will be used.
So it’s more of a distro independent packaging format that builds out it’s own directory tree when the distro does not provide a dependency. That could be very intersting.
The other side of it may be how cleanly it managed uninstall but as a package manager that should really just be a matter of dragging dependencies back out if no longer needed by another zeroinstall package. It could offload the work to the distro package manager when applicable too so it’s not duplicating the effort to maintain which packages need what dependencies.
For me, it’s all about the minimal dependencies. Enough minimal install to get past the first boot then a very select list of packages which minimize the dependencies they drag in.
Granted, some of my more interesting toys need to be pulled in by subversion. Currently my update script does the distro packages then the svn branches so adding a third line for zeroinstall packages would be no biggy.
One interesting thing is that when you “install” a program, you’re actually creating a launcher that runs 0launch. For example, to add a shell command “rox” to run ROX-Filer, you can do:
$ 0alias rox http://rox.sourceforge.net/2005/interfaces/ROX-Filer
That creates a script (e.g. ~/bin/rox):
#!/bin/sh
exec 0launch http://rox.sourceforge.net/2005/interfaces/ROX-Filer “$@”
0launch doesn’t care whether the program is installed or not. It selects the best version of ROX-Filer, checks the cache, and downloads anything that’s missing. So, I can take my little ~/bin directory to another machine and all my programs are available (installed lazily the first time I run them). And that works even if I move from e.g. a 64-bit system to a 32-bit one, or from Linux to FreeBSD.
(note: that doesn’t mean it uses the network every time you run “rox”… if everything needed is already cached then it runs immediately)
Of course, you can also take the cache (~/.cache/0install.net) with you if you have more space or a slower network, or a shared network home directory. You can share a single cache between different architectures without problems. e.g. ROX-Filer would be downloaded again if you moved from Linux to FreeBSD because it’s a C program (Linux and FreeBSD binaries would coexist in the cache), but Python programs would be shared automatically.
Edited 2011-05-26 12:38 UTC
Hm.. add in a usb that that becomes a very nice portable system to keep in your packet along side your portableapps usb for windows systems.
You do realize Blizzard made a Linux version of World of Warcraft but refused to release it due to compatibility problems on various Linux distros (http://www.phoronix.com/scan.php?page=news_item&px=OTA0NQ)?
Clearly the current system is not good enough.