I must say, I appreciate the attention to make things not only simpler but less breakable lately. First we had APT being patched to stop users removing essential packages, now the KDE Discover software manager gets a similar upgrade.
Developer Nate Graham has written up another great "This week in KDE" blog post, going over changes and improvements coming to the next release of Plasma and the various applications. One small change really caught my eye though! Discover now has a new way to ensure you keep a working system, with an updated mechanism to detect important packages getting removed and give you a friendly warning on it free of too much technical jargon.
Picture Source - Nate Graham
Graham's comment underneath "Hopefully this is Linus-Sebastian-proof", heh. I hope many more application developers are looking at the way Discover and APT are evolving to ensure things are a bit more idiot-proof.
Another change to make things look a bit friendlier in Discover is that previously, if you had issues upgrading, it would instantly shove a load of technical details in your face. To normal consumers, that's clearly not going to do much to help and could probably scare them away. Now, instead, it will provide a very clear and friendly message, with the option to get more details to report the issue.
Picture Source - Nate Graham
Plenty more upgrades to Plasma are in the works too, like the newer KWin Overview effect gaining the ability to display search results from KRunner, which brings it another step closer to the GNOME Activities Overview feature, which I did always find thoroughly useful.
There's plenty more fixes in the full post.
Article taken from GamingOnLinux.com.
Some you may have missed, popular articles from the last month:
The comments on this article are closed.
Quoting: Glog78So KDE Discover now prevents you to deinstall kde plasma but you can go on and deinstall xfce or gnome which might used on a second user of this pc ? (Linus usecase ->) He doesn't liked dolphin as far as i got it and used another filemanager which can be in this scenario still be deinstalled ...
Ah yes, that's another point I read and wanted to reply to but then forgot, so I'll reply to this instead: IMHO it makes absolute sense for a GUI tool that is part of a GUI family of packages and is not meant to work on its own to actually prevent you from uninstalling said GUI family of packages, including itself.
If you really want to uninstall your DE (or other GUI-related stuff like Xorg) you should be doing so via CLI, i.e. a tool/environment independent of your DE, in the same way that e.g. reformatting your root should be done via a second system independent of your root device.
Regarding Gnome or XFCE, they're just non-essential packages from the point of view of an active KDE environment.
0 Likes
Quoting: NociferQuoting: Glog78So KDE Discover now prevents you to deinstall kde plasma but you can go on and deinstall xfce or gnome which might used on a second user of this pc ? (Linus usecase ->) He doesn't liked dolphin as far as i got it and used another filemanager which can be in this scenario still be deinstalled ...
Ah yes, that's another point I read and wanted to reply to but then forgot, so I'll reply to this instead: IMHO it makes absolute sense for a GUI tool that is part of a GUI family of packages and is not meant to work on its own to actually prevent you from uninstalling said GUI family of packages, including itself.
If you really want to uninstall your DE (or other GUI-related stuff like Xorg) you should be doing so via CLI, i.e. a tool/environment independent of your DE, in the same way that e.g. reformatting your root should be done via a second system independent of your root device.
Regarding Gnome or XFCE, they're just non-essential packages from the point of view of an active KDE environment.
While i understand the arguments i still want to ask a question here too:
kdiscovery considers kate to be an essential part for editing text
gnome software center considers gedit to be an essential part for editing text
..... (you see a pattern here)
Now the question ->
What is the essential part of editing on the distribution for the package manager ?
1 Likes, Who?
Quoting: Glog78Ok very slowly ... if someone of you can tell me how you want to solve the problem which programs are essential to a user in the user environment i would agree with this solution. Here again some question which might make it more obvious from a "scenario" which can happen:The questions you present are edge cases that might not be solved by the existing solution, but that doesn't negate the value of the solution. But sure, I'll take a stab at the issues.
Quoting: Glog78If someone removes Network Manager -> is this package essential with systemd networkd still being around or not ?If a user explicitly removes Network Manager, there is no issue. The package manager may employ some fail-safe mechanisms to dissuade users from uninstalling it, since it can be vital for the existence of networking, but when the user explicitly orders the removal of NM then that becomes their problem. No user-level application should be able to uninstall Network Manager as part of its dependency resolution process, particularly if NM is active.
Quoting: Glog78Question 2 to make it hard -> if one distribution says it is essential and the other says it isn't -> what would you as an developer of a none distribution package choose as an answer ? (in this case kde discover?)Make the best and probably most conservative decision the default, provide mechanisms for distributions to provide better information about which packages to consider essential. Since Discover uses the distribution's package management tools underneath, we can probably defer some responsibility to the underlying tools.
Quoting: Glog78Question 3 to make it completly lost -> what if the user wants to exchange network manager against wicd ?If two packages provide roughly equivalent functionality which would cause them to conflict at installation time, then I would be okay with the user being able to swap one essential package for another if the user has explicitly ordered an installation of that essential package. Package managers already exist which allow one package to cover other packages as dependencies. For example, the pipewire-pulse package provides the pulseaudio dependency under Arch Linux, allowing you to fairly seamlessly switch between the two without breaking the dependencies of all applications that depend on Pulseaudio. We could also decide to require satisfying the fail-safe mechanism in this instance, since switching from NM to wicd is a fairly niche use-case and people that would actually want to knowingly do that can probably figure out what they need to do to accomplish it. Alternatively, we could simply say that NM and wicd should not conflict in the first place and have the issue be resolved on service management level. I've got Network Manager installed in parallel with systemd-networkd, but I simply have the NetworkManager service disabled.
So, really, none of these scenarios is somehow impossible to overcome and solving these three arbitrary scenarios isn't even a requirement for the existing solution to be valid.
1 Likes, Who?
Quoting: GuestQuoting: AussieEeveeI agree in part. the CLI is not intended for newbies, but Linus was able to find a guide online and managed to bypass the protection offered to him by the gui, with only a single command and a verify command.
Adding protections doesn't make this dumbed down like Windows. It just adds protections.
Actually this raises a good point: what does the apt change do that would have made anything different for a youtuber who wanted page views? Type this, then type that. It doesn't matter if it's one line or ten - he would have followed everything written. So the change to apt? Yeah, wouldn't have done anything in this case.
Also, the original error message from the gui was exactly stopping critical packages from being removed! The original gui error message was stopping the very thing that was then done explicitly from the command line.
Well the problem was that the error from the Pop Shop was presented in such a way that Linus believed the problem to be with the Pop Shop and not with the Steam package. I think that is something that we can put down as a hard fact.
The problem is how we solve that misconception, will a more helpful error message in the shop help? Perhaps not, but then again a better message like the one KDE uses here (which matches what I requested in the earlier thread) will hopefully prevent a lot more of others in the same situation even though it would not have prevented Linus from continuing.
Because IMHO the major issue behind the LTT fiasco is that he (and his fellow Windows users) have a prejudice against Linux in that the graphical shops are unstable / don't work and that you have to use the terminal to get anything to work in Linux. That is not something that a new warning message will solve, at least not initially, perhaps on a long term though.
I think that it's important that we don't lock ourselves down in a nirvana fallacy where we will only accept a change if it solves 100%, every improvement is an improvement.
1 Likes, Who?
Quoting: SamsaiQuoting: Glog78Ok very slowly ... if someone of you can tell me how you want to solve the problem which programs are essential to a user in the user environment i would agree with this solution. Here again some question which might make it more obvious from a "scenario" which can happen:The questions you present are edge cases that might not be solved by the existing solution, but that doesn't negate the value of the solution. But sure, I'll take a stab at the issues.
Quoting: Glog78If someone removes Network Manager -> is this package essential with systemd networkd still being around or not ?If a user explicitly removes Network Manager, there is no issue. The package manager may employ some fail-safe mechanisms to dissuade users from uninstalling it, since it can be vital for the existence of networking, but when the user explicitly orders the removal of NM then that becomes their problem. No user-level application should be able to uninstall Network Manager as part of its dependency resolution process, particularly if NM is active.
Quoting: Glog78Question 2 to make it hard -> if one distribution says it is essential and the other says it isn't -> what would you as an developer of a none distribution package choose as an answer ? (in this case kde discover?)Make the best and probably most conservative decision the default, provide mechanisms for distributions to provide better information about which packages to consider essential. Since Discover uses the distribution's package management tools underneath, we can probably defer some responsibility to the underlying tools.
Quoting: Glog78Question 3 to make it completly lost -> what if the user wants to exchange network manager against wicd ?
If two packages provide roughly equivalent functionality which would cause them to conflict at installation time, then I would be okay with the user being able to swap one essential package for another if the user has explicitly ordered an installation of that essential package. Package managers already exist which allow one package to cover other packages as dependencies. For example, the pipewire-pulse package provides the pulseaudio dependency under Arch Linux, allowing you to fairly seamlessly switch between the two without breaking the dependencies of all applications that depend on Pulseaudio. We could also decide to require satisfying the fail-safe mechanism in this instance, since switching from NM to wicd is a fairly niche use-case and people that would actually want to knowingly do that can probably figure out what they need to do to accomplish it. Alternatively, we could simply say that NM and wicd should not conflict in the first place and have the issue be resolved on service management level. I've got Network Manager installed in parallel with systemd-networkd, but I simply have the NetworkManager service disabled.
So, really, none of these scenarios is somehow impossible to overcome and solving these three arbitrary scenarios isn't even a requirement for the existing solution to be valid.
So in the end ... the user still needs to decide what he wants and not wants -> if a user can't decide in the first place if something is harmful how can he decide now? Will it stop him from doing harmful things ? Will it help him to understand the dependencies and why they are used ? Will it make him understand what is happen right now ? ... Most likely not and we might become a situation like under windows where user don't check anymore if they get an admin promt at all ... they just click it's fine someone on the internet told me to do so ... I would go so far that since you as someone who want to help can't be sure which packages are blocked by which frontend -> we will tell them to do on the commandline overruling the distribution protection ... Thats why i think we are on a complete stupid path currently ... we don't fix anything but we make it more overhead for people who are able to support those systems.
0 Likes
Quoting: Purple Library GuyQuoting: NociferBut I do have one question: what if I intentionally do want to remove a "system critical" package like Xorg or my DE - how do I do it if package managers, both GUI and CLI, prevent me from doing so?If you intentionally want to delete something, wouldn't you normally do it by, I dunno, using a "delete something" command of some sort, not by trying to trigger the deletion by installing a package? As far as I know, nobody's done anything to the stuff you do when you're trying to delete things.
Well it would happen if you where trying to replace say xfree with xorg or pulse with pipe-wire. Then you would remove what the disto have marked as an essential package and replace it with another which is what the Steam package tried to do here, the main issue of course is that there where no i386 version of the desktop or xorg available so apt replaced it all with nothing.
And that is something that the apt (and possible also yum/dnf/pacman) devs should take a hard look on, if a package have a hard dependency that requires it to remove packages but where the actual dependency doesn't exist it should straight out refuse to perform the action regardless of any "do as I say".
2 Likes, Who?
Quoting: Glog78[There is only so much you can do to prevent PEBCAK, but on this level I think we had room to push a bit further without any meaningful harm to any existing users, so I don't really understand all the push-back. None of this has ever been about preventing all wrong decisions or making the user learn things they don't want to learn. We are incapable of those things. But what we can do is deploy reasonable measures that make certain classes of stupid mistakes less likely to happen.
So in the end ... the user still needs to decide what he wants and not wants -> if a user can't decide in the first place if something is harmful how can he decide now? Will it stop him from doing harmful things ? Will it help him to understand the dependencies and why they are used ? Will it make him understand what is happen right now ? ... Most likely not and we might become a situation like under windows where user don't check anymore if they get an admin promt at all ... they just click it's fine someone on the internet told me to do so ... I would go so far that since you as someone who want to help can't be sure which packages are blocked by which frontend -> we will tell them to do on the commandline overruling the distribution protection ... Thats why i think we are on a complete stupid path currently ... we don't fix anything but we make it more overhead for people who are able to support those systems.
Also, I don't see how we are increasing the amount of overhead. The vast majority of situations where we support users don't involve removal of essential packages. In fact, regular users who just want to use their computer should be able to do so basically completely without ever worrying about a single essential package. They should only need to lift the veil if they are actually curious. If a user just wants to install Steam, that should never involve the removal of essential packages and we can make sure that doesn't happen either by deploying sanity checks that make sure those kinds of packaging mistakes don't happen or by having sanity checks performed by package managers so that they don't install faulty packages.
2 Likes, Who?
Quoting: F.UltraQuoting: Purple Library GuyQuoting: NociferBut I do have one question: what if I intentionally do want to remove a "system critical" package like Xorg or my DE - how do I do it if package managers, both GUI and CLI, prevent me from doing so?If you intentionally want to delete something, wouldn't you normally do it by, I dunno, using a "delete something" command of some sort, not by trying to trigger the deletion by installing a package? As far as I know, nobody's done anything to the stuff you do when you're trying to delete things.
Well it would happen if you where trying to replace say xfree with xorg or pulse with pipe-wire. Then you would remove what the disto have marked as an essential package and replace it with another which is what the Steam package tried to do here, the main issue of course is that there where no i386 version of the desktop or xorg available so apt replaced it all with nothing.
And that is something that the apt (and possible also yum/dnf/pacman) devs should take a hard look on, if a package have a hard dependency that requires it to remove packages but where the actual dependency doesn't exist it should straight out refuse to perform the action regardless of any "do as I say".
i can say for pacman --> unsatisfied dependencies are nearly impossible to install ...
0 Likes
Quoting: GuestQuoting: SamsaiQuoting: NociferWell, this change is actually all about completely preventing the package manager from uninstalling essential packages when told to do so, either explicitly or implicitly. What produced the error Linus faced was trying to install a misconfigured package combined with his/the system's failure to first update the package listings before he tried to install it; it's just that this misconfigured package ended up firing apt's "remove essential package" routine and from thereon there was nothing to prevent apt from doing exactly as ordered, beyond that one silly "fail-safe" (which shouldn't ever have been implemented in the first place).I am aware of the scenario. Apt still retains the ability to uninstall essential packages and that counts as having the ability to explicitly order such a removal for me. The only difference is that now the fail-safe mechanism is stronger and will better dissuade users who don't actually know what they are doing.
I still disagree that the apt change was useful. The KDE Discover change, absolutely, but for apt people are still just going to follow something they found online to force modifications without fully understanding it. It's a knee-jerk reaction, and doesn't actually fix anything in my view.
So is your only argument against the tiny apt change that it happened too fast? You say it doesn't fix anything, but does it break anything either? Do you actually think the UX is worse now, instead of better?
People making a mountain out of a molehill, as is tradition.
1 Likes, Who?
Quoting: SamsaiQuoting: Glog78[There is only so much you can do to prevent PEBCAK, but on this level I think we had room to push a bit further without any meaningful harm to any existing users, so I don't really understand all the push-back. None of this has ever been about preventing all wrong decisions or making the user learn things they don't want to learn. We are incapable of those things. But what we can do is deploy reasonable measures that make certain classes of stupid mistakes less likely to happen.
So in the end ... the user still needs to decide what he wants and not wants -> if a user can't decide in the first place if something is harmful how can he decide now? Will it stop him from doing harmful things ? Will it help him to understand the dependencies and why they are used ? Will it make him understand what is happen right now ? ... Most likely not and we might become a situation like under windows where user don't check anymore if they get an admin promt at all ... they just click it's fine someone on the internet told me to do so ... I would go so far that since you as someone who want to help can't be sure which packages are blocked by which frontend -> we will tell them to do on the commandline overruling the distribution protection ... Thats why i think we are on a complete stupid path currently ... we don't fix anything but we make it more overhead for people who are able to support those systems.
Also, I don't see how we are increasing the amount of overhead. The vast majority of situations where we support users don't involve removal of essential packages. In fact, regular users who just want to use their computer should be able to do so basically completely without ever worrying about a single essential package. They should only need to lift the veil if they are actually curious. If a user just wants to install Steam, that should never involve the removal of essential packages and we can make sure that doesn't happen either by deploying sanity checks that make sure those kinds of packaging mistakes don't happen or by having sanity checks performed by package managers so that they don't install faulty packages.
Thats exactly why i want to know what will be "essential" in the future ? ... For a "newbie" compatible distribution i would mark all packages essential (to say it very hard). But this distribution won't be able to really let you choose anymore without being "midly" annoying with questions if you really want to do what you want to do and don't allow it on the gui but force you to override something and use the terminal. So i go back to my question above -> how do we determine what is essential and if we have determined what is essential does it really help or does it start to annoy and be contra productive. Also is it good if every package manager frontend now decides on his own what is essential ?
0 Likes
Patreon
PayPal
See more from me