On 04/26/2010 09:46:06 PM, Toby Thain wrote: > > On 27-Apr-10, at 12:19 PM, Karl O. Pinc wrote: > > > On 04/26/2010 06:19:31 PM, Toby Thain wrote: > >>> > >>> > >> > >> I don't think unpackaged OS X binaries are very useful, which is > why > >> I > >> > >> created the pkg+dmg. > > > > I agree, because the Apple development kit is shipped, > > if not installed, on every Mac. > > It ships on the DVD but most people never install it, of course. > > > (Last I looked.) And > > because ./configure ; make is painless. > > To use your argument from above -- imho much too complex for most end > > users. As well as requiring Apple Developer Tools (they have to go > find the original DVD, which may or may not even be possible), this > involves locating and downloading two source archives from two > different sites, and configuring and building them both; beyond the > pale for non-technical users, even though it's trivial for "us".
I'm not following you here. I thought we were talking about whether unpackaged OS/X binaries were useful to anybody. The answer being no because developers and packagers are the only people who need them and developers and packagers can easily create OS/X binaries. > > The pkg/dmg is, on the other hand, a genuine one click install. (Even > > if you have to do a 2nd key install, which pkg has to be built > individually and distributed securely anyway.) Depending on the degree of security required it could be enough to key the server but not the client. It does not matter to my argument though, if you're going to make individualized packages for each user you may as well put everything required into the package you supply. Having to compile binaries for MS Windows becomes a big sticking point when making an all-inclusive MS Windows installer; because you're already making an installer you know how to do that and you've got a working example of the OpenVPN installer as a starting point. > It seems logical to me that an OS X binary dmg could be on the > OpenVPN > > downloads page, giving a similar level of convenience to "yum install > > openvpn" or "apt-get install openvpn" or "emerge openvpn". Sure. Packages can be useful to end-users. > > One thing that should *not*, in my opinion, be encouraged at all by > OpenVPN, are third party package managers (MacPorts, Fink, Homebrew > etc) as the binary route on OS X. That seems to do more harm than > good. I have no opinion. I suppose it depends on the degree of systems integration provided by the 3rd party. I assume this is usually none, in which case there's no point and the end-user may as well get their packages straight from the source. > > > If I were deploying it, rather than hacking on it, I would expect a > binary installer to be available for my platform, at > http://openvpn.net I'd expect my distro provider to supply it, be sure it integrates with everything else, and support security fixes. YMMV. Of course this assume a distro. Users of commercial OSs are generally expected to arrange for their own systems integration and application support. In that case the typical user should follow your advice and get their packages direct from OpenVPN. Which raises another issue. IMO OpenVPN is encouraging bad practices by supplying packages for distros that include OpenVPN. The typical user is more likely to have a bad OpenVPN experience, over time, when using packages obtained directly from OpenVPN than when using packages created by their distro, for the reasons outlined above and earlier in this thread. Some people may benefit from having the most recent OpenVPN and obtaining it straight from the project, but these people are also the most likely to be able to package it themselves. If this is all true then the OpenVPN project is doing it's userbase a dis-service by making, say, packages for Red Hat available for download because this is tacit encouragement of bad practice. At minimum there should be a warning to educate the naive user. The situation is different for MS Windows and OS/X. Packages are needed for those platforms and whatever other commercial OSs the project wants to support. There. Now I've wandered far from the original topic and likely offended someone too. Mission accomplished. :-P Regards, Karl <k...@meme.com> Free Software: "You don't pay back, you pay forward." -- Robert A. Heinlein
