When you do a search in GNOME Software it returns any result of any application with AppStream metadata and with a package name it can resolve in any remote repository. This works really well for software you’re installing from the main distribution repos, but less well for some other common cases.
Lets say I want to install Google Chrome so that my 2 year old daughter can ring me on hangouts, and tell me that dinner is ready. Lets search for Chrome on my Fedora Rawhide system.
Whoa! Wait, how did you do that? First, this exists in /etc/yum.repos.d/google-chrome.repo — the important line being enabled_metadata=1. This means “download just the metadata even when enabled=0” and means we can get information about what packages are available in repos we are not enabling by default for legal or policy reasons.
[google-chrome] name=google-chrome baseurl=http://dl.google.com/linux/chrome/rpm/stable/x86_64 enabled=0 gpgcheck=1 repo_gpgcheck=1 enabled_metadata=1 gpgkey=https://dl-ssl.google.com/linux/linux_signing_key.pub
We’ve also got a little XML document with the AppStream metadata (just the long description and keywords) called /usr/share/app-info/xmls/google-chrome.xml which could be included in the usual vendor-supplied fedora-22.xml if that’s what we want to do.
The other awesome feature this unlocks is when we have addon repos that are not enabled by default. For instance, my utopia repo full of super new free software applications could be included in Fedora, and if the user types in the search word we ask if the repo should be enabled. This would solve a lot of use cases if we could ship .repo files for a few popular COPRs of stuff we don’t (yet) ship in Fedora, but are otherwise free and open source software.
All the components to do this are upstream in Fedora 22 (you need a new librepo, libhif, PackageKit, libappstream-glib and gnome-software, phew!) although I’m sure we’ll be tweaking the UI and UX before Fedora 22 is released. Comments welcome.
Please have a look at fedora 21. The offline-update is broken.
pk-offline-update[559]: failed to update system: Failed to find libical;1.0-8.fc21;i686;updates
So where would these additional repo files be installed from?
I assume by default by some package (fedora-release-nonfree?), but that’s a Fedora decision not mine.
The wording of the non-FOSS warning is…odd. It doesn’t seem to me like the most likely / significant consequence of non-FOSS-ness is possible prosecution. That’s not why Fedora doesn’t ship non-FOSS stuff either. It sounds like a warning that’s more suited to *patent encumbered* stuff.
Where’s that coming from? Can it be improved?
Yes, it can certainly be fixed, it’s very much a first cut for comments. Other people have said that the legal warning isn’t suitable for chrome but possibly is for codecs. It needs to be a sliding scale I think.
There’s a fairly clear split between ‘non-free but legally redistributable’ and ‘freely licensed but somehow legally encumbered (usually patents, also DMCA/EUCD)’. I’d at least have different and specific messages for those cases, and we should definitely have strong legal advice on *any* form of exposure of anything that falls in the second category in Fedora.
Things that fall cleanly in the first bucket, like Chrome or Flash plugin for e.g., are purely an ‘idealistic’ thing. No-one’s going to arrest anyone for using them; the text should just briefly talk about how Fedora supports F/OSS software and probably link to our page on why there’s no non-F/OSS software in Fedora proper.
The difficulty is that these are upstream strings. We could possibly add a %s for the distro name and a %s for the URL but translators hate things like this.
Well, I think any distro which wants *any* kind of warning before installing non-free-but-redistributable software would want it for the same reason, so should be able to use the same text. If a distro doesn’t actually have any philosophical objections to non-free software, they wouldn’t be using the mechanism in the first place, they’d just package it. So, it shouldn’t be too hard to come up with a generic text, I guess. I just thought it’d be easier to link to a distro page to avoid re-writing all the text, but to make it agnostic you could do the writing, or maybe link to an FSF page?
Would it be practical to allow vendor-level overrides for the upstream text?
I agree with this … the warning sounds too scary for no reason. It somehow implies using google chrome is illegal which is cleary not. There is no “you shall not use non FOSS software” law anywhere.
This is going in the wrong direction in my opinion. Why would we provide a file for Chrome or any other third-party application? The whole concept of repository as we know it is dated and doesn’t scale. I believe we should go the Android Market way where authors publish their applications and update them. Core Fedora applications could be published under ‘Fedora’ user. So it would be user decision whether he trusts the application/author. Also packaging has to change to a format that doesn’t allow pre/post-install scripts. Right now installing an application and removing it doesn’t necessarily leave the system in the same state which is bad.
I don’t disagree. Small steps.
Very nice! Can I hope that some day, that I’ll be able to install updates without the need to reboot, again? Thanks
Is this only required because these third party repos and packages haven’t added appstream metadata yet?
Having a way to not be warned again about non-free software would be good.. I understand the issues but don’t want to be bugged every time.
Having a warning about non-free is good; having suggestions on free alternatives would be even better.
“Chrome — non-free bla bla bla bla
Free options (in order of similarity):
Chromium — free bla bla bla
Firefox/Iceweasel — free bla bla bla
…”
This could also allow for suggestions about common non-free software that doesn’t have a port to Linux at all.
“Office — proprietary office software package; no Linux version available
Free alternatives…”
I know we *hate* non-free and want a walled garden that only allows FOSS, but is there going to be a GUI/user friendly way to add third-party repos (maybe from the Control panel).
I could imagine (e.g.) Steam wanting to integrate with Gnome software, or maybe a “Corporate Apps” Repo for people working in an office.
The warning about non-free software needs a photo of Richard Stallman next to it :^)