Frequently Asked Questions

Back to the main page

Frequently asked questions

Table Of Contents

How complete are the backends?

Backends do not have to be complete when they are added to PackageKit. If a feature is not present then it is hidden in the UI, which will explain why on some distributions the client tools look a little different to other distributions. You can see the latest feature matrix here.

Why can't I add or remove software sources?

In the software source viewer you can enable and disable repositories, but you cannot rename, add or remove them. This is a deliberate design choice chosen for the following reasons:

What's a package catalog?

There's one use case that I'm very interested in, and that is getting new users with the correct environment to build and start hacking on software or using other software tools. For instance, on in the FAQ section, we could have a link to install build files to start hacking on PackageKit.

Now, this .catalog file is handled by gpk-install-catalog that parses this file and causes the appropriate packages to be installed if they are not already installed. This rocks as we can get GTK+, Xorg hackers up to speed with the minimum of fuss and confusion. It also lets people put links on webpages to install all the stuff you need when writing a How to use a scanner in GIMP howto.

So, what does a .catalog file look like?

[PackageKit Catalog]

# Just a package on all versions of fedora that can provide the dependency.
# If there are multiple packages then the user will be asked to choose

# Just for Fedora 9, install two development files

# On any distro, install the package with this file

# For each architecture on Fedora 8, install one of the two different compat files

You'll notice the distro-id in between the ()'s - this lets a packager fine tune the package name, where for instance in Debian the package is called policykit and Fedora PolicyKit. You can specify a granularity of distribution, distribution;version or distribution;version;architecture - PackageKit will process all the entries that apply. It's of course better to not specify a () if possible, as this lets the file work on as many distributions as possible out of the box.

There's also no version checking - intentionally - the distro should be specified and have the correct data. If there's an optional package not in earlier versions then you can do something like this:

[PackageKit Catalog]

# Fedora 9 does not have Unique

# Rawhide is fedora 9.90

There's also no description of the catalog that needs translating and verifying - they are just lists of packages, files and provides that might be useful. All the translations come from the distributions metadata, and it's up to the user to verify the package lists that are asked to be installed, so there are no signing or trust issues.

The supported methods are InstallPackages, InstallProvides and InstallFiles. Any line that does not start with these key words will be descarted.

InstallCatalog is also available on the session interface.

Note: this isn't designed to replace one click install, it just does something that is similar in a different way.

Can I include formatting characters in package descriptions?

Yes, as long as the descripions are formatted with Markdown then the descriptions will be formatted correctly in client programs. Using Markdown is a deliberate choice as it does not force the vendor to adopt any specific markup language. An example Markdown package description would be:

GNOME Power Manager uses the information and facilities
provided by HAL displaying icons and handling user
callbacks in an **interactive** GNOME session.

The following *GUI* programs are provided:
* `gnome-power-preferences` - set policy and change preferences
* `gnome-power-statistics` - view power graphs and device history

This would be rendered by a text program as:

GNOME Power Manager uses the information and facilities provided by HAL
displaying icons and handling user callbacks in an interactive GNOME session.

The following GUI programs are provided:
* gnome-power-preferences - set policy and change preferences
* gnome-power-statistics - view power graphs and device history

A GUI front-end would format the text like this:

GNOME Power Manager uses the information and facilities provided by HAL displaying icons and handling user callbacks in an interactive GNOME session.

The following GUI programs are provided:

  • gnome-power-preferences - set policy and change preferences
  • gnome-power-statistics - view power graphs and device history

Update descriptions are also processed for markdown, for example:

How does the command not found functionality work?

The command not found functionality is a bash extension that allows PackageKit to suggest similar commands, or to offer to install packages to provide commands. It's probably best to click on the image and watch the video.

Does PackageKit support 1-Click Install?

No, as they are a potential security problem. The issues are as follows:

So what's the solution? Using a standard $vendor-release.rpm or .deb you can ship the standard repo or source with a signed GPG key. PackageKit also supports catalogs which can install sets of files provided by your distro.

Quoting Sebastian Heinlein, Allowing to easily add third party repositories and install third party software without a certification infrastructure is like opening the gates to hell. Most user just don't have got the technical understanding to handle this well.

When run as root, gpk-application and pkcon do not work!

GTK+ tools should not be run as the root user, PERIOD. Any GTK+ program run as the root user is a massive security hole -- GTK+ just isn't designed with this in mind. There are numerous attack vectors when running as root, and programs shouldn't do such insane and insecure things.

Please see the GTK+ explanation for more rationale.

Why is there a session service and and a system service?

PackageKit runs a process packagekitd that is a daemon that runs per-system. The daemon lets you schedule transactions using either the raw DBUS methods, or using libpackagekit. The transactions are very fine grained, so an application would have to manage the transaction process itself. This would mean handling the EULA and GPG callbacks in each application. This is less than ideal.

For this reason, a session helper is provided which makes all the complexity go away; it handles all the GPG key authentication and EULA agreements, and also works with authentication agent and user settings. Using the session service is also designed to be synchronous, which means you can send the DBUS call and just wait for the result, rather than managing callbacks to update custom GUIs.

The session helper is implemented in gpk-update-icon on GNOME, and is also availble when apper is installed on KDE. If you want full integration using custom dialogs without running the extra session process, then use libpackagekit. If you don't care, and just want things to work then use the session interface. If you want a demo, you can download session.c for a session example and system.c as a system example.

Compile with:

gcc -o session -Wall session.c `pkg-config --cflags --libs gio-2.0`
gcc -o system -Wall system.c `pkg-config --cflags --libs packagekit-glib`

How do I use PackageKit in my application?

Using the shared session interface you can use the following DBUS methods to make PackageKit just do the right thing. All the additional confirmation, package downloads, GPG and EULA prompting is done automatically.

The DBUS methods are designed to be run syncronously, but can be run async using g_dbus_proxy_call and getting the status with g_dbus_proxy_call_finish. There is example code available in c or in python.

The methods available on this interface are:

Please email me or the mailing list if you have any other questions

What do the tray icons mean?

Bugfix update Enhancement update High priority update
Low priority update Normal update Security update

NOTE:Not all the icons may show for some backends.

If you are using Fedora rawhide then only the bugfix icon will be show due to missing metadata. In the released versions of Fedora metadata is added to updates and the type of update can be found.

Why don't I get update details with Fedora Rawhide?

The Rawhide repository does not supply metadata needed for the update-viewer to display extra information about the update, such as changelogs, CVE and bugzilla references. Only released versions of Fedora have this metadata.

Why doesn't PackageKit work with SELinux?

The process packagekitd is not recognized by SELinux if you are using old selinux-policy rules. Until the policy is updated to handle system activation, you'll have to run in permissive mode, rather than enforcing.

See Red Hat Bugzilla for further information.

What if the backend package manager doesn't support percentage updates?

You don't have to have a backend that supports percentage updates. If you don't know the progress, just emit NoPercentageUpdates and then the UI should just do the right thing and spin backwards and forwards.

Why are the remaining times sometimes not present or wildly wrong?

The remaining time to completion of the transaction is calculated using an average time of the time between percentage updates points, extrapolated to 100%. This means that backends that give accurate and frequent percentage-changed signals will get accurate times.

If a backend updates the percentage using very course updates (e.g. 20%, 40%, 60%, 80%, 100%) then the remaining time algorithm will not perform well. Similarly, if the duration of 0% to 50% takes 2 minutes and 50% to 100% takes 10 minutes then at first the time will be reported under the true time to completion. It is up to the backends to map the transaction progress to fine-granularity accurate percentage updates, at least as best as possible.

With all the differences between backends, how will PackageKit support all the different options?

Backends don't have to support all options of all methods. Just set an error and return false if not implemented.

But error codes are different on each backend?

Error codes have to be standardized so they can be localized. The error detail field can just be the untranslatable output. If you are creating a backend and you need another error enum, mention it and we can add it to the supported list.

How will PackageKit handle installation an application that needs user interaction?

Upgrading, installing or removing packages has to be 100% silent.

The user cannot be prompted mid-transaction for questions as these will not be handled in PackageKit. The backend should do the right thing, as these questions mean very little to the average user.

The reasons for this are as follows:

EULAs or other agreements will have to be agreed to before the transaction is processed using the EulaRequired signal. EULAs should preferably be shown per-user - i.e. the first time an application is run.

PackageKit will not install packages with broken maintainer scripts that require a stdin. Debian policy clearly says that prompting on stdin instead of using debconf is deprecated. If this is attempted the backend should detect this and error out of the transaction with PK_ERROR_ENUM_BROKEN_PACKAGE. We cannot and will not ask the user for random standard input.

See the Debian PackageKit wiki for more details and further discussion.

If the transaction needs to tell the user something, the Message() method can be used that will localise the message up the stack, and also give the user a way of ignoring duplicate messages of this type. We really don't want to be doing things like this or this.

Does PackageKit replace up2date?

PackageKit does not replace up2date. PackageKit is a way for users to interact with the packaging system, not for an administrator to install software on remote machines.

Is PackageKit a system daemon, always running and using resources?

PackageKit is not yet another system daemon. It quits when not doing anything, and only starts when something wants information or a task completed.

How does PackageKit handle dependencies?

PackageKit does not do dependency resolution. This problem has already been solved by the backend systems and we don't really want to re-invent the wheel.

PackageKit does not have the fine-grained API to do everything. For instance, synaptic should still use libapt as can do much more than can be provided by PackageKit.

Does PackageKit replace the Red Carpet service?

PackageKit is not a replacement to red carpet. Red carpet was really great and years ahead of it's time, but tried to do everything package related on the system, and moved onto the enterprise centralized management model. Although cool, this latter point made things too political in my opinion.

How fast is PackageKit?

PackageKit is really fast. It takes about 1 second to search for installed and available packages with "power" in the description - no blocking of the UI happens at all as it's all asynchronous. All the applications start instantly with no root password needed at startup.

How does PackageKit work with multiple users?

PackageKit is designed from the ground up to work with fast user switching and logging in and out of sessions during upgrades. You can start a system upgrade, log out, log in as another user, and be notified when the upgrade is complete, all without risking your rpmdb.

Can users still use their normal package managers and backends, such as Yum, APT or Conary?

PackageKit does not stop you using the low level tools yourself. You can use rpm and yum or dpkg and apt when PK is inactive (99.999% of the time) when you really need some command line love. No more fighting over yum, yum-updatesd, pup and pirut.

What is a Service Pack?

A service pack is a tarball which contains the particular package and its dependencies. The user can select the dependencies to be packed using the --with-package-list option. Along with the dependencies, a service pack has a file named metadata.conf which contains the distribution name and version and the date of creation of the pack. Service packs are generated using the command line client pkgenpack.

What is Hughsie's law?

A joke that started on IRC late one night in '07. Put formally it is: Authentication or license prompts can only be done before the transaction has started, and messages or notices about the transaction can only be shown after the transaction has completed.

How do I translate gnome-packagekit?

See the GNOME Translation Team web pages for how to contribute to GNOME localisation.

Is there an organization or corporation sponsoring development of PackageKit?

PackageKit is not sponsored by anyone. Whilst interning at Red Hat in '07 I spent a few days on the API and some UI designs, but all the coding is done in my free time. I now work at Red Hat full time.

Back to the main page