Hacker News new | past | comments | ask | show | jobs | submit login

> Aside from that, I don't want scripts shitting files all over my file system

Word. One of the things I love about Linux is that the prevalence of package management as a defining feature of a distribution is that it's almost always the case that application files are pretty well organized according to a standard (my home directories are a mess, but stuff outside is mostly pristine). Even things that aren't quite up to par you can at least clean up by just uninstalling the package--not perfect, but it generally does work.

The various companies that couldn't be arsed to fit their shit inside an RPM or DEB (not universal, but most other systems will have a functional enough means of converting a DEB or RPM until something gets popular enough that the community repackages it), or nowadays Flatpack, or even Docker (Docker has its own set of issues, but it's a decent enough isolation mechanism, certainly for filesystem stuff) are slowly re-creating Windows' mess of infinity different install/uninstall systems, all broken in their own unique small ways, and are happy to just yeet everything they need over the root directory (ah, the joys of driver installers designed by electrical engineers), are a plague on the modern Linux ecosystem.

"curl | bash" nonsense doesn't even make your installer distro-agnostic anyway--it just means that you'll slowly uncover the incompatibilities over time. Oh, your devs all use OS X, and weren't aware that BSD-lineage and GNU core utils don't all act the same, or are even entirely different, and didn't account for that? You've never encountered differences between FS layouts and your script falls over and dies because it relies on everything looking exactly like the build environment? Cool, you gotta reinvent the wheel now, and will probably do so poorly.

My fav example was a former coworker who loved to spout the adage "____ is a security company, and doing things securely is our top priority" in response to many security-related questions, but was also responsible for a set of instructions that had a "curl -k https://example.com/thing.sh | bash" line. Said engineer justified this with the rationale that the end users they worked with often had borked environments with ancient broken OpenSSL installations (or TLS intercept proxies not properly configured in Linux machines, whatever, some half-assed reason--I assure you that the download server certificates validity was not an issue), and lacked the expertise to fix them, so in the interest of expediency, they took a shortcut and didn't even bother to mark it as a problem to fix later. Our industry never ceases to impress me.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: