[GTALUG] keeping my systems updated: Windows vs Linux

D. Hugh Redelmeier hugh at mimosa.com
Tue Mar 8 18:33:27 EST 2022 

| From: Nicholas Krause via talk <talk at gtalug.org>

[I've cut out the quotation of my message since Nicholas' message
doesn't seem to respond to it.]

| I did this

What's "this"?

| a while ago, but I noticed that exes were about twice as slow
| as yum at the time.

What are exes?  Do you mean Windows .exe files?  Those are executable
files.  How do they compare with yum, a package management program.

yum has been replaced by dnf.  If you type "yum" on fedora, you get
dnf.  If I remember correctly, "yum" stood for Yelllowdog Updater,
Modified (Yellowdog Linux was a distro for POWER7).

dnf is mysteriously powerful.  At least mysterious to me.  It solves
dependencies using a SAT solver!

| It was even worse for apt, about 3 times.

Perhaps you are saying that apt is 50% faster than yum.
>From other comments, it might be more than tis.

| Windows
| packaging in exes is not that fast is the problem.

Ahh.  I guess you don't know the name of the Windows package manager
but you are saying the packages are actually executables.  Odd!

I call the Windows package manager "Windows Update" -- that's the name
I invoke to get updates.

When I try to look at what is taking time with Windows Update, it is
kind of hard because of the way services are agglomerated.  It looks as
if one piggy thing is anti-malware.  Surely a decent cryptographic
signature system could eliminate the need for that.

| If we're talking speed,
| packaging in Arch wins. Even in a VM with 2GB
| of RAM and 2 cores. It was able to do the install portion of 500MB
| of software in 32-33 seconds. I believe that's 30 plus packages from
| memory.

Speed isn't my favourite metric.  Correctness, safety, and dependency
management seem pretty important.  Otherwise tar would be the winner.

I have no idea how well arch's package manager does on those other
concerns.  It might be great.

I mostly use dnf -- RPM packages.  You really have to trust the
packager since I think that the package's scripts are run as root.

More information about the talk mailing list