25 comments

[ 2.4 ms ] story [ 47.7 ms ] thread
My version:

- wget http://www.mozilla.com/products/download.html?product=firefo...

- make && sudo make install

- change symlink at /usr/bin/firefox to point to new binary

Will the updates work in this case ?
No if you mean the Ubuntu updates for Firefox. The add-on updates will.
No i mean the firefox updates!
No i mean the firefox updates!
You just follow the exact same procedure again to update.
make checkinstall.

That way you get a proper package.

Why can't I just visit firefox.com, have it detect my OS, and provide a dpkg to install?

Firefox seems to dedicate less resources to Linux than OS X and Windows. That may be in keeping with their market share, but its certainly not doing their fellow Open Source brethren any favors.

We offer a tarball for Linux that contains a command line installer. The problem is you just requested a dpkg. Others might want a .deb or a .ipackage or a .rpm or any other package flavor. There are fewer package management systems than there are Linux distros, but that doesn't mean there are still a lot.

Additionally, distros tend to want to manage the package building themselves. Some groups want to add in tweaks or configuration templates. Others want to include their own pages or optimizations. We can't logistically consider trying to manage all that centrally, nor would we want to take the control away from those distros.

So, I agree, you do get a slightly less comfortable distribution mechanism for the browser. You get additional control and choice depending on the distro you chose though.

What Mozilla does endeavor to do is make sure that the core code works well on all three platforms. That is where we feel it is most valuable to dedicate our resources.

How is a non-hacker end user supposed to run a tarball? How are they supposed to know what the installer is? Why make it so hard?

Why can't Firefox do what Skype and Miro do (below)?

* If the user string contains Windows, provide an MSI. In these OSes, if you click on a MSI package, it installs.

* If the user string contains OS X, provide a install image. In these OSes, if you click on an install image, it installs.

* If the user string contains Debian or Ubuntu, provide a dpkg. In these OSes, if you click on an dpkg, it installs.

* If the user string contains Fedora, RHEL or SuSE, provide a rpm. In these OSes, if you click on a rpm package, it installs.

* Anything else gets a menu with all the above options.

"How is a non-hacker end user supposed to run a tarball?"

How about they wait until available through their distribution's package manager?

Because this can take up to six months or longer, and people want to use the software they're being asked by Firefox's marketing to use.

Most people don't wait 6 months. They use articles like the one mentioned, and are more likely to encounter poor-quality Firefox as a result.

Because then you've just landed yourself in update hell. You'll need to take care of Firefox updates yourself instead of letting the distribution packaged update system take care of it.

This is a real problem with running Firefox on corporate networks. The users don't have admin rights, so they can't click "Update" when Firefox wants to update itself. And administrators can't push the updates out through WSUS. Therefore, the most vulnerable vector on your computer (the browser) gets to remain in an un-updated state.

I think there is a group that repackages Firefox into msi format, which helps a lot. But as far as I know it's independent from Mozilla.

What? There have been third party packages for Linux distros for years. As long as they're of suitable quality, there's no problem.

Not every piece of software comes is Ubuntu or Fedora's default repositories.

It's only a problem if your time is valuable and you are interested in running a reasonably secure box.

My time is way too valuable to be used to read bugtraq and hunt down security patches for every piece of custom software I have installed on my box. Or, as is the case, hundreds of boxes.

Firefox has an alert mechanism. If there's an update, that alert mechanism sends you to firefox.com, you get a new package for your OS.

This already works for .exe and .dmg versions, there is nothing stopping it from also working for the .dpkg and .rpm versions.

If you're running as a user with administrative privileges, as I believe I already pointed out. Our users don't, since they run on multi-user boxes.
If you had the permission to install the package in the first place, you have the permission to update it.

In locked down environmentsthat case, the admins can supply the nice properly packaged MSI / dmg / rpm / dpkg version that Firefox provides to the users via their deployment tool.

Our users didn't install Firefox in the first place. We did. And we have to update it. It's damn annoying.
(comment deleted)
uh, apt-get install firefox-3.5

Works like a charm for me. Flash too.

Yes it works (that is what I did too), but the user-agent is:

Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1) Gecko/20090701 Ubuntu/9.04 (jaunty) Shiretoko/3.5 GTB5

I don't care and don't mind waiting for the meta-package to point to 3.5, but maybe some do.

Wow, the major underlying flaws of Linux really come out when you try to do a simple thing like update Firefox! Repositories and software managers is the only way to ensure that Linux will not compete with Windows.