Keeping a perspective on Automatix

Two months ago, Matthew Garrett made a LiveJournal post on the technical deficiencies of Automatix. Since then, Automatix-haters have had actual ammunition in their “Automatix is dangerous” crusade, and Automatix-lovers have still held to the “But I’ve installed it on X number of machines and have had no problems” line.

Could they both be right? Sure, at least partially.

How dangerous is it?
If you look at the criticisms Matthew Garrett makes of Automatix, most of the issues that come up have to do with unlikely scenarios from the standpoint of a new user with a fresh install of Ubuntu. How many Automatix users share /usr/share among multiple architectures? How many Automatix users have set the sudo timeout stamp to 0? How many Automatix users have already specified a run_command_9 in the Metacity keybindings in gconf-editor? The whole point of Automatix is to appeal to users who do not want to bother making manual customizations (editing the /etc/sudoers file, using the Gnome Configuration Editor to make keyboard shortcuts), so the likelihood that those technical flaws will affect an Automatix user is pretty low.

Is perceived success all that matters?
At the same time, the defense of “I’ve installed it on X machines and have never had any problems” is a bit shortsighted. You may not see any problems, but there may still be problems. I may drop my computer on the floor every day and not see any problems right away, but it’s still not a good idea. I may smoke cigarettes every day and not see any problems for years or even decades, but it’s still not good for my health.

Actually, a more accurate analogy would be crossing the street, especially one that’s not very traffic-heavy, without looking both ways, and then not getting hit by a car. Well, you managed to cross the street, so the danger is over… you won’t experience danger later, but you really should have checked, even if not a lot of cars cross the street.

Bottom Line
Don’t use Matthew Garrett’s assessment to scare people away from Automatix. It’s not as dangerous as most people say. At the same time, there are dangers, so don’t make it sound as if Automatix is the recommended way to do things. And, hey, give Ubuntu’s built-in functionality a chance. It’s not Breezy Badger any more.

5 replies on “Keeping a perspective on Automatix”

Short, but straight to the point. An excellent article that deserves to be the finish of the UF Vs AX saga. I don’t think anybody could have put it better Aysiu.

I always recommended to new users, and I see that you have achieved the same balance of informative and neat on your blog, keep up the good work.

Whereas other flaws are rather more likely to crop up, and can entirely hose your system in the process. I’ve no objection to people using Automatix, but it does have various issues that can screw things up for people. Failing to let people know that before they use it is unreasonable.

You say that

“If you look at the criticisms Matthew Garrett makes of Automatix, most of the issues that come up have to do with unlikely scenarios from the standpoint of a new user with a fresh install of Ubuntu.”

While this is true of most of his criticisms, most of his criticisms are also ( as he admits ) minor, that does not however change the fact that there are serious problems that could likely to cause problems for even users with an otherwise completely default configuration.

For instance take the code:

“if ps -U root -u root u | grep “dpkg” | grep -v grep;
killall -9 dpkg”

That seems incredably irresponsible to me, to send a SIGKILL to dpkg ( which if it’s running is probably in the process of doing something important ) without even trying a SIGQUIT first, or, what every other package manager ( because the Automatix devs have said that that is what they want Automatix to be ) does, being to notify the user that another package manager is already running and that it should be stopped before continuing. At that point I guess it would be reasonable for Automatix to offer to kill dpkg, but I personally would not write anything that would do that, dpkg is such an important part of the system that killing it should not be taken so litely, especially killing it with -9.

“Passes –assume-yes to apt-get, which will (as a result) happily
remove packages without giving the user an opportunity to
intervene. This is especially bad when removing Automatix modules –
any package that depends on one of the packages being removed will
also be uninstalled, even if the package was originally installed via
something other than Automatix!”

Very likely this could happen, though it isn’t dangerous per se, it would confuse a user to find that after removing something with automatix some other application that they had installed with Synaptic is removed also.

“Will remove Ubuntu repository packages in favour of tarballs with
no warning.”

That is clearly not good practice, and could very likely present problems when upgrading to a newer version of Ubuntu.

“mplayerplugin moves totem plugin files to a backup, but does
nothing to prevent package upgrades of totem replacing them.”

Again, the fact that they completely ignore the package manager will lead to things breaking during updates.

“installs truecrypt suid root – not ideal, given its less than
stellar security record”

Security is one of the most touted advantages of using Ubuntu over windows, ignoring it is not a good idea.

“Deletes lines from fstab and replaces them with device nodes
rather than uuids.”

Again, could cause things to break on distribution upgrades as device names can and have changed between versions ( which is why UUID’s are used currently IIRC )

I apologise for any grammer / spelling / general mistakes, I wrote this quickly.

I think the danger of Automatix is overblown, but there are some things that need to be addresed, and the developers don’t seem willing to acgnowlage these. I would like to hear your input on this though since your posts is the most reasonable I have read on the topic of Automatix, and your guides from what I have seen are always of high quality. So I guess sorry also if this post seems to have a tone of attacking, I did not mean it to but I tend to get into such a mode when writing quickly, and I start rambling too :)

Thanks for all the input. I do not recommend Automatix, but I think the way Jordan_U puts it is right on: the danger of Automatix is overblown.

It isn’t going to kill your kids, erase your family photos, or make your toaster explode.

Leave a Reply

Your email address will not be published. Required fields are marked *