kpackage or equivalent for FC4 available?
 

FC4 does provide a package manager (i.e. system-config-packages) but it is quite limited in what information it shows you and what options it gives you. Is there something like kpackage available? Or, at the very least, a way to tell system-config-packages to look at a directory of my choice for packages outside of what are on the FC4 install disks. Running
using the KDE run command gives the error "directoryname is not a valid install path."

There's a few package managers, I found yumex and kyum quite useful. Just do

or

"yum install kyum" and "yum install yumex" gives errors similar to what I got with system-config-packages. In any case, I looked at the dependency requirements for kyum and yumex and they look quite fierce. The computer that I want to install this on is not connected to the internet and in any case will not have linux connected to the internet directly, for security reasons. I don't want to get into upgrade, upgrade, upgrade... mode here as that reminds me too much of windows.

What kpackage offered was a GUI that could look either at any or all of your installed packages or at any uninstalled package of your choice, and tell you what dependencies the package had, if they were satisfied, a description of what the package does, a list of files that the package installs, etc. Kpackage comes as part of the kdeadmin package in Mandrake 9.0 but for some reason it is not in the kdeadmin package for FC4. Also, I can seem to find downloads anywhere for it either. Do you know where I can get kpackage or something similar?

Take a look at here:
http://download.fedora.redhat.com/pu.../linux/extras/

But without internet you can not use yum, yum is package manager in fedora, and it works with internet, so you can easily download packages you need, and remove unneeded. Mandrake 9.0 is quite old distribution, as I know, there is MCC in Mandriva, where software management program is situated.

About what security reasons are you speak ? It will not promt you to update, update, update.. if this is the case

The security considerations that I have regarding connecting linux directly to the internet are as follows:

(1) I have not yet seen any antivirus software for linux that has real time protection included. Real time antivirus protection is most definitely something that I want while on the net.

(2) Where I am located, I can only access the internet through dialup. Only those ISPs that use plain dialup networking can work with linux and none of those ISPs in my area screen for malicious stuff that might come through their servers.

(3) I want to use the oldest possible frontend that will still do what I need to connect to the internet. In my case, that is windows 95 running under linux. The reason for this is that the malicious garbage out there tends to target only the latest and greatest and has a possibility of crashing instead of executing if it were to get loose on my computer. I know that this approach can help curb malicious garbage since I have seen an example of it with badtrans crashing my outlook express instead of it executing and infecting my computer.

(4) I want to continue using Netzero as my ISP since it not only screens for any malicious garbage that I might receive through their servers, but also lets me look at and remove all of the spam email that I receive via a web interface and then lets me download what I want to keep to my computer. However, Netzero only works with the Lindows linux distribution and Lindows lacks other linux features that I need such as a local web server.

I recognize that none of this is the fault of linux itself. Linux has plenty that I do want. However, I don't want to sacrifice security and I don't see why I should need to. I am willing to give up the "convenience" of "automatic intenet update" since I should be able to get around that by simply downloading the necessary files to a local directory and then have the install programs work off of that. Further, if I use this manual update method, I have everything necessary to completely rebuild my system if something like a hard drive should go bad. I wouldn't have this option available if I were to use the "automatic internet update" method. However, it seems that yum doesn't want to use local directories as repositories. Or does it?

Beyond all of this, there are RPM packages outside of distribution repositories (e.g. Fedora in my case) that I would want to install. In other words, I want to be neither controlled nor limited. KPackage was a great GUI frontend for RPM that didn't limit me in the ways that I described above. But I have seen neither it nor any equivalent anywhere.

I have noticed that the FC4 kdeadmin package comes with kpackage removed. I finally found the source code for the full kdeadmin 3.4.0 which includes kpackage. I then copied all of the source code for kpackage in a separate subdirectory and as root attempted to do a make on it. However, I get these errors.
info didn't shed any light on the above error

1) Clamav antivirus, is well-known antivirus software for linux (also you can buy commercial products like: Kaspersky and others) BUT, you never heard about realtime linux antivirus, what about viruses, have you ever heard about viruses for linux ? No? Cause they don't exist, attepts for creating viruses was unlucky, and these antivirus software are needed for servers which serving windows-based mashines. (Some suuccessful viruses was able only to damage your home directory, it only worked with some kernel versions, and didn't work on others).

2) There's no malicious software for linux at all (trojans, dialers, viruses, hack programs, adware, spyware, etc)

3) Again, windows is the only system which can be crashed from internet using viruses (may be Mac also). And you SHOULD use the latest software in order not to be hacked (again, this is for windows, and for linuxes running on servers, and only hackers can exploit your old linux, only expereinced ones)

4) Lindows linux distribution has changed their stuff, name and philosophy long time ago, look at www.linspire.com for more details.

There's no "automatic internet update" in fedora 5, you can switch it on via cron job (scheduler), again, this is not windows, this is completely different system, different philosophy, different views and different security (I mean real security, not like in windows)

For manual update/install/remove you can use RPM tool. Example:

To install foo.rpm do as root:
to remove something:
to upgrade:
for more info type:
in terminal

Cheers,

I must disagree with all of the above. One simple counterexample suffices: do_brk(). There is even a thread on this site about how someone's machine got hacked using do_brk(). I did read the writeup by iSec Security Research on do_brk() and recognize that the exploit was non-trivial. Nonetheless, they made the exploit for all to see (a great disservice to linux) and some bad people took advantage of that. I also recognize that the do_brk() exploit was fixed in later kernel versions. Nonetheless, where there is one exploit, there can be, and probably are, others. This does not mean that linux is, in any way, sloppy or anything like that. Linux is still very well built and it shows it in how its handles its programs. Rather, this is an example of an old truism in action, namely: you can build something to be free of errors and accidents, but you can't build something that will be free from outright malice.

Duh (as in that's obvious and I already know that). But, I want the GUI frontend because I want to check a package's dependencies, etc. so that I know that the package will install correctly and I don't want to go through a huge hassle each time because I have to type in a long series of commands at a command prompt. I also want to be able to take a detailed look at what is already installed. Kpackage offered all of this and more, but now it is gone. Why?

do_brk() :) I never heard about it, may be it is one of the hundreds exploits for kernels (not only linux, but other unixes (bsd, hp-ux, solaris, etc)), these exploits also exists for windows, and they are much more - but they are not viruses, and no regular user can use it, and no regular hacker can use it too. Kernel updates very fast, and after any exploit is discovered, maximum in one day the bug is fixed. And all of this is not related to viruses, any normal firewall (iptables, ipchains, etc) blocks all these exploits, and again, someone must give a hard try to execute one of this exploits.

Kpackage, yumex, synaptic, kyum, etc, etc - these are only graphical frontends for rpm and deb. Just read manual for rpm to see all its features. For kpackage look for it at rpm.pbone.net, may be you can find binary rpm rather than sources. Awesome :)

So, I finally did find an equivalent for kpackage, that program being smart-rpm. It even displays RPM dependency relations better than kpackage did, although it is much more rigid than kpackage was in how it controls the RPMs that it sees and installs (but that is OK). So, now that I can see what is on my system, I see that the requirements for kyum and yumex aren't so fierce after all. Kyum is already installed and I can put yumex on anytime that I want since I have also added the yum 2.4.X RPM that it requires to my local RPM library.

Even better yet, I was able to see what bochs looks like as a DOS emulator and its emulation is so good that windows 95 running on it is indistinguishable from windows 95 running on an actual computer. Unfortunately, bochs is slow (it looks like about a 25 MHz Pentium on my AMD Sempron 2600+) but hopefully it will be enough for a dialup internet connection. If this works, then I can be almost certain that anything that comes over the internet will not crash my computer, since the internet connection is running inside a full blown emulator.

Please read this thread about linux "viruses":

http://www.newsforge.com/article.pl?.../06/06/1832223

In essence, the article that you asked me to read says that the "malware prevention industry" including the antivirus companies, is in on the scam of bad mouthing linux. That would seem to confirm what I stated above about do_brk(), namely "I did read the writeup by iSec Security Research on do_brk() and recognize that the exploit was non-trivial. Nonetheless, they made the exploit for all to see (a great disservice to linux) and some bad people took advantage of that." From what I read in iSec's writeup, they did everything that they could to damage linux. That much is obvious.

Nonetheless, again as I stated above, this is an example of an old truism in action, namely: you can build something to be free of errors and accidents, but you can't build something that will be free from outright malice. For this reason alone, I do not want to connect my linux directly to the internet. The article that you asked me to read is simply more evidence favoring that course of action. In regards to the security of my computer, it matters not at all that linux has fewer vulnerabilities than windows or that its vulnerabilities take a whole lot more effort to exploit. Windows is very sloppy. I recognize that. However, it only takes one successfully exploited vulnerability in linux to corrupt my entire computer and wipe out my data.

I most certainly do want to run any internet connection inside a virtual machine with, as I stated above, the oldest frontend possible, to serve as one more possible barrier against viruses. Further, I have chosen to use windows 95 since I then have yet another barrier, namely Netzero filtering any email that I receive for viruses. But, suppose, that a virus or trojan, etc. does corrupt my virtual machine? I simply wipe it out and replace it with a copy of the virgin backup that I have saved. That process takes about 30 minutes instead of days. Further, none of my data is at risk. This has got to be better than placing my linux system at risk, regardless of how little that risk might be.