Z Object Publishing Environment

Search | Download | Documentation | Resources | Members




Join Zope.org
Log in

Developer Home
Get Involved!
The Fishbowl

 Zope Exits

Zope Newbies

page served by app1

Proposals Table of Contents Last edited on Jan 20, 2001 8:51 pm

Original Author


Please comment on the ProductInstallationSystemFeedback page.


It is not as easy as it could be to manage Zope products. An installation system could go a long way toward making Zope friendlier for new users and making it easier to stay up to date on products from varied sources.

New user difficulties

  • It is initially nonintuitive to decompress an archive right on top of the Zope installation.

  • Many Windows decompressors do not support the .tar.gz format.

  • Products often have unspecified dependencies on other products. The error message generated by this condition is not very helpful for new users.

  • There is no documented procedure for uninstalling products. In fact, it has to be done in two places (on the filesystem and in the ZODB).

  • Users of a product are never alerted when a new version of the product is available.

Business value

Businesses are emerging that are built around adding value to Zope. To keep up a professional image, they need to be able to make their products as easy to install as Zope itself.

This is something Digital Creations has experienced firsthand. It is often necessary to distribute changes to products to customers. Each update requires that the customer manually download the new set of archives, unpack each one, and restart Zope. If there are a lot of updates, this process can be tedious.

Inexperienced users are able to download a simple Zope binary, run it, and get Zope installed with little effort. To increase the perceived market value of Zope, product installation should be almost as easy.

Proposed Solutions

There are several ways to solve this problem.

  1. Create a "Product Installation" object connected to the Control_Panel. It would maintain a list of product sources. The first source would be www.zope.org. When the user asks what products are available or updated, the Zope server would fetch an XML document from each source. The user would select which products to install. The Zope server would fetch the distribution archive for each selected product.

    To actually install the products, the user would be required to run a special script or batch file before starting Zope again. This requirement exists so that the products can be installed with privileged permissions, rather than the restricted permissions that are in effect during normal operation. Also, if Zope security is compromised, at least the intruder still can't get Zope to execute arbitrary code.

  2. Create a repackaging script and make it available to product authors. The repackager would take the archive and make a set of compressed archives that are easily installed on their intended platforms. This would include Windows .EXE files, Linux .rpm and .deb files, Mac .sit.hqx files, and others.

    This sounds easy until you realize how many platforms this would have to work with, and how many variations there would be. For example, RedHatx Linux and Linux-Mandrake, while very similar, might require different RPM's because Zope products should be installed in different locations or have a different set of permissions.

    This solution also does not meet some of the goals listed above.

  3. Write an installation program, complete with a GUI, in Python. It would run outside Zope with privileged permissions and do the same thing as outlined in solution #1. It would have the advantage that there would be no need to run a special script after selecting which products to install. However, it would not be as easy to operate remotely.

Risk Factors

  • Security must remain a primary goal. It should not be possible for even a superuser or manager to install a product without some extra step executed outside the Web interface.

  • Users should be warned before they install a new version over a product they have modified.

  • There needs to be protection against conflicting product versions. A product can depend on a specific range of versions of another product.


Currently, this proposal deals only with the selection of a strategy for installing Zope add-on modules. It might be decided that the current strategy is sufficient after all.


  • A decision regarding whether product installation needs to be improved.

  • A new proposal that will contain the details of what is to be implemented.

Please comment on the ProductInstallationSystemFeedback page.

View source ProductInstallationSystem
Advanced Actions / History
Visitor: Anonymous User
Jump to:
... by pagename prefix or search term.
For a plain search:
Privacy policy       Printable Page       Feedback about Zope.org