Domain: davidpashley.com
Stories and comments across the archive that link to davidpashley.com.
Comments · 7
-
Re:Serious question
"set -o nounset" at the top of your bash script. Then bash acts a bit more like a real programming language, and gives an error if a variable is not set. More tips (and by 'tip' i mean pretty much essential knowledge) at http://www.davidpashley.com/ar...
-
set -o nounset
This is why you should have
set -o nounset
set -o errexit
at the top of every bash script. Also no one should be allowed to write a bash script unless they have read http://www.davidpashley.com/ar... -
Re:Show in the right places
Can't you just sign applications and installers with a self-signed certificate?
No, and it shows that you don't really understand what a self-signed certificate is. The whole certificate system is based on three entities, namely, the "certificate authority", the "sender" (software provider/signer) and "receiver". The idea is to certify that the "sender"'s authenticity. In laymans terms, the "certificate authority" tells the "receiver" that the "sender" is who he claims he is. The premise is that the "receiver" trusts the "certificate authority". So basically, A trust C. C certifies that B is really B. So A can trust B.
With a self signed certificate, you merge C and B in one and the same entity. Of course, that's akin to believing me that I'm Bill Gates because I say that I'm Bill Gates. (I'm not, just in case you wonder). The self-signed certificate is basically a shortcut which hides the whole "Certificate Authority" business, but comes down to "trust me, or trust me not... it's up to you".
That said, you can trust any Certificate Authority you want. You can set up your own: I am one for me and my family. Anyone who trusts me, can trust me that I can certify that -for example- my brother is who he says he is. It's useless outside of your controlled environment, because by default the Certificate Authorities that are in your browser/operating system are those that are trusted and be sure, my Certificate Authority root certificate isn't in your browser (it's in mine, of course... I trust me
;-) ). So if you trust me, you can import my Certificate Authority root certificate and then your browser/operating system won't complain about the fact that the software I signed (using my own CA), is untrustworthy, because suddenly it is.So a self-signed authority is by definition useless, because nobody can really trust it. You can self-sign a binary, but it will issue a warning. That's the correct thing to do.
Read for more information (Not mine, but I only found out how to do this stuff by googling around and IIRC this was one of the main articles that helped me)
-
Bias update time.
Debian used to snub KDE, alright. Thing is, they no longer do. So cut them some slack, who cares what they used to do and say as long as they've changed and improved. Don't blame the current distro for how it used to be managed.
In fact, if Debian keeps improving that way, it may very well become a strong contender for the desktop, which would be a Really Good Thing. While we may be a much of geeks here on /., I found that as you mature, you eventually reach a point where you're tired of fiddling with stuff all day long, and end up only using stuff that Just Works the way YOU want. In that regard, Debian+KDE is pretty much a killer combo.
(NB: Nope, I don't currently use Deb on my desktops, but if it keeps its current trend I may well switch eventually.) -
Re:Debian?
Personally, I've never liked GNOME. KDE 3 is available for Woody, although I haven't tried it. I've only used Debian on headless servers you see, and only considered switching from Mandrake on the desktop.
-
Re:Wrong focus?Shouldn't Debian focus on trying to stay up to date on core components instead?
Debian focusses on whatever the Debian developers care about. One thing Debian developers tend not to care about at all is armchair experts. If you happen to disagree with what we care about, feel free to learn How you can help, or to pay for a developer to scratch your particular itch.We all know that some critical packages are way out of date:
-XFree, 4.2 just appeared in unstable
And excellent prerelease packages have been available from the X Strike Force for months. Not to mention that Debian supports X on 11 architectures rather than just i386.
-KDE 3 Unofficial packages are available; official packages will follow after the gcc transition; see the FAQ.-Mozilla 1.1
Available in unstable and testing, as are recent CVS snapshots.And it's even worse for people using woody without 'proposed-updates' package repository!
woody is the stable release. Debian takes stability very seriously and the stable release is only updated to fix serious issues (in particular security issues), not to put in new releases of packages. If you want a more up to date system, use testing. -
Re:Not Debian, for sure
For reference,
.debs have been available for every single KDE 3.0.x release from -rc1 onwards. If you read the FAQ, or even done something really simple like asked debian-kde, or apt the bot, you'd know this. But instead you seem content to spew incorrect crap all over Slashdot.
Please, grow up.
The poster further down is right, the transition to g++ 3.2 has to be complete before KDE can go in; the alternative is renaming every library, which will be much more painful (trust me). Plus, the maintainers just don't have the time.
-DanielS, occasional KDE package monkey