Debian 3.0r2 Released

FrankoBoy writes "As announced on DistroWatch, Debian 3.0r2 has been released this weekend, with some security issues fixed... and Rock 'n Diamonds dropped because of license problems. Here's the official announcement. This release had been slowed by an attack on Debian boxes discussed Friday."

debian is a truly great distribution...

[jms258]

debian rocks. i can't think of any other linux distro that has been around so long and consistently delivered a great base install and the ability to easily update the entire system. i know a lot of people like to complain about how behind the times debian always is, but this is only done to ensure that each release is as stable and bug-free as possible. the debian developers should be commended for all of their hard work that they've put in over the years, especially in the face of adversity such as the recent security breach.

Re:debian is a truly great distribution...

[Joe+Tie.]

i know a lot of people like to complain about how behind the times debian always is

I think a lot of people just don't appreciate how stable Debian Unstable is, and only consider the less up to date stable and testing to be a viable option for every day use. The name scared me off for a long time, but I really havn't found it any more unstable than any other bleeding edge distro. Heck, while this is only my own experience of course, I've actually found it more stable than Mandrake.

Re:debian is a truly great distribution...

[LnxAddct]

umm... use unstable, the name is more of a disclaimer then anything else. I'm using it right now and have for a least a year or so. Never had a stability issue. Either I'm just that damn good, or Debian is, and I know its not me.
Way to go Debian, keep up the good work!

Re:debian is a truly great distribution...

[geirt]

jms258 wrote:
>i know a lot of people like to complain about how behind the times debian always is, but
> this is only done to ensure that each release is as stable and bug-free as possible.

I don't understand why the software have to be old to be stable. Wine usualy gets better when aging, but I don't understand why this should apply to software, since the bug fixing usually is done by the developers, and they do it in the latest (or development) version.

Is Win95 stable enough for you, or do you prefer the more unstable Win2K ?

Re:debian is a truly great distribution...

[Bronster]

I don't understand why the software have to be old to be stable. Wine usualy gets better when aging, but I don't understand why this should apply to software, since the bug fixing usually is done by the developers, and they do it in the latest (or development) version.

It's not the age the matters, it's little things like making sure all the versions of dependencies work with each other - that everything has been compiled with exactly the same version of the compiler (including the compiler itself) and that there are no broken dependencies as software gets upgraded to a new version which breaks binary, or even source, compatibility for things which depend on it.

Bleeding edge software is great (I run Debian unstable with KDE from CVS) - but you run into problems with packages from different sources not yet upgraded to the latest and greatest APIs, not built with the latest compiler (sure having source based distros like Gentoo can help here - but only if the code compiles cleanly on the new compiler).

Does that answer your question?

Re:debian is a truly great distribution...

[sg_oneill]

May I suggest Knoppix. Its pretty much unstable with some 'testing' bits in it.

You can drop it in yer cd rom and know in a blink if you will have any sort of hardware compatability issues. then use the kpx-hdinstall command to drop it on yer hard drive. Also remember to specify english. Finally find a good deb source for Gnome 2.4 and put that gnomish goodness on yer desk.

Knoppix is nice.

Re:debian is a truly great distribution...

[MrLizardo]

The way it works is a named distro such as sid, woody or sarge progresses through different stages of stability: from unstable->testing->stable. So right now sid is considered "unstable", sarge is in the "testing" stage before it becoms stable, and woody is considered "stable." Once sarge is considered stable, woody will be obsolete and sid will be bumped to testing and a new version will become unstable. The Debian maintainers have a _very_ high standard for stability. When you have a Debian stable release you can count on being able to install any package from the stable release without hitting a stability problem. All packages in stable are very thoroughly tested to be sure that there are no problems with them. That being said they tend to be somewhat out of date. I've been using Debian since 1998 and I've used unstable almost exclusively since then on my desktop, but have used stable on any servers/gateways I've built. I would say that "unstable" Debian tends to be more stable than RedHat releases, and more up to date (RedHat 9 did make vast improvements over RedHat 8 in the stability/non-brokeness area though). I suggest if you're installing it on a desktop machine that you should go with unstable(sid). From time to time some packages will have dependency fights with each other but those can be solved by putting those packages on "hold" for a few days and waiting for the dependency issues to work themeselves out, then upgrading as normal. Once you go Debian, you'll never go back to a distro without apt builtin.

As of now:
Unstable->sid (this is probably what you want for a desktop)
testing->sarge (use this if you need something slight more reliable than unstable)
stable->woody (use this on mission critcal systems and servers)

-Mr. Lizard

Re:debian is a truly great distribution...

[MrLizardo]

Step1: Go to apt-get.org and put xfree86 into the package search.
step2: ???
step3: profit

If you can't follow this to its logical conclusion, then:
echo 'deb http://people.debian.org/~mmagallo/packages/xfree8 6/$(ARCH)/ ./' >> /etc/apt/sources.list

apt-get update
apt-get upgrade

These packages have worked just fine for me. enjoy!

-Mr. Lizard

Re:debian is a truly great distribution...

[swillden]

One correction: unstable is always called sid. When sarge is released, a new name will be chosen for testing.

Re:debian is a truly great distribution...

[Trepalium]

Unstable is usable, but sometimes dealing with the package system gets to be a problem. I've had several cases when I had to uninstall a package I had installed because an update to a related package, and a file from the first package had migrated to the second, and apt/dpkg couldn't handle it automagically.

Re:debian is a truly great distribution...

[Trepalium]

Well, part of the reason Debian has so many old packages has to do with the number of architectures it runs on. If the package can't be compiled and run on Alpha, ARM, IA-32, IA-64, HPPA, M68K, big endian MIPS, little endian MIPS, PPC, s390 and SPARC, it doesn't get in. There are exceptions for things that are really arch specific, but for most cases, if you want it in Debian, it needs to run on every platform Debian is available for.

Another factor is packaging. Debian packages are built in a specific fashion, and in some cases when the upstream developer releases a new version that is binary and source incompatible with the old version, the package developer goes to great pains to make sure both packages can co-exist on the same system.

Then there's version stability. When a security hole is found in a Debian package, Debian doesn't just package up the latest version and ship that like some vendors do. Instead, the security fixes are backported to the previous version, and an update to the old version is released instead. Why would they do this? A new version with new features can have new bugs, or change the behaviour of certain things in various (sometimes subtle) ways. I've had an entire PHP-based website stop working because of a PHP upgrade. Something that was legal and worked fine in a previous version (storing objects in an array stored in the SESSION variable) completely ceased functioning in the new version.

My first debian

[Space+cowboy]

Way to go guys :-)

This is the first-ever Debian I'm going to download and try out. I figure I ought to be able to get to know it as well as I know RH before the RHN support is switched off next year.

It's not that I've decided to ditch RH - I may just cough up for the new RH packages, but I'd like to know what my options are :-)

Simon

Re:My first debian

[OMG]

Good choice ;-)

The stable distri of debian has one problem: Many programs made a lot of progress in the last month and the distro doesn't reflect that so far. So you will need to add some more (unoffical) sources to your apt configuration. Check the manual for details.

One important page for finding the right source for a recent Mozilla, OpenOffice or X11 is:
http://www.apt-get.org/

Have fun! *eg*

Re:My first debian

[Malc]

Use Woody for a server. I haven't used it as a desktop, but it might be bit too old for you. If it isn't, it will be stable. Use the testing/unstable installation CD if you want an easier install, and then upgrade to the latest everything afterwards. If you use KDE, Google as the dependencies for kmultimedia are buggered at the moment. I use unstable on my desktop, and it's pretty good. The only complaints was X took more to setup than Mandrake (it doesn't like the fact that I have two video cards), KDE install took a while to figure out due to the broken deps, and there's a really annoying bug that puts some garbage in the default X window manager file instead of /usr/bin/kdm (or whatever it is). Generally though, it's good and up to date.

Re:My first debian

[Zigg]

XFree86 is certainly not the most recent. However, X Strike Force is working on 4.3.0 and you can get it out of experimental. Add

# Debian experimental
deb http://apt-proxy:9999/debian/ ../project/experimental main contrib non-free
deb-src http://apt-proxy:9999/debian/ ../project/experimental main contrib non-free

to your sources.list and you can select the newer version manually inside aptitude (which I highly recommend for package management anyway, if you're not using it.)

Re:My first debian

[Joe+Tie.]

Another option is installing Debian via Knoppix. I found the partitioning a bit annoying as the installer at the time I did it wanted to just throw everything into a single partition, but otherwise it was amazingly easy to install and dist-upgrade to Debian Unstable.

Re:My first debian

[runderwo]

www.backports.org is also a good resource for finding cutting-edge packages backported to the stable release.

Re:New Debian!

[Ilan+Volow]

But the Debian boxes were rooted in a freer, and more community-oriented manner than their Microsoft counterparts.

Wow... now it's as updated as Red Hat 5.0

Hallalujuah!!!!

PLEASE CALCULATE MD5 SUMS!

[Amsterdam+Vallon]

The hack attack from last week (as cited in the write-up) could have grave effects on Linux servers worldwide if you don't check the MD5 sumations against your downloaded packages.

Re:PLEASE CALCULATE MD5 SUMS!

[Meat+Blaster]

I wish Debian would do something like the following:

• For each new release of a package, the maintainer must submit a PGP-signed checksum of the package to a central Debian authority.
• The authority creates a MD5 list from all verified packages, and signs it with the authority's PGP key.
• Upon issuing an 'emerge -u world', Debian grabs the MD5 list, verifies the authority's signature on the list, and then uses the MD5 checksums to verify the integrity of the downloaded packages before installing.

I thought a similar sort of mechanism was at least discussed, if not mostly implemented at some point. This model would at least secure the distribution chain, although it of course still leaves users at the mercy of the developer and anybody who's in the developer's system. I think it's been demonstrated that it's time to make this happen.

Now?

[psifishdot]

Why are they releasing 3.0r2 now? Aren't they going to release 3.1 on December 1st? Has sarge been set back?

apt-get update
apt-get upgrade

Re:Now?

[qtp]

Not gonna happen.

Too many of the developers have been failing to address bugs in Sarge (testing) and instead have been waiting for or [packaging new upstream versions. This happens during every release cycle, and many developers just assume that this is common practice.

Eventually, Sid (unstable) will be frozen as well, so the maintainers are unable to upload new versions until the RC bugs in Sarge are fixed.

If the release manager would just accept that this is necessary in order to get a release out the door instead of assuming that reason will rule the day, the time between releases would likely be much more reasonable.

The problem seems to originate in the fact of most maintainers having only one machine at home with Sid installed. It is difficult to replicate (and thus fix) bugs in testing if you are keeping your machine up to date with unstable. Freezing Sid and testing at the same time seems to resolve this problem for most of the maintainers.

IANADPM, but I have been using Debian for 6+ years and observing this series of events occur semi annually Every year, policy and process changes are adjusted to mitigate the various difficulties involved in preparing for release, but the dist is growing at such a rate (I believe that Sarge will fill 10 CDs with packages) that new complications must be addressed every year.

I'm just amazed that they are able to achieve what they do, and that the quality of the release is so much higher than that of thier comercial competitors.

Re:Now?

[qtp]

I also think when you weigh in ease of use and well designed management and setup tools Debian comes up severly lacking.

How long have you been using Linux? And how many times have you had to reinstall in order to upgrade from one release to another?

It's a reasonable tradeoff. Debian may require a bit more knowledge in the basic computing department than most other dists, and the standard configuration interface may have been a bit unattractive, but I know of know other dist that has allowed users to issue two simple comands in order to upgrade from one major release to another.

I had an install that started as Bo in 1997, that survived upgrades through Hamm, Slink, and Potato on it's way to die as a Woody install. That install outlived processors, power supplies, motherboards, and hard drives (That ping-ping-ping noise tells you when it's time to migrate).

The point is, that you shouldn't have to reinstall in order to upgrade your release. THAT is the basic "ease of use issue" that no other distributions seem to address. Everything else is easy, once the install is complete.

By the time Sarge comes out we will all be on kernel 2.6

And Sarge user who wishes to have kernel 2.6 installed will only need to "apt-get install kernel-image-2.6.x-[386|586|686|k6|k7](-smp)" in order to get the 2.6 kernel, pre-compiled for thier particular processor.

Debian may be good to have around, but other distros have passed it in the areas that matter to most people...

Most people want a box that is stable and reliable that enables them to cruise the web, write emails, do IM, chat, etc, and create documents that can be read on Microsoft platforms. Anything else is not "most people", but chances are that it's available in Debian (Woody consists of 8.900 packages, not counting contrib and non-free).

Debian provides a stable distribution that offers the most choices to the user for any task. For users who desire more recent versions of software than is available in "stable", there is the "testing", which includes all of the recent releases that have proven to not break anything and have demonstrated themselves to be reasonably "bug free" for a period of time before they are included. I'm not sure what it is that these mythical "most users" are asking for that Debian doesn't provide. The only feature I can think of that Debian is missing is an EULA, and I doubt that anyone really wants that.

Debian server updates

http://www.wiggy.net/debian/

mah-jong

[Jameth]

There are security vulnerabilities in mah-jong.

I must say, those folks at Debian really do there jobs. I personally can't stand using Debian, it just doesn't agree with me, but if I ever need a damn stable server, I'm glad there are people out there looking at the security of mah-jong.

Re:mah-jong

[stevey]

That wasn't one of mine, but I've been auditing a lot of Debian packages recently.

Games are an easy target as many of them are setgid(games); so that they may access a global high-score file.

Most of the vulnerabilities I've found have been in games - easy to start with the low hanging fruit and work your way up ;)

The Reason - Re:packages.debian.org already

[stu42j]

From the Debian 3.0r2 Changelog:

"Rocks-N-Diamonds contains sound, graphics and level data which
violate section 2.3 of the Debian policy manual. Some of the
game content originates with commercial sources that have not
provided explicit permission for their reuse."

BTW, aspell was also removed due to license reasons.

Removed packages

aspell - license problems
cyrus-sasl2 - minor security and other problems
micq - license problems
rocks-n-diamonds - license problems
tmda - unusable

SCO will be furious cause they forgot
Linux Kernel - license problems

Re:Removed packages

[mst76]

> SCO will be furious cause they forgot
> Linux Kernel - license problems

No license problems, they're still using the 2.2 kernel :-)

-- running 3.0r1 at home

Re:New Debian!

[bersl2]

Actually, the parent makes me wonder.

There have been a string of cracks against open source/free software interests recently: FSF, Linux kernel CVS, now Debian. I wonder if it's the same person/group behind these attacks, or if there's any pattern to the exploits. Has anybody looked into this possibility? If so, what have they found?

Or try SUSE 9.0 via Ftp

[bstadil]

While we wait for the Debian site to recover from the Slashdot effect, head over to SUSE where the latest 9.0 became available via ftp today.

We should be able to take that one down as well.

Question to all Debian Guru's

[FrankConners]

Forgive my ignorance but I have a curious question about debian.. is there an unstable distro of debian out there (iso) that has all the latest packages like gnome 2.4.1, kde 3.1.x, etc. It would be nice to have a weekly iso with all the up to date packages.

Re:Question to all Debian Guru's

there are images of testing/unstable

http://www.debian.org/CD/http-ftp/

however you can always install a minimal stable system and immediately change your sources from stable to unstable and `apt-get dist-upgrade` and continue from there

Re:Question to all Debian Guru's

[damiam]

Try Knoppix. It's a bootable CD with a full Debian-based desktop environment, with packages mostly from testing (but a few added in from unstable). You can install it to the hard disk in just a few minutes (much easier than the standard Debian installer), and you'll have a full Debian system.

However, why do you need a new ISO image every week? Just download a standard ISO and tell it to retrieve packages from Debian's servers. You'll automatically get the newest packages whenver you install.

Re:Question to all Debian Guru's

[stevey]

No, apart from the new ISO's being built for people to test the new installer.

The intention with Debian is that you only install once, you get the updates via apt-get.

I guess this sucks if you've got poor connectivity, but it's possible to download the list of packages needing updates and then fetch those at work - which is what I used to do, carrying my parallel port Zip disk to and from the office to transfer the .debs ...

Re:Question to all Debian Guru's

[Random832]

when sid finally becomes stable

suddenly start [...] new packages, things get messy

Neither of these statements are accurate reflections of reality. 'sid' is synonymous with 'unstable', and, even were that not the case, it would just upgrade the packages that there were dependencies for when the dist switched over

Re:Question to all Debian Guru's

[IlliterateFule]

Yes. If you install from the network, there is no need worry about up to date packages. Make sure to tell it you're installing unstable.
Actually, tell it you're installing 'sid'. Otherwise...

Actually, I believe that unsable has always been, and always will be, called Sid [go watch ToyStory again if you can't work out why!] so this won't make any difference.

When Sarge becomes 'stable', replacing Woody, Sid will not become 'testing' - it will be copied to 'testing' and given a new name.

Re:Question to all Debian Guru's

[Looke]

I'd suggest getting KDE 3.1 from ftp.kde.org, which provides excellent Debian Woody packages. There are also a lot of packages available at backports.org and apt-get.org. (I think there is a pretty good Gnome backport out there as well.)

I use Sid (unstable) on my laptop, but on my new desktop PC I haven't bothered to upgrade from Woody, other than KDE 3.1, OpenOffice.org, Privoxy, and a few home-compiled apps. Actually, I find it refreshing to have a rock-solid and stable system. On my Sid laptop, I get all kinds of weird problems. Not often, but occasionally... Like when the printer stops working, or the USB mouse doesn't work anymore, or when X is no longer 3D accelerated. These are the kinds of issues you have to deal with once in a while when running Debian unstable. Not a big deal, but if I could choose again, I would have chosen Woody (with a few selected upgrades) on the laptop as well.

Re:New Debian!

[Rufus211]

One thing that sticks out: watch your passwords! I think I read that the debian hacks were due to compromised passwords and the kernel hack was due to a compormised password. I guess it's both a good thing (software's secure so you have to social engineer) and a bad thing (social engineering will always work).

Re:Torrent please for the ISO's

[Malc]

What are whittering on about? This is Debian and this bittorrent thingy isn't needed. Use jigdo, or a netinst ISO and apt-get. Kids of today!

Rocks'n'diamonds

[reynaert]

The rationale for the removal is pretty vague:

Rocks-N-Diamonds contains sound, graphics and level data which violate section 2.3 of the Debian policy manual. Some of the game content originates with commercial sources that have not provided explicit permission for their reuse.

Bug #210233 has more information, but the bug tracking system is still down. It probably just means that levels, graphics and/or music have been illegally copied from commercial games, which is a pretty common problem with open source games.

Re:The sound you hear.

[isorox]

First of all, Debian has the most out of date software packages of any major mainstream distros. Even in the unstable version, is KDE 2.2 and Gnome 2.0, with Xfree86 4.1 (A version that really sucks).

$ konqueror --version
Qt: 3.1.1
KDE: 3.1.3
Konqueror: 3.1.3

$ xdpyinfo |grep "XFree86 version"
XFree86 version: 4.2.1.1

Secondly, its a pain in the goatse to set up, first of all, you are forced to use Kernel 2.2, which is horribly hacked with "backports" to get any use on any modern machine (Read, made after 1999). Good luck memorizing all the *.ko files in /lib/modules, as you are going to need it.

WTF's a .ko? modconf does all that nasty module stuff

$ uname -r
2.4.20

Configuring XFree86 is hell! If you don't have a Thick X11 orilley book, and a list of your horizontal sync values from your monitor's intruction manual (if you even have one), BOOM! There goes your monitor.

You must have a *really* old monitor if it can't cope with an out of range signal. I admit its been A few years, but xf86config or xf86setup or something was fine when I set up my X.

Even then, good luck getting anything over 640x480@16 colours.

screen #0:
dimensions: 1024x768 pixels (260x195 millimeters)
resolution: 100x100 dots per inch
depths (7): 16, 1, 4, 8, 15, 24, 32

Other distros give you comprehensive PRINTED MANUALS, PHONE SUPPPORT and/or freindly forums where repling RTFM gets you banned!

Yes, pay for the manuals and phone support if you want. For online stuff, I used to go to linuxnewbie.org

Debian has ZERO support for any decent hardware, including USB mice, scanners, Sound cards, heck even Serial devices struggle.

Well, my usb mouse (cordless, mouse # 2 so I can control xine from across the room, but not my main mouse) works fine, as does my USB mp3 player and sound card. My modem was fine too when I used one, but I don't have a scanner. Printer worked too, but I sold it when I emmigrated.


Apt-get has many flaws. First of all it uses a non standard package format (the rest of the world uses RPM, deprecate the DEB format!)

It's a superior format

Debian is falling to pieces, if it is to survive any market share

That's just it, Debian isn't a commercial distro, it'll go As long as people develop it. If it's not for you, fine. TBH If I had time I'd probably migrate my desktop away from Debian. My laptop's too slow to run a modern distro though. Use whatever floats your boat.

Re:liscense issues

[adrianbaugh]

Debian has never really limited you by its politics, there are plenty of non-free packages available (in the helpfully named "non-free" section).
If you read the article you would know that this was removed due to containing commercial material for which usage permission had not been granted. Ceasing to distribute the package is completely the right (and legally required) thing for them to do; it doesn't mean you aren't going to be able to use other non-free packages on your machine. In fact, with over 4,000 packages available, Debian is extremely well-supplied with software of all kinds.

Wouldn't it have been wiser...

[An+Anonymous+Hero]

to wait until the servers are up?

$ curl -v http://lists.debian.org
* About to connect() to lists.debian.org:80
^C
$ ping lists.debian.org
PING lists.debian.org (146.82.138.7): 56 data bytes
^C
--- lists.debian.org ping statistics ---
6 packets transmitted, 0 packets received, 100% packet loss

Is there a page somewhere that at least says what servers are supposed to be working at the moment?

Re:Wouldn't it have been wiser...

[Mr.Ned]

Status update:

http://www.wiggy.net/debian/

KDE Unstable

[theantix]

I would suggest following the instructions on the debian/kde wiki for installing 3.1.X on Sid -- you have to install one package manually and then the rest go like clockwork.

Re:New Debian!

[Xemu]

Christ, Microsoft's security servers have never been r00ted

Bzzzt. Wrong. Argumentum ad populum. Try again.

casual desktop users may want to try Knoppix

[jab]

If you are a desktop user and want to see a different perspective of Debian, Knoppix may be a better starting point. Debian 3.0r2 is Debian Stable, which is very good if you prize stability and don't really want your OS to change out from under you. Knoppix is basically a closely tracked derivative of Debian Unstable, and therefore has more recent software which is often desirable for desktop users. For example, the most recent Knoppix ISO was cut on November 19th of this year, so it is REALLY current.

The other nice thing about Knoppix is that it is very easy to try out, and it also makes for a very painless Debian installer. I use it all the time to install Debian Unstable onto x86 desktop machines (see knoppix-installer in /usr/local/bin). I've been a Debian Developer for several years now, and I've pretty much switched over to using Knoppix for all my installation needs.

Re:casual desktop users may want to try Knoppix

[Durin_Deathless]

A word of warning though:

Before you decide to always use Knoppix as an installer, realize that it leaves a lot of livecd cruft behind. Scripts and things. Also, it can be hard to get some packages to install, since it is a hybrid of stable, testing, and unstable. You have to be careful.

Re:casual desktop users may want to try Knoppix

[Dwonis]

Yeah. Rather than doing a knx-hdinstall, I usually run debootstrap (also on the CD) to do a network install of the distro.

Of course, my last install was using the new debian-installer CD, which I have to say was really quite painless.

Re:casual desktop users may want to try Knoppix

[Euan+Buchanan]

Granted you're saying it's for casual desktop users, but Knoppix is not a good choice for an installable OS.

If you install Knoppix to the HD you're opening up a rare can of worms when you try to update it or add software that's not included on the Knoppix CD. I believe this is becuase it's a custom mix of testing and unstable; not something your casual user should be messing with (a category I fall in to).

Don't get me wrong, I love Knoppix, it allowed me to still use my laptop while I was building Gentoo which took the best part of three days. Two weeks ago my work machine went south and I used it to recover all my data before handing it to the IT department (with IT's blessing I might add.)

installing software

[trans_err]

I hadn't realized how incredibly limiting some distros were until I decided to install Fedora on a friend's box. Comfortable with Debian, and knowing about Fedora's apt wannabe yum, I figured installing packages would be sinch. wrong.

Let me clearify installing a package in Fedora via yum is identical to apt-get, but the range of packages is very different. Quickly I realized everyone using the large commercial Linux's are stuck with a very small repository of software.

I really took for granted how great apt-get(ing) all my software really is. Before a few days ago I never would have imagined that to install something has common as Mozilla-Firebird I'd have to go and find some website that offered an rpm, which made me incredibly nervous (one thing about rpm's I did remember was mixing them can cause a lot of dependency issues).

Say what you must about Debian, but you can't ignore that it has one of the slickist methods of installing software and updating the system, furthermore, as all the software comes from a trusted repository I know it's most likely going to work perfectly with all my other packages.

Re:installing software

is it too much to ask to have a decent Firebird package?

What's wrong with this one?

aspell removed for "license problems"?

[Rex+Code]

Aspell is GNU software, available from ftp.gnu.org, and licensed under the LGPL. Is LGPL no longer free enough? Or is this about the use of the GFDL for some of the documentation?

In any case, removing important GNU software seems a bit over the top.

Re:aspell removed for "license problems"?

[mbanck]

"The license incorrectly says that it's LGPL but it is in fact a unique license which is non-DFSG-free."

That's what the Bug-Report resulting in this removal said (according to the Woody ChangeLog). I don't have any other information about this, sorry. Note that GNU aspell is still in unstable, so perhaps it was about a specific version being non-free in the past, which happened to be included in woody.

Michael

Re:aspell removed for "license problems"?

[mbanck]

the GFDL-issues are not regarded as critical for woody. Current consensus seems to be that the GFDL should also be ignored for the sarge release, as far as package removals are concerned.

Whatever it was that lead to the removal of aspell, it was *not* the GFDL.

Michael

Re:aspell removed for "license problems"?

IIRC the problem was that there was a non free wordlist (the DEC one) included into the english dictionary, an that invalidated the full license.

In sid, the english dict comes from a different (fully free, and better) source, so there is no license problem in sid.

You can help!

[eddy]

Help test apt-secure.

Be careful.

[Tim]

I thought the same thing that you did -- Redhat terminating support for RHL meant that I should get to know another Linux distribution, and Debian seemed popular, so I tried Debian Woody on my new desktop box...for about two days.

The problem is, by all objective standards, Woody is significantly behind Redhat, SuSE, Mandrake and Yellow Dog (all distributions that I've used extensively) in terms of usability. As others will attest, it's often a nightmare to get Woody installed and configured on a machine where Redhat or Mandrake will Just Work (tm). In many ways, using Debian felt like I was using Slackware circa 1998. Too much reinvention of the same old wheels. And don't even get me started on the documentation or community support -- I'm a very technically adept guy (I've been using Linux since 1995), and I find the technical support attitude that surrounds Debian to be...well, elitist, to say the least.

That said, this is a new release, so maybe things have changed completely. But if you're like me, and you have to get work done that doesn't involve futzing with config files and kernel modules, be very wary of Debian. (Not incidentally, Fedora is a very nice distribution, and it supports apt too....)

Re:Be careful.

[wfrp01]

Debian's release cycle is a little slow, so by the end things seem a little out of date. But when the new stable comes out, upgrading will be a snap (if the past is any indication). Install once, and then easy upgrades from then on.

Re:Be careful.

[deek]

• The problem is, by all objective standards, Woody is significantly behind Redhat, SuSE, Mandrake and Yellow Dog (all distributions that I've used extensively) in terms of usability. As others will attest, it's often a nightmare to get Woody installed and configured on a machine where Redhat or Mandrake will Just Work (tm).

Yes, in a way, Debian really does need to you know what you're doing, how a Linux system works, and what certain packages do. But if you're technically adept, I can tell you that a Debian system is nicer to maintain than Redhat or Mandrake. It's not just apt, it's the way the whole system is designed from a technical perspective. And of course, apt makes installing and maintaining great, and you know that apt is on every Debian system you may encounter. It's not an optional package.

By the way, if you want to make things easier, you just have to know the right package. discover will automatically probe and insert modules every time you boot up. webmin handles easy configurations for many system programs and settings.

Really, the main problem with debian is you have to _know_ that these packages exist, and then install them. Debian will not install these packages by default, because its basic install is just that ... basic. Absolutely fantastic for creating a stripped down system, or a custom built system where you know every package that is installed, without the hassle of having to find and download the source code.

Nothing beats the time I visited a client to fix something that they had wrong with their unix server. I discovered it was a Debian machine, but one that didn't have the telnet command installed. A simple apt-get install telnet, and 20 seconds later (it was a modem internet connection :), I was using telnet to check services running on the machine. Fantastic stuff!

Re:Be careful.

[swillden]

Unless you like to do fresh installs to clear out the clutter you've created from time to time,

This isn't an issue with Debian. Want to clear out the clutter? Just use your favorite apt-get interface to remove all but a basic set of packages. Use cruft to find and remove anything else, then use apt-get to install the stuff you want again. This way you clear out the clutter, but don't lose your configuration.

In practice, I don't really even do the above unless my drive is getting full. Unlike other operating systems (cough Windows cough), Linux doesn't really 'degrade' over time. It may get cluttered, but it continues to work just fine.

to try new things and such

If you run unstable, you will always be trying new things. Just upgrade frequently (I upgrade daily, in general) and you'll always be running new stuff. Also, every time I update I get a new list of packages in my "New Packages" section, and I find it very interesting to take five minutes and scan through them, looking for anything intruiguing.

need a system you can setup on a new set of hardware in under an hour pretty much consistantly

Try Knoppix. It's Instant Debian unstable. Getting it running on a clean box takes nothing more than the time to boot. Getting it installed takes just a few minutes more.

Re:Be careful.

[kmilani2134]

For several years I had run SuSE and Red Hat and had wanted to try Debian, but didn't have enough knowledge to get it installed.

Then, just over a year ago, I learned about Libranet and ordered a copy. Libranet is a distribution that is true to Debian, while providing a cutting edge desktop, slick install and a great administrative interface.

I have found Libranet to be exceptionally stable and you just can't beat Debian for its package management.

Re:Torrent please for the ISO's

[corebreech]

With over 300 mirrors, I doubt this crowd will be able to kill "the server".

From the Debian website:

There are less mirrors of these images due to space and bandwidth constraints, so these downloads can be quite slow.

Debian would rather you didn't download the ISO's, in favor of Jigdo. However, I prefer ISO's. I live having the whole distro laid out in however many CD's it takes, so I don't have to worry about the network running or having everything I need to do the install.

Sometimes distros forget to include stuff you need in a specific package. Getting everything at once helps to preclude that inevitability.

So again I ask, who has the torrent?

The Switch

[chickenwing]

I switched to Debian several years ago after reading a Slashdot article announcing a new Debian release. I had already moved from Slackware to RedHat before that, and was never really impressed with the latter. I fell in love with Debian right away, and was always impressed with the project's desire to do things right.

Debian has its own ways of doing things, and as with any other distribution, you will be more productive if you learn and conform to these conventions rather than fighting them.

I wonder how many people will give Debian a try after reading this article. Hopefully those who do will find the experience as rewarding as I have ;-)

Re:Wow... now it's as updated as Red Hat 5.0

Actually, it ships with a number of different 2.4 kernels also. If you do nothing but keep hitting the enter key, you will get the most conservative install possible (with a 2.2 kernel). If you read a paragraph or two of documentation or the install help screen, it will tell you how to select a kenel. Also, the different CDs in the set are all bootable, and use different kenels to start the install if you want to do it that way. If all else fails, and you install a 2.2 kernel, type apt-get install kernel-image-# and you should be ready to go.

Re:New Debian!

[throwaway18]

Christ, Microsoft's security servers have never been r00ted, yet Linux is supposedly more secure?

What about this?

Re:I see now

[Malc]

The thing with Debian though is that once you get use to it, you realise that you have no need for the CDs. Well, I retract: if you don't have a good internet connection, but then you probably aren't downloading the ISO anyway. For people wanting to deploy multiple machines without using a lot of bandwidth - it can be cached locally.

I just found my Debian 2.2 vanilla boot floppies and CD disk set this weekend during a cleanup of my office - I don't think I've touched them since I originally installed the machine 2.5 yrs ago.

Why spend your time downloading packages you don't need? Get the base system and then just apt-get what you need after that. Having the whole thing on CDs is just a feel-good thing for people not used to Debian. I find it offensive that I have about 20 Mandrake CDs that I will probably never need to use again as they're out of date and those versions of Mandrake cannot be updated online the way Debian can.

Re:I see now

[gl4ss]

the thing is, that the best way to install it is through the netinstall and for that you only need a quite small iso to kick the installer going. you don't often need isos of it, for old installations update automatically very simply and it is _not_ preferable to update them from cd's. so for them it is preferable to have them created from the packages on the machine of the guy who wants those isos. also i imagine that a full iso package would weight quite a lot nowadays. this is fundamentally different from the "get the isos, that could come in a shrinkwrap package, and pop the cd's in to update to the next version" method of some other distributions.

and their mirrors for the packages are plenty and fast as hell as well(they seem to have quite formidable amount of support from the academic world with bandwith resources to donate). for me updating my debian box it takes more time to unpack than it takes to download, thanks to the mirror that is quite nearby on a fat pipe.

also a lot of people prefer to not run the 'stable' distribution as their desktops and so you would need many different sets of those isos that would be need to be updated periodically to reflect the changes in the distributions.

(however some might prefer to use knoppix or similar and do a hdinstall from there, if you just wanted a quite up to date system on a cd that works easily.)

all this said i'm pretty sure that there are some torrents somewhere for some iso pack, for that is the nature of the community big enough that everything will appear.

btw there's alternative (net)installation boot cd's as well should you wish for example xfs support & some things like that. and be sure to choose an apt-source that is fast since the chances are that you will find one pretty easily, and also spend the time to learn that where you can add additional sources(for additional software not in the official distributions http://www.apt-get.org is a pretty good place to look from).

the progression of debian branches...

[slackergod]

the 'unstable' 'stable' and 'testing'
names are symlinks for one of the named
debian distributions.

woody is currently the stable version.
the stable version which will usually have
slightly older software, but because it's been
tested for a much longer time
it's better to use on business servers.

sarge is currently the testing version.
it should probably be for workstation/home use.
the packages are newer, but not as bug-free.
while it could be used in a production environment,
stable will always be a safer bet.

as the stable version, woody gets mainly
security updates. at some point, sarge
will become well testing enough that
woody will be retired (like 'potato' before it),
and sarge will become the current stable branch.

a new fork will be created at that point,
and become the new testing version.

'sid' will always be the unstable branch of
debian. you don't want to use 'unstable'.
it will almost always have the newest
software versions, but they will probably
break your system. if you see something you
like, download it singly, don't install
sarge to get it.

in short...
get sarge/testing to try out debian.
if there's problems, or you want older
more tested software, get woody/stable.
if all you want is problems,
for your own mind to solve,
get sid/unstable.