Slashdot Mirror
Updates From Debian
A couple of people noted that
"Linuxlookup.com is reporting the third update of Debian GNU/Linux 3.0 (codename `woody') which mainly adds security updates to the stable release, along with a few corrections to serious problems. Those who frequently update from security.debian.org won't have to update many packages and most updates from security.debian.org are included in this update." Another reader writes "Looks like the Debian project just released
their old stable distribution (woody) with a huge numbers of security
updates, some removals and some less critical bugfixes. It's been a long
time that we had to wait for it, the last update was in November last year,
together with the break-in." And finally: pkarlos_76 writes "What's holding up Debian Sarge from release to stable? It's those lazy maintainers..... no actually it's just a few issues with security and bugs being quashed, and maybe you can help speed things up, especially if you are a maintainer, as your package will be left out if release candidate bugs are not fixed. Sarge Release Status Update available on Debianhelp . Even if you aren't a maintainer, any help with bug quashing, picking up orphaned packages or what not is always a Good Thing.
on my laptop... just finished downloading it via torrent. I can't be jiggered to wait for Sarge to come out in final form... How long has it been now in rc form??? I mean, they posted the teaser for Sarge two years ago!!! ridiculous...
Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
I'm not that familiar with Debian so I'm wondering what's Debian's unique selling point? What does it do that others don't?
My impression of Debian rightly or wrongly is a rather conservative distro with a very rigid/ideological view on which licenses the will package.
----
We have 'recently' switched our servers over to debian (coming from redhat), because of the so-called stability etc.
We decided to go with Sarge (testing), as we where expecting a final release with security-fixes soon, and didn't wanted to have woody installed and becoming obsolete within a couple of weeks.
This was almost 7 months ago, and right it's not even in a freeze.
(Yes, I know, Debian releases when it's ready, but hey, atleast get the security team start having a look at the packages.)
No flaming (I love the ease in the distribution), just a bit disappointed.
Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
It's niche is being so out of date that hackers are no longer familiar with it's versions of packages.
It's news probably because Debian only does updates every 3 years...
"Some things have to be believed to be seen." - Ralph Hodgson
Debian's strategy of rock-solid releases is something that makes the distro unique. It also doesn't make it much fun. If you want modern packages, you often have to hang out with the "unstable" crowd, rather than the "testing" crowd. But this is like being signed up for regular crotch-kicks, since unstable breaks systems on a practically weekly basis. This, plus dependency creep, makes anything but "stable" debian sort of a drag.
Stable Debian, on the other hand, is a nice thing. I've always admired Debian's power structure and community focus, but I've been so much happier with my hobby computer when I switched to a more "I-think-I'm-an-expert-but-really-I'm-an-idiot" distro like gentoo. For binary distros, I think there's a big pack of modern flashy desktop ones that eat Debian's lunch. Debian's idealism might end up side-lining it in the Linux world.
Use the Firehose to mod down Second Life stories!
Try the sarge installer, it's a huge improvement.
Please alter my pants as fashion dictates.
Hahah what is funny is that if there is any news about old retro dying stuff, it is bound to be on the front page, except of course *BSD :-)
:-)
It is a conspiracy you know.
In all seriousness - debian sucks the same way as a swedish student doing illicit massage to help get through college - i.e. it is awesome!
If I didn't use SuSE I would use Debian. If I had another PC *it* would use Debian.
If I had a swedish student trying to earn her way through college....
#hostfile 0.0.0.0 primidi.com 0.0.0.0 www.primidi.com 0.0.0.0 radio.weblogs.com
To track unstable (like tracking -current in the *BSDs) _can_ give you some surprises, but rarely _does_. I use sid on my desktop since the time KDE wasn't in the distro (QPL problems). I haven't been bitten for some two years now.
It's better to be the foot on the boot than the face on the pavement. ~~ tkx Kadin2048
Debian has so many packages and platforms that it is hard to release.
It is even crazier that a game like "Abuse" is listed as a release stopper. C'mon folks. We need a small core that drives the release schedule.
Maybe this is why ubuntu forked.
I do love the long support cycle of debian. Can't afford to upgrade a server every year, which is the case for Fedora and friends
My machine at home can run redhat, mandrake, suse, and even gentoo, but I can't for the life of me get any debian based distro to work on my PC.
During the base install I will get random package errors. I thought it might be my CD, but i've burned 10 at this point and verified the CRC, so maybe its my sony DVD burner that i'm using to read the disk for the install.
Here's my specs if anyone has a clue
p4 3ghz
intel i865perl motherboard
audigy 2 ZS
Samsung SATA 160 gig drive.
Gainward nvidia FX5900XT
Sony DVD burner
Nothing new or special. Tried doing a netinstall of sarge with the rc2 installer. Tried to ubantu (or however you spell it) and i'm going to try a knoppix chroot install tonight. I've tried other's but no luck on those as well.
Any ideas?
It's also very stable and you can get by with a minimal of packages. The approach is to patch exisiting versions rather than force 'upgrades' to newer versions which may or may not change behavior (see PHP for examples of behavior changes even between point versions).
And it runs on quite a variety of hardware besides lame old x86. I've run classes for semesters off of old junker Macintoshes -- 100% availability, no downtime from course start until the hardware was retired for good the next year.
It's also very fast to install once you get used to it. (Don't use dselect) I've installed Debian for use as a web/cgi/database server on Pentium machines in under 15 minutes. Including some tweaking, however that needs a fast network connection.
It's easy to choose linux 2.2, 2.4, 2.6 or a custom variant Linux kernel. I've also read that you can drop in other kernels besides Linux, like BSD. Though I myself have not tried, but would like to read more about it.
Beta is broken and the link to classic doesn't work. Stop wasting our time or there won't be anybody left here.
All debian varieties can use apt-get (and its partner tools) to contact the main debian repositories. The repositories have a *huge* selection of prepackaged applications/libs/etc that you can install with very little fuss simply by choosing "apt-get install NAMEOFPACKAGE." Alternately, there are CLI tools such as "aptitude" which one may use to select software from a categorical list of packages, or GUI tools such as "synaptic" that do the same in a graphical environment.
At regular intervals, you may "apt-get update" to update your machine's list of software known to debian. "apt-get upgrade" can then be used to upgrade to known newer versions, or apply security updates in debian/stable.
For software updates/installations that have configuration options, often you will get a curses-based interface which steps you through basic configuration.
Debian/stable: As most have mentioned, very stable, well tested, and generally out-of-date as far as new features etc etc (but with security fixes etc being backported). Automatic download/configuration of most new security updates via apt-get. Very nice for servers or other systems that you want to be reliable, but don't need a bleeding edge environment. Packages are generally well-tested against each other, so you have a good assurance that apt-get installing package B will not break package A.
Debian/unstable: No security patches for unstable packages. Instead, regularly updating will get you newer versions of software. Sometimes you get conflicts but ususally it is fairly stable. I've been using a debian/unstable desktop for quite sometime now... the worst problems I've had thus far is needed to manually select a different "automake" version for Anjuta to work, and having a package that wasn't from debian being broken by a gtk update (mainly because some quirky coding in said package didn't like the new GTK version).
Debian/testing: I haven't used it, but basically I believe it's supposed to be slightly more bleeding edge than debian/stable. Packages haven't been fully tested against each other, package updates/changes are more common.
Really, you could think of the above as something akin to freshmeat.net's software grading system, where 'stable' is often for "mature" software packages, 'unstable' includes "beta" or less mature, and 'testing' is very new or "alpha."
The only thing that confuses me at current is why my Firefox is only avaiable up to version 0.9.3, even in 'testing'...
In summary though, the concept that debian is for old/crufty software is bogus. This may apply to debian/stable, but unstable will keep you very up-to-date for most users.
This is great to hear. I recently deployed Debian on some production servers out on the internet and they have gone several months without even the slightest quirk or hiccup, under moderately heavy load. I was semi-new to Debian, and I use it on one of my machines at home too; on my desktop I use Gentoo.
:)
:)
People have a variety of opinions on any distribution, but I can't think of anything easier to maintain, and it's well-documented too.
I've heard some rumors about the Debian support community being a little crusty and curmudgeonly, but I wouldn't know because I've so far never needed to ask anyone for support. And I'm not that bright, so that says a lot.
On the other hand, I've met Debian users in other non-Linux forums who all have been nice enough folks.
As I update regularly, it appears from the release announcement that there won't be any added value to downloading and burning it, which is just as well.
The conservatism here has been a positive things for the server-related things I use it for. I've never tried using testing or unstable as a desktop (where I imagine you generally want to be a little less conservative) so I can't speak to that. However, when I get a new system to replace this miserable 1 GHz Celeron, I'll probably turn this machine into a Debian machine, since running Gentoo on it, with the attendant compiling, is increasingly painful given its speed.
(Though I'll run Gentoo on the new system
Side by side, they seem to cover two extremes of the spectrum, and work well in that regard, side by side. I haven't even been very curious about anything else but these two. But that's just mey opinion.
So, Debian is to coma as *BSD is to dying?
home
First of all, I am a happy user of Debian Woody on the desktops and servers. And let me tell you something: it is stable. And it is stable not only in the sense that the system per se has never crashed during 24h/day heavy load for years, but what is even more important for large networks and offices, it is stable in the sense that no API or system behaviour change while the patches are applied. There are no new featuritis after a stable Debian is released, no version of any program changes to a newer one with even slightly different interface or semantics. There are only isolated security patches. Period.
If any software has fixed a vulnerability in a newer version of the program, the Debian team backports that security fix to older versions, and that security fix alone. What does it mean? That in addition to the system itself being rock solid, I can be quite sure that my custom applications will not break after patching. And we all know that this is the real reason that makes administrators not patch their systems on time. No one will patch a system if the patches break everything, there would be no point, why not shut down the network in the first place and be done with it.
But with stable Debian this is a non-issue. And in my opinion, this the reason why real-world Debian installations tend to be generally more secure. As a Debian lover I would love to say otherwise, but Debian is not inherently more secure than Red Hat or Mandrake; Debian admins are not generally smarter than anyone else. Even the APT packaging system is not so important. It is not important who, how or with which tools applies patches. It is even not that important if those very patches are available after ten hours or ten days after disclosing the vulnerability. It is, however, important what happens after applying those patches. Does anything break? Does anything start working different than before? Does it need extensive testing and rewriting of local custom software? If the answer is "yes" then you can be sure that those patches will be rolled back and will not get applied for months.
That is the real issue. That is the real difference. So now going back to the question:
"What's holding up Debian Sarge from release to stable? It's those lazy maintainers..... no actually it's just a few issues..."
I would like to ask a more important question: what does it actually mean that Debian Sarge is released as stable? And as it turns out, it means changing the "stable" symlink from "woody" to "sarge."
That's right. Sarge is already released and you can use it before that symlink is changed if you need software newer than Woody. The only other thing that will change after the "release" is that feature updates will stop and only security updates will get backported. But the security updates are already available in Sarge, maybe even faster. The only difference is that before the "stable" symlink is redirected to Sarge, you are also getting feature updates of the software in addition to security patches. If that is not an issue for you, then nothing is stopping you from "releasing" Sarge today.
I hope this will help to understand why Debian users and developers are often outraged when people ask when the new version of Debian is released.
Sincerely,
Pan Tarhei Hosé, PhD.
"Homo sum et cogito ergo odi profanum vulgus et libido."
-matthew
"THERE IS NO JUSTICE, THERE IS ONLY ME." -Death
I thought the order is, stable, testing, unstable, experimental.
Testing is sarge; unstable is sid.
Servers are supposed to be "boring", "dull", "mundane", "reliable", etc.
I run a few Debian servers and they never give me any problems. Patches go in without any problems. They never do down. They just keep serving.
Gentoo is great on a desktop. But a desktop has completely different requirements than a server. A desktop can get by with an unstable app.
A server should not be running anything it doesn't absolutely have to and everything it runs must be rock solid. Debian gives me all of that on a server.
Maybe.
Knoppix on the desktop is awesome and it is Debian. One Knoppix CD + a USB toy and you've got it all.
Debian on the server may not have all the Oracle support and such that Red Hat does, but it handles just about everything else.
GUIs are vastly superior if you're doing a task which requires you to find one item among many, without proper search parameters. This may be a file you're trying to locate, or a configuration option. This is even more superior if this is a task you do rarely or only once.
CLI is vastly superior if you're doing rutine tasks. They are typically more flexible, have more options and offer more ways to manipulate and automate them. Auto-complete (a must) makes it about as easy to select files as in GUIs.
Of course, the G in GUI is mostly eyecandy. TUI (Text User Interface, think text-based menus), though rare, provide mostly all the functionality of GUIs, unless you're specificly doing something graphic like viewing/manipulating images.
What I really really do miss is more hybrid interfaces. Where you can do things graphically, and yet command the full power of a CLI. I don't see why it has to be an either-or. I don't mean 1:1 maps of CLI->GUI which are basicly eyecandy, but programs where the GUI is useful in itself, and the CLI readily available.
Kjella
Live today, because you never know what tomorrow brings
As a bonus, I didn't even wind up getting a 2.2.x kernel. I guess I was careful.
"Avoid employing unlucky people - throw half of the pile of CVs in the bin without reading them." -- David Brent