Slashdot Mirror
Debian Leaders: We Need to Release More Often
daria42 writes "The lack of a new stable release of Debian GNU/Linux since July 2002 is fuelling the campaigns of many candidates for the project's Debian Project Leader role, with many pushing for a shorter and more stable release cycle to stop Linux users heading for greener and more updated pastures."
July 2002 .. you've gotta be kidding me.. right ? Another Slasheditor typo ?
I thought Debian was an enthusiasts distro..
Here's some fresh Debian:
http://osnews.com/story.php?news_id=10020
I would like to be the first to say "duh". Debian is old. Despite it being stable, it's often a good idea to have the newest programs to keep up with the newest technologies.
However, I do find that using a netinstall version of the "testing" release tends to keep up to date with most packages.
-------
Support Indy Music. Buy
I can see the need for keeping ahead of security bugs, but to change for change's sake is just silly.
I have no problem playing with aptitude from their latest unstable Sarge (it's great BTW), but it makes it very hard for me to recommend Debian on servers to customers when the latest stable release is eons old. Yes, I know there are ways around this... but let's face it, from a customer point of view it's an small image problem Debian has.
READY.
PRINT ""+-0
Debian was the first Linux distribution I ever downloaded, in the summer of 2003. I was on dial-up at the time (and didn't even have my own line, so I couldn't download 24/7), and I remember being worried that there'd be a new release by the time I was done downloading the first ISO. I mean, open-source software moves fast, right?
Should've relaxed.
Between releasing too often, and not often enough. That being said, I run Debian at home, and at work. I can run unstable at home, and get mostly current software. Even testing is stable enough for most of the work related stuff.
legions of pimply faced linux nerds around the world simultaneously "released" the manual way in support of the mostly irrelevant and ignored Debian community
I suppose an apt-get answer to yum,portage et-al seems appropriate in exchange for the debian written security patches that would only be included in the stable branch. They should focus on i686 binaries instead. Since such a small minority of debian users are still using 386's
debain testing allow you to update your system as packages become abalable with out having to wait for a full release
There is always BSD...
Bruce
Bruce Perens.
As a new Linux user, what I heard from all my friends was, "don't use Debian, use Mepis or Knoppix or Ubuntu." It seems to be the opinion of many that Debian is nice, but it's not worth using a plain version of Debian, because these other distros have built it into something better. At least, that's the impression. So it seems that Debian is losing "mindshare" among new Linux users to a degree.
Last stable release in 2002 - how can they possibly compete with Microsoft whose last desktop operating system release was in 2001 :)
to get this FP
we are talking about pooping, right?
when the new Debian installer comes out, will that kill Libranet? I sure as hell hope not. Libranet is one of the unknown gems of Linux distros. If you can ween yourself of the need for the latest and greatest buggy software releases, Libranet *just works*.
Also, this posting should have been labeled from-the-no-shit dept.
This guy is way out there
It would be really nice if Stable were updated at least yearly. I'm willing to play with Unstable or Testing if it's for my own use only, but if it's for someone else then I may as well either use a heavily-package-based distro like RedHat or SuSE, or Slackware if I'm going to have to build a bunch by hand anyway.
I guess that it'd been awhile since I last installed Debian from scratch, I didn't know that it has been two years.
Do not look into laser with remaining eye.
Debian Leaders: We Need to Release More Often
This just in: the Catholic Church says the Earth is round.
In other news, George Broussard admits Duke Nukem Forever "is a little late".
Question- why did it take, oh, 3 years for them to finally come to terms with the fact that their iguana was turning into a dinosaur? It's like they've all been collectively in denial. I took one look at the list of versions in the stable branch when someone suggested I check out Debian. I laughed, and closed the window. Every time I've come across a Debian box, it was "put in by some weird guy who doesn't work here anymore". Debian users preach to me about stability, when I haven't had a linux box do something unexpected in quite some time. Debian's still stuck in the age of obsession with uptimes.
I understand the need for stability, but that means you put more effort into QA, not that you sit on your ass because what you've got works. I mean hell, some distros still ship 2.4; it's an embarrassment that companies like Redhat port BACK improvements made in 2.6 to their own versions of the 2.4 kernel, instead of finding and fixing problems in 2.6.
Please help metamoderate.
This is one of the reasons I'm not using Debian now. It might be stable, have a brilliant program that handles all the installation stuff automagically, and have a great community, but the big problem with it that turned me away is exactly that mindset. The last time I had the inclination to try out something different, I was looking for a non-commercial distro that had recent versions of Gnome and KDE and decent non-annoying package support. Debian had two out of three, but if I got it, it would have been mostly a downgrade for me.
Another really important advantage of releasing more often is that releases attract attention. A new version of something is often enough to get people to try it out, and it could turn out to be very good for Debian. Plus, that's the general mentality anyway -- "release early and often" -- of open-source, and Debian is perhaps the most adherent of the well-known Linux distros to the whole open-source philosophy.
If Debian starts releasing a new version every couple months, I'll be sure to give it a try, and I would imagine many other people feel the same way.
Bears don't normally eat things that talk and move backwards.
Ultimately, the people who like Debian will continue to use it; likewise Debian's goal should be keeping its customers satisfied rather than trying to sway people away from other distros.
I don't really care that it's not updated because apt is flexible enough to work around that. And if a package is _insanely outdated, usually a newer one is in Testing or Unstable. And as a last resource, it's not like Debian precludes you from compiling it myself.
While more frequent releases would be nice, I like it just the way it is. I feel as if I'm guaranteed that the packages will work together without problems (something I haven't encountered in certain other package management systems). And for the select few programs where the version is unacceptably old (like gaim), I just compile from source code.
If you say "here goes my karma" I will bite you!!!
...for a second, I thought that read "Lesbian Leaders".
And I, for one....
ahhh, never mind.
I think this is good news that some of the potential leadership in Debian has reconized this as a problem.
I've been a Debian fan for some time, but I find I am racking my newly built critical servers on RHEL3&4 just because so many of the Debian packages are 'stale'. In a lot of enviroments, running testing is unacceptable and using stable is to far out of date for the intended use of the machine. We are definatly in limbo as far as Debian installs.
I really hope they pull this together, without Debian the landscape changes dramatically for binary stable systems.
But, the biggest problem I can see is that by releasing early and often it creates a larger legacy code base that needs to be maintained but does not have the resources to do so. You cannot effectly update a server farm of hundreds to thousands of machines to a new version within a short legacy cycle, yet it is a huge burden to maintain the legacy code for any lengh of time.
Is up to date, even considering the head honcho's health problems.
There's no excuse for no Debian stable releases since 2002.
Maybe Bruce should base UserLinux on that.
--
BMO
Not to mention Gentoo.
But I'll wisely keep quiet so not to incur the wrath of Slashdot...
Try Ubuntu. They have a release cycle of 6 month and the next release due to april is Gnome / KDE. You can even get the preview release now.
Slashdot anagrams to "Sad Sloth"
In other news, Microsoft decides that "We Need to Make IE More Secure!".
;)
Good to see the penny dropping twice in one week.
...just looking at it, to be more of a "base platform" from which people build their own customised distros. This in fact might be an actual model for a future LinuxOS,(OSes in general I mean really) if no standard GNU/LinuxOS ever evolves, just make it incredibly easy to select what sort of computing experience you want, mash a few buttons, answer a few questions about hardware, whatever and etc, and your custom distro gets created, you then download it burn it and install it. People don't really "run" an OS, they want to "run" some applications. They want to just go do stuff with their computer, not really futz with it constantly. Well, I mean the 99% of the other people on the planet. You know, "them" guys.
Anyway, if you look at it that way, it's neither way behind the times or bleeding edge, it's just a big ole pile of apps and kernels that you have access to. Maybe they should just skip the different versions, let Apt sort it out when people go to build their own, make it a remasters dream system instead of trying to be a stock classic distro "OS". Do something different than what MS and Apple and Sun are doing. Make the personalised "your computer" be the primary focus, along with the "easy" part.
but at least give us a distro that we can use for almost-but-not-quite mission critical applications, like web servers for small businesses, or cyber cafe machines.
There is one very easy way the Debian team could achieve this: merge security patches into Testing at the same time as Stable and Unstable.
Why would this be a good idea? I can't be bothered re-iterating, so here's a paste from a prior post:
Stable? Sadly, not an option due to its complete lack of support for modern hardware or moderm features. It's a marvelous example of what computing should have been in 1997.
Unstable? Far too likely to break at the next apt-get upgrade.
Experimental? Same as Unstable, but worse.
Testing? Probably the best bet, though still not recommended for production use by Debian.org since it doesn't get timely security updates.
"Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife
Mod parent, self, and grandchildren down, -1, Offtopic!
I have used many different distributions (started with one of the very first Slackwares in 2000-2001, stayed with them for a while then moved on to a now defunct German distro, then another defunct one, then Debian, then RH7.x, RH9 and now finally FC3) and the glacial pace of Debian development was what caused me to switch to RH.
Most of the things I needed were in unstable (at the time it was potato I think), and unstable was breaking various odds and ends on a weekly basis and I didn't trust it at all so I ended up jumping ship onto RedHat and have never really looked back.
It kind of sucks, as I did like the idea of using Debian, but when it started getting in the way of me being able to work (aka, things I needed were not available for it) I really had no choice but to stop using it.
Every time I brought the issue up with a debian person I'm always told that 'everybody uses unstable anyways so I should do it as well' which is kind of weird, as when most of your user base is using your 'break at will' branch vs your 'stable' one it should be obvious there is a problem.
Good luck to the debian folks anyways, although I have the feeling it's a bit late to be closing the barn door...
-- the cake is a lie
You people have to realize that having a server run forever without a hickup is the key to Stable...Not the latest and greatest. If you want the latest releases, use the Testing or Unstable versions. How many updates does it take Redhat;Suse;Slackware;etc. to be entirely stable?
Why does debian-stable even have to exist? Let Ubuntu and the other distributions based on debian do your stablising.
How we know is more important than what we know.
Debian developers basically have two options: either reign in the development cycle or rename "Debian Stable" to "Debian Obsolete". I've been a long-time Debian user, but now I too am looking for greener pastures. The question is where to? Gentoo? Fedora? Is there something that compares to apt-get?
___
If you think big enough, you'll never have to do it.
Hey why not the developers would do with the only incubator they are going to use, get a 9 month release cycle for their favourite (and only child;)
Emacs is good operating system, but it has one flaw: Its text editor could be better.
I can see the need for keeping ahead of security bugs...
Speaking of which... *tap* *tap* is this thing turned on? Is anyone from the Debian security team listening? I've got a security issue here... I've e-mailed vendor-sec (3 weeks ago)... I've e-mailed debian-security-private directly (1.5 weeks ago)... are you guys planning on responding some time this month?
(Yes, I'm entirely serious. Slashdot isn't my preferred channel for communicating with other security teams, but the usual mechanisms seems to have failed, and I figure that there must be at least a few Debian people reading this story.)
Tarsnap: Online backups for the truly paranoid
" .. to stop Linux users heading for greener and more updated pastures.
And what are those? We migrated recently from RedHat to Debian. Before that we were looking hard for what distro to replace RH with and Debian was the best choice by far. We are running Debian "testing", I admit that. So far, Debian has been excellent, it exceeded all of our expectations. Apt-get/aptitude, it made our life so much easier.
Somewhat shorter cycle would not hurt though. IMO, one release in 2 years is optimal with 6 months of mandatory migration phase support for prior release.
UBUNTU
Debian was the one distro that I never really thought of having official releases. It has versions that are fluid with their packages:
Stable
Testing
Unstable
Each have their own rewards and risks, but the key to me, was that with the netinstall disks, they never went out of date. You never had a CD set full of six month old packages, you had your favorite debian versions latest, usually day old release, a download away.
The new installer is excellent, and with the lack of X based GUI, will still work with a minimal download.
Debian is great, but hey the packages come out too slow!!!
I changed to Gentoo because a lot of the new software took far too long to be released as a debian package. Sure, I could have just downloaded the software, make install, etc blah. But I wanted to manage my packages!
For this very reason I switched to Gentoo.
The only thing annoying about Gentoo is compiling time - which is still quicker than waiting for Debian packages to come out.
People aren't leaving Debian for greener pastures. They're leaving Debian for Debian derivatives. If the last three months on Distrowatch are any indication of how much each distrbution is being used, then Debian is the most important distro out there. Ubuntu is #1, Mepis is #3, and Debian itself is #6. The Debian project has obviously doing something right if some of the most popular distros choose to base themselves on it.
On the other hand, the fact that derivatives are necessary is a sign of Debian's shortcomings. I haven't used Mepis in over a year, but the last time I used it, it was basically Debian installable off of a live CD with easy to use configuration tools. That says that Debian proper is hard to install and lacks user friendly configuration tools. The former problem has been fixed, but I'm not sure the latter has been. Ubuntu is Debian with a shorter release cycle and paid developers to add polish. This shows that users obviously take issue with Debian's long release cycles, and once again, the administration tools. Anyone who is running the development version of Ubuntu right now knows how easy it is to keep things up to date. The newer software also takes advantage of advances on the Linux desktop, such as Project Utopia. I can plug in USB devices, and they just work. It's nice, and Debian proper misses out on things like that because of the age of its packages.
So who uses Debian stable? From the things I hear, it's people who want a long release cycle. Woody users have been getting security updates for however long it's been since the release. People like that. Ubuntu is supported for 18 months after a release, which is likely to be too short for some people. I don't see how Debian loses out from desktop (and some server) users using the derivatives. Ubuntu is the main derivative, and all its work goes back into Debian proper. When etch is getting ready for release, the job is going to be much easier to do, since Ubuntu has already done much of the work ahead. Sarge has been in some sort of a freeze for most of the time Ubuntu has been around, so they haven't been able to reap the benefits of Ubuntu's presence. People getting paid to work on Debian is a good thing, not something to be angry about, which is the sense I get from some posts on Planet Debian.
So if Debian shortens its release cycle, where does that put it in the Linux ecosystem? I doubt they will be able to support security updates for multiple stable releases, which is what they would have to do with a short release cycle to maintain the current length of support. As much as Slashdotters like to poke fun at Debian, it plays a very important role. Does it really need to change?
Debian developers, thanks for making such a great distribution. There are lots of Ubuntu, Mepis, and Debian proper users that appreciate it.
Uh, nothing has changed in the nearly the past 3 years?
In that time, most of the civilized Linux world has switched to X.org X server, dumped whatever browser they were using and gone to Firefox, switched to the 2.6 kernel, etc. etc. The list goes on.
It's quite simply insulting that the default install comes with virtually every component being out of date. It's a shame because apt-get is so nice. (Yes, I know you can apt-get on other distro's but still)
go fork off. it's open source y'know. seriously though, i'm not too up with debian, but don't they have an unstable tree that keeps things pretty much up to date? and aren't there plenty of packages one can apt-get? and hell, if people want, there's fedora or mandrake for more "current" distros. and nothing stops someone from compiling a new kernel if they should choose. debian tends to be the more linux guru distro anyways, unlike many more user friendly ones. big deal. choice is great. distros like lindows, lycoris, and especailly knoppix use deb as their base. so, big deal if they want to be more methodical.
My problem? I was perfectly gruntled, until some numbnuts came by and dissed me.
snort doesnt pick up port scanning or anything for that matter
gaim cant use any other protocol other then jabber or some shit!
i wouldnt use it for a server my self its too old and insecure..
long live sarge!!!
The point was that he sounds incompetent and acts like a drunkard, you fool. Just like you sound like a dick, doesn't mean you are one. Got it?
We have over 100 Linux servers, but we chose CentOS as our default OS. We could have chosen Debian instead. In fact, the control panel we use for our customers (DirectAdmin) runs on Debian. But here's the #1 reason I didn't choose Debian:
[hypothetical scenario]
Customer: "What operating system version do you use?"
Us: "Debian unstable."
Customer: "...unstable??"
The close-behind #2 reason is the installer, but I understand that's getting fixed. IMHO, Debian should strive to release a new stable version every 6 months, with 12 months being the maximum time between new stable releases. As it is, I cannot justify using Debian for business purposes when their offering that coincides with what we need is labeled "unstable".
Simpli - Your source for San Jose dedicated servers and colocation!
As I said here, it might act like Debian, but Debian it's not.
.deb package on Ubuntu without possibly causing binary version problems? Similarly, can I build a package on Ubuntu, give it to a Debian user, and be sure that it'll work properly on their system?
A notable problem with using "spinoff" distributions is package compatibility. Can I install any
This is a problem with rpm-based distributions; I don't know if apt handles it in a smarter way than rpm, but I've been burned by it and I'm hesitant to try and see. While on the surface everything may seem to function properly, you never know when doing something seemingly innocent like installing or upgrading a package can open up a huge can of worms. I know; I tried installing some packages from my Mandrake 8.2 CDs on a Red Hat system. The first couple worked without any problems, but I tried installing another package that happened to mess with some other file that was already on the system, and it broke several other seemingly unrelated programs.
Bears don't normally eat things that talk and move backwards.
whats the only thing that takes longer than a full Gentoo compile....
once more into the breach
Debian _UNSTABLE_ is shipping Xfree 86 4.3. There have been, quite literally, _thousands_ of bugs fixed since then.
Stable does not always equal good.
Someone mod the parent up?
XML is like violence. If it doesn't solve the problem, use more.
Debian and Ubuntu are currently similar enough that i have yet to hear of this happening, though i'm sure it's possible. note that the ubu dev model is something like this: snapshots of debian unstable every 6 months, with fixes applied and fed back into "vanilla" debian. as such i think that we're going to continue to see them being very similar.
-Leigh
fedora: the blowfish sushi of distros, exciting, dangerous and for daredevils. It may kill your machine
redhat: the cafe food in the basement of the megacorp, great food but at airport restaurant prices.
novell/suse: the suits come in the front and pay to sit down and get served the same great food most of which is given away at the soup line in the back.
white hat: sneaks the food away from redhat and does the soup line thing. Some seasoning missing.
mandrake: tastes like redhat with somewhat better seasoning and operated kind of like the suse restaurant
gentoo: gourmet ingredients for you to build your own 9 course dinner, hopefully you don't starve in the meantime
debian: stale, week-past-expiration date bread that won't hurt you, and some rather tasteless but nurishing year-old jerky to put on it.
Why not post it to somewhere anonymous like SANS, etc?
They can contact the teams in other methods I'm sure, and if not, they can publish it and force a fix.
wdd
it's important to look at debian as a concept as a whole. when you say "debian stable", you're talking a particular snapshot of all these programs 3 or 4 years ago that have been analyzed and proven stable. if you are looking for what linux provided as a whole 3 years ago, you are probably in the right place. why is it so bad to have a clearly defined role for this "stable" distrobution? it's called "stable" because that is exactly what it is. rock solid stable. if you want fancy jazz, no one stops you from using testing or unstable. despite the scary connotations, testing has proven to be stable as well.
this sig limit is too small to put anything good h
I thought I started using Slackware in 1991-1992, but looking back at my old emails it was around October 1994, my bad.
-- the cake is a lie
This should help reduce the long time between releases. Every 6-12 months convert testing into frozen. Frozen should be considered a release, and supported as such, with security updates for ~18-24 months. Periodically, when few bugs exist in frozen convert frozen into stable. Maintain security updates for the last two stable releases. The idea is that for mission critical servers, stable would be used, but frozen would be sufficiently stable for workstations and less reliable servers. Just pushing out security updates for testing isn't enough because the continual upgrade process is too much for lightly administered machine. This also insures that testing is never frozen for long periods of time, which is good for desktops that want to be running the latest software. I like the concept of supporting fewer architectures, but this needs to be done properly. They should only allow bugs in the rare architectures block packages in stable. Most of these architectures are only used for servers or other rarely updated machines. Plus, since stable is not the release, these architectures won't block releases.
This is a "once more" new iteration of the same old idea of Debian updating their stable branch not often enough. And as always, I have to respectfully but totally disagree.
... well, since about the Potato release.
For one, people should really understand and see, that not all Linux distributions are just there to suit the newbie (l)users' desktop needs. This is just the attitude people gather while being full-blown Windows users and then fiddling around with some Linux, thinking it's cool and if he can't find his way around, then at least that';s another reason to bash.
Debian's stable branch is just _the_ perfect distro for servers. You can argue with this statement, but I will _not_ listen to home users' hysterical crap about the newest kde/gnome being necessary. There are places where that simply doesn't matter.
Where I spend my working hours very few people use Linux distros on their desktops, really very few, but almost all our servers are Linux based. The two of them where I hve root access are Debians. One is a current stable Woody, being web&mail&db&cvs&related server which I installed last year because the previous machine had a major blowup. The other is a Debian Potato (!) which is the previous [i.e. before Woody] stable branch, which is our dns server, up and working for
No desktop environments, no x, just good stable and reliable code which I trust and - most importantly - _very_ _easy_ to maintain.
At home I use Debian SID for about 4 years now. Updated about weekly, _very_ stable and usable. It has all the desktop fun I need. Most important: it hasn't been reinstalled since the first install just always copied over to the changed machine (about once in a year, I always hand-build my machines ever since I became acquainted with the screw driver), updated the necessary stuff and keep it always apt-get dist-pgrade-ed.
For me, and for many others out there, Debian - and now the quite many Debian-based distros, hey, there are even Debian SID-based distros now (!) - represent _the_ _GNU/Linux_ _distro_. For the others, there are plenty of others you can use and that is exactly why Lnux distro forking is a Good Thing, try not to forget that.
I am putting myself to the fullest possible use, which is all I can think that any conscious entity can ever hope to do.
*insert obligatory masturbation joke here*
I'm curious to know how any organization can move forward when its leader can be replaced every year. A one year term gives you just enough time to get a good night's sleep between campaigns.
If you don't want crime to pay, let the government run it.
Claiming that UserLinux needs Debian to release a new stable release so that UL can use it sounds a bit like a big cop out.
There is no UserLinux, there is only Debian.
Check out Arch Linux. It's a bit young, but up-to-date, fast, elegant and great package management.
BenCurry.net
jfm3 writes "The lack of diplomacy, ecological consciousness, and ability to think critically since September 2001 is fuelling the campaigns of many candidates for the country's American President role, with many pushing for a politer and more intelligent foreign policy to stop Americans heading for greener and more peaceful pastures."
Perhaps this does not appear on topic, a crime against slashdot of the highest caliber. Of course, both statements are equally absurd because of their obviousness (at least to me).
Here's my thing. I like debian's stability. In a way, it guarantees a certain degree of consistency amongst debian-based platforms. There's an interoperability on my computer right now that I really like. It's a creation of a sort of de-facto standard. It's pretty calming, to be honest.
Meanwhile, you've got Fedora and Mandrake and Suse constantly pushing towards more advanced releases, but with all those changes, that means there's a lot of programs that are going to need to be updated more frequently. Right now you've got Ubuntu, Knoppix and Mepis based off a reliable distribution. It's a solid foundation. Change the foundation, and all of a sudden you'll throw those three distributions off-kilter.
Wouldn't it be easier for the applications and distributions to achieve their own respective nirvanas of perfection if the goal posts aren't moving?
[/devil's advocacy]
Alright, to be honest, I don't necessarily agree with all of the above, but I REALLY don't agree with change for the sake of change. What seems to be happening here is that a lot of people are saying that debian is stagnating. Yeah. Okay. The formula for mixing hydrogen and oxygen hasn't been changing all that much, and yet it's still pretty useful as is. Want to start messing with that? (Yes, I know there's a big difference between water and debian. I just want to see some of the proponents for change start mapping out the gray area)
So debian's getting stale. So what? It injected new life into my laptop, and I'll tell you what, that ISN'T stale to me.
Well, how about adding in a "server" branch? Those in the know can use this - it will be what used to be called the "Stable" branch. However, for 90%+ of home Linux users, they would like the latest releases, so how about setting the default to "Testing"? It would make sure that most default installs have quite up-to-date packages with minimal bugs, while expanding the testing base greatly.
I have never had a problem with the Testing branch - it's been stable enough for me and been running for well over a year with supervised updates and I love it.
As a desktop user, what I wouldn't like is seeing KDE 2.2 come up after installing Debian after I have just seen all the news on the net about the 3.4 release. KDE 3.3 would be fine and I'd be willing to wait some time for 3.4 to get to me, but 2.2 would be un-acceptable. I would have been much happier if the install simply defaulted to the testing branch and installed even KDE 3.2.
Find a job you like and you will never work a day in your life.
Personally I think they would be best served by doing a little of each.
Build tools are up to date on debian. Build your own bleeding edge sofware and place in /usr/local. Easy. And I don't want to hear about "But I don't waaannna build my own! There should be a package!" Tough.
A notable problem with using "spinoff" distributions is package compatibility. Can I install any .deb package on Ubuntu without possibly causing binary version problems?
AFAIK, packages within Debian itself aren't even compatible with each other. If you're running unstable and you want to give a package to someone running testing, you're out of luck. Why is it a surprise that Ubuntu packages wouldn't be completely compatible? From my experience with Ubuntu, it seems like most Debian unstable packages are forward compatible to Ubuntu, but I doubt the reverse is true. This makes sense. Ubuntu has more up to date packages than even unstable at some points, since Ubuntu applies it's own patches, and the Debian maintainers may not apply them immediately. If they add the Ubuntu repository at a low priority and try installing your package, it'll probably work, but some of their libraries will be updated to Ubuntu versions. That's a bad thing, because it might break future updates within unstable for them. Maintaining package compatibility and achieving Ubuntu's goals at the same time would be impossible to do.
By the way, Ubuntu isn't a "spinoff" distribution. It stays with Debian unstable, then freezes the set of packages and stabilizes them. For the next release, they start over.
Where can I download this Debain you speak of? Is it any relation of Debian's?
FreeBSD maintains the same kind of stability WITH a more current release schedule. 5-stable (unlike 5-release) will give you a very stable system. 5-release will give you a pretty rock solid system, though unbreakability is not guaranteed. Use 6-current and you better expect breakage, though it's not guaranteed. The last -stable FreeBSD milestone? Nov. 6 2004.
Before there's a shitload of replies about 5 sucking - yes it did suck when it was strictly a new technology release. Now bugs have been patched and more things have come out from under the giant lock. Speed has increased, as has stability, and it has earned the -stable tag. The point of this post is just to say stable != extremely out of date. stability is just well-tested, well-written code.
I was a long time Debian user but I jumped ship about 9 months ago for Fedora.
You could release a new stable every 3 months starting next week, it's too late, I've had it with Debian's crap.
File a grave or serious bug against the package in question.
nt
Maybe all they need to do is call "unstable" something other than "unstable". Call Woody something like "stable server" and call the most stable "unstable" release "stable desktop". Better yet, let some company make a spinoff using those terminologies, and keep the Debian people working on Debian instead of terminology.
"If it's real, then it gets more interesting the closer you examine it. If it's not real, just the opposite is true." -
Debian stable is too old. It doesn't work on latest x86 and PPC hardware. Testing is fine for desktop, but for people who need stable and secure system for servers it's not an option. Since there is no security support for testing and there still are some bugs.
So we really need stable releases more often. Doing it by dropping some architectures makes sense to me, if you can't buy the hardware anyway. Also developers can still work on their favourite architecture and release if they keep up to the speed those 4 most popular architectures are releasing. It just means that i386 won't be waiting if there are some bugs on m68k.
And yes, I run debian testing
I told ya it was the tool of the debbel!
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
FreeBSD releases constantly and it's very very stable and secure...and they are even responsible for their own kernel development! All debian has to do is take other people's software and package it! FreeBSD developers have to develop the kernel, test it, package and then port software from Linux or other *nix to BSD as need and make packages etc.
So really Debian has NO EXCUSE for the lame release schedule.
I used to use redhat exclusively. Until the 3rd time I had been rootkitted.
Then I switched to debian after finally listening to some advice.
Have never been rootkitted since (was about 2-3 years ago). Will never ever go back to redhat.
Umm debian is well in need of some dusting off. I LOVE their pkg management system. However might I sugest they use a modle like freebsd? Mabie they need to admit the modle used by Gentoo has merit.
... you need oxygen to live.
Customer1: "What operating system version do you use?"
Us: "Linux 2.6."
Customer1: "Cool."
Customer2: "What operating system version do you use?"
Us: "Linux 2.6"
Customer2: "No, I mean, what distribution?"
Us: "Debian Linux."
Customer2: "Cool."
Customer3: "... What version of Debian?"
Us: "Debian Sid."
Customer3: "Cool."
Customer4: "... You mean, Debian UNSTABLE, right?"
Us: "Yep."
Customer4: "Cool, I run that on my home machine! Bugger about that Sarge release schedule, eh?"
All I can say is Duh.
pay attention, mods
GENERATION 26: The first time you see this, copy it into your sig on any forum and add 1 to the generation.
My only complaint is that the testing version of Debian is updated a bit too often. I dislike having to get 10-20MB of packages every week to keep up just in case there are some security updates included (Debian security notifications are only done for the stable release).
I would prefer something in between stable and testing, updated reasonably often with new packages (and features) and also have security releases in between as required.
I agree 100% with sp0rk173. Well said! Outdated and archaic doesn't mean is stable. As he already said, FreeBSD is released in a more often basis and is rock-stable :)
Up to and including r4. Most people who want to use Debian as a desktop use Testing anyway.
I think the actual names of each release are part of the problem. Someone else notes that its pretty hard to sell to management " want to run your business on Debian Unstable". How about: stable = server testing = testing unstable = desktop
"Flags are bits of colored cloth that governments use first to shrink-wrap people's brains..."
...Ubun-tu
Wow, you really have absolutely no clue what you're talking about. Go read the website.
They can keep the DOS config install screens for those know what they want for each computer (ie sysadmins) but for normal users there should be a Knoppix CD with an install to HD option. Like Kanotix.
The users would be able to boot and say: wow this looks and works great, I want to have this on my harddisk next to the documents that are still on there and just click 'make it so' Then they would be number one of easy to use linux again. Others have shown them the way now put it all together.
debian's package management system includes the ability to pin. that is, to attach various repositories/package trees of varying distributions with varying priorities. all my systems start stable and quickly recieve a good number of testing grade packages. because of dependancies, this means my system is usually ~50/50 stable/testing. i then usually add some non-system-metal stuff from unstable like KDE, gnome, & staroffice.
i also have a long list of external package repositories from apt-get.org. some of my systems also track ubuntu packages as well. i run ubuntu's Xorg package set on my laptop (better acceleration, maybe one day working Xorg Suspend-To-Ram on my ancient ATI mobility ). it works perfectly transparently, including xcompmgr & all.
the nice thing about debian is it lets you mix and match very easily while resolving all dependencies very nicely & very cleanly. also, you can set up your own repository very easily to take a sample collection of packages from kingdom-come and mirror it so it looks like a somewhat cohesive single repository. with apt-build coming along nicely, you can even cleanly and efficiently maintain your own patched versions of packages as they evolve, making it easier to recompile all your programs for Heimdal kerberos instead of MIT, for classic example.
who gives a rat about stable? just pin what you need. debian distro is really about empowering the user to whatever ends with the most direct simplicity. distros like ubuntu are there for those who just want a single clean complete desktop distro.
Myren
I even can't remember the last stable OS from Microsoft.
Was there ever one?
Well, first of all, I'd call Windows XP SP2 their latest release.
Well then, if you are going to count minor versions of the same release, then the latest update to Debian 3.0 was released on January 1st, 2005! Call it "Service Pack 4" if you like, we call it Debian GNU/Linux 3.0r4.
Running a 2002 release of Windows XP doesn't prevent you from installing the lastest version of Mozilla, Firefox or . The version of Mozilla in Debian stable is currently 1.0.0, and Firefox isn't even there!
Get real! Do you install Mozilla, Firefox, etc from WindowsUpdate.com? I think not! Nothing stops you installing the above mentioned software on either Debian "stable" or Windows XP. As with Windows, Debian "stable" users can download it from mozilla.org or other 3rd party sites.
Debian has always made a problem for itself by using 'stable' as a version description. It's fine if you know that 'stable' means 'not likely to change much', but to most users the word implies that all other versions are 'unstable' which make them think that it's likely to crash a lot. I think a more relevant description would be 'static'.
All servers I install are Debian and initially I used stable but now I use testing and have not had a single problem.
For servers, Debian's great. For desktop, it's still great except that you use Knoppix or Ubuntu instead which take care of providing the latest and greatest package versions. Underneath they're still good old rock-solid Debian!
As a hard up typical Slashdot reader, I too feel I need more releases.
"There is no time, sir, at which ties do not matter," Jeeves, (Jeeves and the Impending Doom)
{giggle}
UTF-8: There and Back Again
Watson: No shit, Sherlock.
Use ISO 8601 dates [YYYY-MM-DD]
Can I install any .deb package on Ubuntu without possibly causing binary version problems? Similarly, can I build a package on Ubuntu, give it to a Debian user, and be sure that it'll work properly on their system?
Actually...Yes. Yes you can
In fact the system I'm writing this on is Ubuntu Warty and I have the Debian Sarge repositories loaded in my sources list. I've got quite a few Debian packages loaded on my system with no breakage whatsoever. I've heard people refer to this type of setup as "Debuntian".
I wouldn't do anything stupid like apt-get upgrade (I comment out the Debian stuff for that) but for installing specific packages you're pretty safe.
"And then I visited Wikipedia
Mozilla 1.0 is the bomb.
Having just migrated from Ubuntu to sid I was very supprised at how well this went.
Ubuntu has upped the version of each package from the debian version by "ubuntu" this means that the next package compiled from a more recent version will replace it. It seems to follow debian policy as well.
This is a far cry from Knoppix, which I personally wish would remove the install to hard disk option. Knoppix is so far from debian in versioning that upgrading to debian is a horrific pain (there was a base package that had it's version promoted from 0.2.x to 2.x so when 0.2.78 comes out it doesn't get installed. I can't remember the package, but it was a core, or almost core package.
That said, I wouldn't develop from Ubuntu, but from sid, as Ubuntu is a fork that may or may not get it's changes into sid, and has stated that it will sync back with sid. Also sid isn't as nasty as one might think, because there is the experimental branch, that depends on sid, that gets most major changes and first (KDE4, GCC4, Gnome3, etc.)
My uninformed opinion on the matter.
Work bio at MMWD
I can see the need for keeping ahead of security bugs, but to change for change's sake is just silly.
Mmm, drivers maybe?.
The best way to run Debian is not to run Debian. It is to pick one of the better derivative distros like Ubuntu, Mephis, Libranet, etc and go. Debian even in it's current imperfect form has generated some amazing distros - some of which make the case for Linux on the desktop and some of which make fantastic servers. Debian itself is difficult to install compared to some of it's derivatives and a little more difficult to manage.
Debian is fueling an incredible ammount of invention and innovation, and I for one am happy to have benefited from the project.
-- $G
Debian is a victim of its own success.
.deb package, it goes into Unstable. The rules are, if you run packages from Unstable, and they break, you don't bitch: you fix them, or you keep your trap shut, but you don't bitch. Once a package has been in Unstable for awhile, it can go to Testing. When the project leaders are satisfied that the current state of the Testing distribution satisfies all the criteria and is fit to call Stable, then a new Stable distribution is born.
:) It's not the packages themselves that are unstable; rather, the versions are unstable, simply because the maintainers keep putting in new versions as soon as the .debs are put together. I wouldn't run it on a server; but on my laptop, which is behind a firewall, it works very well, and I'm also using it on my work desktop {an AMD64}. All that being said, I am tempted to try Kubuntu -- it's just like Ubuntu but with a KDE desktop {sorry, but despite my best efforts, I really can't get to grips with GNOME}.
It's an absolutely massive project. There are about ten thousand packages, all including metadata for full automatic dependency checking and resolution. Each of these packages is available for each of a dozen architectures, and there is consistency across all platforms. Debian is Debian; whether it's running on an Intel, a PPC, a Sparc, an ARM or whatever. The user need not know what lies beneath the skin of the machine; the procedure for doing something should be absolutely the same whatever is inside.
For a project of that sheer size to work, it's pretty much got to be ruled over with an iron fist -- if not literally, then those involved have to act as though it were so.
Woody is out-of-date for desktops; I don't think there is any question of that. KDE 2.2? Hello? And it's not exactly up to the minute for servers, either: it's still pushing Apache 1.3, for crying out loud!
The real problem stems from the fact that before a package can be accepted into the Stable release, it has to be shown to be bug-free on each of twelve architectures. So if it segfaults on a steam-powered toaster, it can't be deemed fit to run on an 80386.
But that's just the ideal for the Stable distribution. There are two other Debian distributions, Testing and Unstable. Whenever someone creates a brand-new
Testing is actually the Debian distribution you probably really want to be running if you have an 80386-type machine. Yes, security updates get ported into Stable in good time; but Testing probably has newer versions of packages anyway which are likely to have the security patch in by default. It's safe to run on servers iff you read the news and you know how to apply a patch and compile a package from source. {And if you don't, then what the hell are you doing running a server?} But Unstable is actually quite reasonable. I've found it to be no worse than Fedora or Mandrake: any problems I've had with packages not installing or not co-operating turned out to be due to mis-specified dependencies, requiring cunning use of manual override and package searches. So no worse than any RPM distro there
It's also worth remembering that every Debian-derivative -- Ubuntu, Linspire and so forth -- started out as a copy of the Unstable tree.
Je fume. Tu fumes. Nous fûmes!
Remember back in the mid-80ies - there was a OS from Ms that was called Xenix - based on a obscure OS from Bell Labs called UNIX - Xenix was selected as the main multi-user OS for IBMs latest AT based ranged of computers at that time.
Well it was some time ago.
Just saying it like it are.
I mean, the difference between "stable" "testing" and "unstable" isn't just in haow updated the software is. "Testing" and "unstable" don't get official and prompt security updates as "stable does, and also testing can be pretty "unstable" if you happen to try an update on (or a fresh install of a snapshot from) the wrong day... I know, I **** up my system this way! ;-)
It's a rock-stable and up-to-date *true Unix*!
one says to the other "Man, I hate having to wait so long for my distro to update!". The other then asks the man "What distro is that?". "Gentoo" he replies. The other advocate chuckles "At least your distro wasn't last released 3 years ago".
Since we're in the business of reporting the obvious....
FreeBSD maintains the same kind of stability WITH a more current release schedule.
FreeBSD doesn't have packages for most of things and for a few platforms. Compare that with releasing 12000 packages (14 CDs, IIRC?) for 10-12 architectures. Is not that FreeBSD sucks, they work great, but is not fair to compare two things that are not really the same. And BTW, the 4.X -> 5.3 step has not been exactly "fun".
(and don't come saying "this is the proof that ports > packages. Time has showed everybody that packages are valuable, I don't want to start recompiling libc or X.org because of a critical security bug when I have a spike load, ok?)
Alright, I'm just kidding here based on distroWatch.com definition ;-)c e upon a time Debian was the most respected and popular Linux distro. I still love it but its popularity has dwindled under the onslaught of new distributions. Who would have thought...
c tion=popularit y
" (i.e haven't released a new version in over 2 years and their web sites don't give indication of work in progress)."
http://distrowatch.com/stats.php
On
By the way, the popularity stats are very informative:
http://distrowatch.com/stats.php?se
Fedora is going down - despite Red Hat's reanimation procedures, Debian too, while Ubuntu and CentOS are going up...
By default Portage does not update dependencies unless necessary (as specified by the dependent ebuild), emerge is run with -D/--deep, or (IIRC) the old version has been removed from the Portage tree and is no longer supported. Packages can be forced with -O/--nodeps and pinned with /etc/portage/package.mask; as I'm sure you discovered, changes made to /usr/portage/ are obliterated during the next sync. With the exception of /etc/portage/package.mask, which was added early last year, it's been this way since early days. I'm trying to figure out a time when this stuff wasn't documented, wouldn't have been answered in five minutes on the forums or mailing lists, and yet was recent enough that you could expect your experience to be relevant, but I can't come up with anything.
This issue affects other operating systems, not just Debian. It will be disclosed according to the schedule agreed upon with the other vendors; I'm not going to disclose it early just to spite Debian.
It would be nice, however, if the Debian security team were aware of this issue before the disclosure date rather than after.
Tarsnap: Online backups for the truly paranoid
I think geeks release quite often...
Especially when watching Debian Does Dallas...
The current debian release process worked at one time. PResently however a release is much larger as it encompases about every concievable piece of software you might wish to install. That's a tall order. I think perhaps the Gentoo system, which I now use exclusivly, might have the best idea. Distribute a base system. Allow the user to include/exclude and upgrade whatever they want as they move along. Their call. I have emerged items (download and compile) and then reverted them just as quickly if I found an issue. I think that is the only way given the huge amount of software available and the possible library interactions. I think Debian biting off a lot. I respect them greatly for trying however.
of apple releasing a two button mouse!
http://hughgordon.com/
I have plenty of sarge and sid debs installed on ubuntu hoary - and I even use mariliat when I apt-get upgrade and to grab certain non free pacakges I want. No problems whatsoever.
Wu-Tang Name: Half-Cut Skeleton Get your own Wu-Na
I for one, would be happy with sarge releasing with a 2.4.x kernel only, apache 1.3.x and KDE 3.1.x if it happened today. Maybe they try to release too up-to-date software?
I'd be interested in trying this. Did you just change your respositories in Ubuntu to reflect Debian sid? Was it really that easy or did you have other problems?
Honestly, who uses stable as a desktop system? I use it on a server and it is PERFECT for that role. It has virtually no package updates because it is rock solid already and it's easy to get security updates.
I have used debian unstable on my desktop but i switched to gentoo because unstable was just that - too unstable.
IMO debian unstable is updated regularly enough, its just sometimes some of the packages are flaky. They need to work on a way of putting the packages going into unstable under a little more scrutiny.
Debian, Rules Servers. Ubuntu, Rules Desktop.
No i'm not talking about the spoilers and alloy wheels.
Seriously Gentoo has x86(stable) & ~x86(testing) and there equivalents for each platform, and different packages are considered stable or not on a per platform basis.
SUrely something like this for debian, with prehaps core architectures being released together (eg x86, ppc & Alpha).
Also how about Stable, Release and Testing/unstable as better names.
Testing & unstable all sound like they are broken, when infact testing usually isn't.
OHH! But Debian stable is "STABLE." It's rock solid. Why would you need anything else? I mean, come on, you want stable, right?
I used to be into Debian, until I realized that stable also meant featureless.. and that they would continually be behind on the Stable release. I'm sorry, but I can't use old versions of software , even on the server side, when newer versions are more optimized for what I'm doing.
When considering optimizing software, the first thing you should do is get metrics, use a profiler, find out exactly what's slow, and what needs to be fast.
It seems to me that before *optimising* the Debian release strategy, either by removing architectures and/or shortening the release cycle, one should consider the metrics:
* How many servers/workstations use stable, testing and unstable (and for what reasons).
* How many users of each architecture are there? (and for each of stable/testing/unstable)
With this information, the Debian crew can make informed decisions on where their focus should be, what needs to be fixed, and who for. We might find, for example, that Debian stable (as it stands) is used quite heavily, and to keep good support for it (call it "really-stable" or something). We might also find that the majority of Sid users are on x86/PPC/AMD64 and to scrap support for other architectures in Sid.
Who can say until we have the metrics.
The solution is to base your releases off of a SUB-SET of Debian. As Ubuntu does with Gnome. As UserLinux was supposed to be based upon Gnome.
Rather than delaying while some package you won't even be including waits for its maintainer to fix it, you should be shipping your release.
Remember, one of the key aspects of UserLinux was that it would NOT ship with two dozen text editors, one dozen image viewers, etc.
Look at the packages, not whether Sarge is released or not.
I had a small problem, but if I remember correctly it was something like evolution and evolution-server were in a funky state in sid, I think I solved the problem by uninstalling evolution and then installing gnome which reinstalled evolution.
I might not have had to do that if I had used apt-get dist-upgrade instead of apt-get upgrade.
But I'm not sure, I do remember that the whole proces was about two hours, including download time (dsl at 1.5k download in the United States).
Work bio at MMWD
What "support" means will vary with different vendors.
The local shop might "support" Red Hat because one of their techs uses it and likes it and has a book on it.
Oracle might "support" Red Hat because they have a formal contract with Red Hat and technicians on both sides who work to duplicate and resolve issues.
The local shop would be able to recommend NIC's and sound cards and such and be able to configure them and help you get your CD-burner working. But they wouldn't be writing code to provide you with new features in that app.
Oracle would be able to find the error in the code that caused your database to hog memory under certain circumstances and get the patch to Red Hat to be included in the next patch. But they wouldn't be helping you rip CD's.
All UserLinux was supposed to do was to pick the "best" (by Bruce's criteria) app in each category and focus development/support on those in order to provide a Free platform for users and businesses to port their software to in a business-friendly fashion.
The problem is that Bruce lost focus and is, instead, waiting on Debian to move Sarge to "stable". Debian supports almost every hardware platform out there and hundreds of apps. The problems slowing down Debian should NOT be affecting UserLinux.
Although unless you could post a subject, or the mail account you mailed from it'd be hard to tell.
There are literally hundreds of messages going to the security@debian.org alias - and vendor sec also gets a lot of spam. This is one reason why sometimes I've lost things.
Of course that's likely not to be what's happened to yours, maybe it just got queued up behind all the other things that we're working on.
Does that help?
Feel free to ping me with another copy if you like.. Actually forget I said that, I've just found your mail and I've personally not responded because of the lack of details - we already publish our private keys on our webpage so asking for them again is extra work when we've got lots to do.
Vendor-sec / Debian can do lots of things your particular case you might think of a more appropriate person to pass it onto - obviously I don't wanna give details here.. Grr.
Have you noticed how people have started saying Apple has great hardware? I was going to put Debian on my iBook this weekend, but this thread has coldcocked that idea. A shame too because the PPC iso's downloaded, checksummed and burned perfectly. But I need a real desktop, I need OpenOffice.org and I need a Linux bootable from (and installable to) my Firewire drives (not my IDE internal drive). Maybe my path to Nirvana is to stop applying OS X updates and wait for the corporate open source money oozers (COSMO) to fund a rational distro. The last time I looked (admittedly it's bit awhile), even YDL was recognizing my trackpad, but wishing it would go away.
``Tension, apprehension & dissension have begun!'' - Duffy Wyg&, in Alfred Bester's _The Demolished Man_
From someone who's been running debian on his box for about 2 years now, and every day hating it more and more....
If you don't have your apt-get set to automatically update you to everything in 'unstable' and 'experimental', your system is automatically unusably out of date.
At least for a personal box.
Debian stable should be used for servers.
Debian shouldn't be used for anything else.
"Champagne for my real friends - and real pain for my sham friends!" http://ericblade.postalboard.com/
We don't need the newest KDE or Gnome, but newer versions of PHP, Perl, Postgresql, and Samba would be nice. A new 2.4 kernel would be nice too.
It would be less work for us to move to a new stable Debian every 12 months then to deploy servers that are a hodge podge of Debian Woody and backports, or Debian/testing.
> I can see the need for keeping ahead of security bugs, but to change for change's sake is just silly.
Of course it is. But when it comes time that you have to upgrade a particular major system, and you find that dozens of packages from the rest of your system have to be dragged kicking and screaming with it, it's nice to know that the transition won't be so abrupt and brutal that it breaks god knows what because the packages from today don't integrate with what's left from 3, going on 4 years ago. Source distributions have less problems with this, but they're not immune either. Debian does an incredible job at keeping the migration path smooth, but the longer they wait, the worse it's going to be.
I am no longer wasting my time with slashdot
It's been three weeks since your contact with vendor-sec and nothing's happened. You fulfilled your ethical obligation to the vendors, now it's time to fulfill it to the users: it's full-disclosure time.
I read down, and the debian guy says there was a lack of details, but they didn't even fire off a $MOREDETAIL boilerplate response. Maybe the community will be good enough to fill in the details then...
I am responsible for a medium sized network (12 companies, 50% of them in remote locations, about 300 workstations), and we use debian woody for everything network related. I am actually very happy with the release cycle because it lets me keep the TCO down. How? The time i have to prepare the next generation production environment is much longer, therefore i can prepare it without having to hire more people. The same people that manage the production environment are building the next generation using sarge so they are getting hands-on training simultaneously. Anyway, if there is a latest-greatest software that we *need* and can't wait till the next production environment cycle we can always build it from source.
The point is, i believe the release cycle is excelent for my servers. On my desktop i use either sarge (work desktop) or ubuntu (work laptop and home desktop).
P.S. forgive my english, it is not my 1st language.
Go with Server and Client releases. Server would be updated less frequently, trying to go in sync with major server software releases (Apache, PostgreSQL, etc.). Client version could be released more often... and it should probably be sub-forked further into Gnome/D and KDE/D projects releasing themselves in sync with Gnome and KDE releases.
On what basis do you base your statement?
For an absolute newbie migrating from Windows, Mepis is a very good choice. Knoppix is also a good choice but Mepis is a bit better for the newbie category.
The problem with Mepis is as soon as you change a source in your sources list, as soon as you decide not to use the Mepis "user utilities" or other Mepis specific scripts or administrative tools, then the first question is, why did you do that, and statement to follow is, its not Mepis anymore, you are on your own. After that, try getting help in debian-user channel on irc if they find out that you are running Mepis and not debian proper.
Why deviate from the Mepis specific admin utilities? Why should one have to answer that question? I'll do it anyway. Mepis loads kde's version of APT-Synaptic. Some months ago, I ran into a bug that was traced to kde's apt-synaptic (can't remember what they call it right now. I tried googling for the error but came up empty handed. Someone helped me out and we traced the problem to specific lines in the kde app which must have been fixed by now because it was reporting specific line numbers in the error. Suffice it to say that no package updates would work because of the error. Installing synaptic and related apt applications fixed the problem. Some other changes were necessary in the sources list to keep my system working. One of the warnings in Mepis is if you change the sources list without using the Mepis specific utilities, the changes will be overwritten with the defaults the next time you start the Mepis utilities. So as soon as you start to deviate, you basically are on your own. As has been made clear in the message boards and in irc. Mepis irc channels are a little more subtle, you basically get question after question as to why you deviated from Mepis proper, and how can you expect to get help after doing that. Not to knock this answer, because it is coming from other users who love Mepis and are very helpful to newbies, but aren't experts beyond Mepis so can't help beyond Mepis. The help received is absolutely appreciated, and I'll continue to recommend Mepis to Linux newbies migrating from Windows, but because of the problems encountered when you change something to more closely track Debian on which Mepis is based, I can't recommend it for business users or for those that know they will make some changes to more closely follow debian at some later date and don't want to lose all support that Linux normally provides.
If you get the 3rd degree while asking for help or can't get help from the Mepis channels, and have to hide the fact that you are running Mepis while trying to get help in debian-user, what good is the distro, except to a newbie who wouldn't make any changes to a distro based on a different distro where tens of thousands of packages are available? Are Red Hat users denied help if they use Red Carpet instead? Are Suse users denied help if they use apt or synaptic instead of yast for updates? Or some other app for something administrative instead of yast?
Mepis may rock for newbies. For everyone else, it's a big Linux world out there.
Or try MEPIS, my current favorite distribution.
It's basically Debian Unstable, plus a kernel pre-configured so everything just works (e.g. Centrino wireless), plus better hardware detection, plus Mozilla with all the usual plugins.
All on a bootable KNOPPIX-like CD, so you can see if it'll work with your hardware before going ahead with the install.
GCHQ Quantum Insert installed. If only our tongues were made of glass, how much more careful we would be when we speak
None. Nada. Zilch. I was hardcore Redhat since pre RH3 (before that I was a Slackware zealot). Once they released the new installer for Debian I decided to give it a run. HOLY CRAP, what an amazing OS. Rock solid. All the packages "just work" with one another 99% of the time. Pretty amazing OS, if you haven't tried Sarge with the new installer you are really missing out.
As far as the desktop, after trying FC4t1 and noticing practically zero actual technological advancement I decided to try out Ubuntu. Nice desktop OS. Once 5 is out with xorg as the default xserver I'm switching my workstations at work over to it from Fedora.
Testing is actually the Debian distribution you probably really want to be running if you have an 80386-type machine.
For servers, I would disagree. Instead, you want to use pinning to run a mostly stable system, with the specific server packages of interest pulled in from testing. For example, say you want to set up a webserver running Apache 2.x instead of Apache 1.3. Then you simply pull in the apache2 package from testing. All dependencies will be met from testing as well, so a small portion of your system will end up being from testing. But most of your system will be rock solid from stable. You can still run apt-get dist-upgrade periodically without too much concern. For more info, just search google on "apt pinning".
> I've e-mailed debian-security-private directly
From the FAQ - the proper place to send it is to security@debian.org
You are agreeing with me in a way. I DID say make it easy for this *everyone* guy to have a distro. Look at distrowatch, every-freekin-day there's some new "distros" being "developed" based on Debian, because people want their "own" version of computing reality, but then they all need "community support" and "paypal" contributions. It's the same dang wheel is being reinvented constantly, and there's no absolute need for that if it was taken to the next logical step. So I am saying just admit that this is apparently what a lot of people want, and rethink how it's done, just make it wicked mucho easier simpler to "roll your own" for anyone who wants that. Joe Blow wants mostly every game in existence and runs the newest heavy video stuff, swell, mash a few choice buttons, he downloads or gets shipped 8exactly that*. suzy schmoo wants a ton of biz apps and it has to be uber secure and have all sorts of encryption and whatnot, poof, she got it. ma and Pa six pack want an educational deal for the kids and some light gaming and casual web surfing, poof, they enter the fields, make their choices and it gets spit out, exactly what they want, no more, no less. That's something no one else is doing, not any of the big guys making money at it that I mentioned. It could be the way to make this Linux OS thing really take off on the consumer desktop. And if debian don't want to do it, there's maybe some other folks who could see the potential here. I bet quite a few (million) people would be willing to pop ten or 20 bucks for an OS they KNEW 100% in advance would be exactly what they wanted, would work flawlessly right out of the box, and would be guaranteed to work on the hardware they got, without having a ton of kruft in the install they got absolutely no need or desire for. Just a biz and developer model of doing this I haven't seen really discussed yet, like I said "something different".
My parent post got moderated insightful, funny and flamebait - it probably deserved the second two more than the first :)
Debian Users: No Shit!
Packages within Debian are compatable, but not always drop-in replacements.
Some packages are split into smaller packages with the next version. You could have package X 2.6, which includes a lot of stuff, and then in version 3.0, X gets split into X-doc 3.0, libX 3.0, and X 3.0. Obviously, you can't use X 3.0 from testing and put it into stable, because it relies on libX 3.0, which is not in stable. You'd need to copy over libX 3.0 and X 3.0.
If package Y 4.5 depends on package Z 4.5, again you'd need the same thing. You'd have to copy all the dependent packages down. And hope they work. Or look for a backport.
I recently installed Debian Stable on a server with an Intel e1000 NIC in it. The kernel in the stable install didn't include support for my kernel. So I had to grab about 10 packages from testing, including a later kernel and all of it's dependent packages, before I could get networking support.
Don't ping my cheese with your bandwidth!