Slashdot Mirror
Branden Robinson Lays Down the Law at Debian
darthcamaro writes "Newly elected Debian Project Leader Branden Robinson posted his first report as DPL. From the looks of it, Debian is flat broke, with only $40,000 or so in cash on hand. In an interview on internetnews.com, though, Robinson talks about whether Debian should even hold onto any money at all. Holding onto cash is also likely not what those who donate to the Debian Project expect either, according to Robinson. "People who donate us money ... seem to expect us to put the money to work for us in the near-term, not towards establishing an endowment,' he said."
It's not. Debian has very little need for money. Hardware? Donated. Bandwidth? Donated. Staff? Volunteer, or in a few cases salaried by companies with an interest in Debian. Conferences? Sponsored by those same companies. I'm sure there are things the Project could do with a huge budget, but all in all there are a lot more needy nonprofits out there.
"How can you claim that you are anti-crack, while still writing a window manager?" — Metacity README
"I may not have morals, but I have standards."
What? You're referring to "DPL" for Debian Project Leader? Dude, we've all called the DPL the DPL as long as there has been one.
"How can you claim that you are anti-crack, while still writing a window manager?" — Metacity README
The two relevent pages I can find at debian.org are this one listing companies that have donated hardware, bandwidth, etc., and this page saying that they recommend giving to Software in the Public Interest and the Free Software Foundation
The submitter seems to be a little breathless.
/. article body), I am currently surveying the developers to establish the details of what other organizations are holding monies for the Project. My report triggered a flurry of replies within hours. There are assets in Brazil, the U.K., Germany, Italy, and France, at least. Generally speaking, because it's a good idea and because regulations typically make it difficult for large amounts of currency to leave a country, Debian keeps its money close to where it's needed. Debian is a global organization; we have hardware, developers, and conferences all over the world.
/. article body. But why don't I just go ahead and quote from the IRC interview, which I still have in scrollback:
:)
Here are a few facts:
1) Software in the Public Interest, Inc. (SPI), has held roughly the same amount of money (USD 40,000) in trust for Debian since as far back as the middle of the year 2001 (when I became SPI Treasurer and began receiving the monthly and quarterly statements from the financial institutions where that money is kept). It is therefore difficult to conclude any more of a cash crisis for Debian now than there was four years ago.
2) SPI is not the only organization that holds assets in trust for Debian. As noted in my first DPL report (linked from the
3) People should read the internetnews.com article, also linked from the
12:43 INTERVIEWER: In your Debian Project Leader report for 2005-04-24, you provide status on the state of Debian's assets. On the surface it doesn't look like debian has "much" in the way of cash assets now - is that a problem for Debian? If so, how will you try and "fix" the problem?
12:44 ME: can you clarify the question? "much" relative to what?
12:45 INTERVIEWER: by "much" i'm refering to the fact that commercial distros (Red Hat etc) have xx millions in the bank - so in comparison it doesn't look (to a layperson) like Debian has "much" in terms of cash assets
12:45 INTERVIEWER: does that help?
12:45 ME: ah, compared to a commercial interest.
12:45 ME: yes, it does help.
12:47 ME: Because Debian is a non-commercial, not-for-profit entity which derives most of its value from the donated labor of hundreds of individuals, I think it stands to reason that our books wouldn't look like those of a publicly-traded, incorporated body which has labor and capital expenditures.
12:48 ME: I think there are several reasons Debian doesn't have much in the way of cash assets relative to a for-profit Free Software company, though.
12:49 ME: 1) Debian has no source revenue apart from fund-raising, which to date has been regularly undertaken at trade shows, to those who happen to pass by our booth.
12:49 ME: s/source/& of/
12:50 ME: 2) Debian tends to spend its cash assets, at least in the United States, approximately as fast as they come in.
12:51 ME: 3) There have been conflicting ideas among Debian developers in the past over whether Debian *should* attempt to accumulate a war chest of cash reserves.
12:51 ME: An argument in favor of that is that we should do so in the event we, or one of our developers, is sued for doing something we consider legitimate, like offering freely-modifiable software gratis to the world.
12:51 ME: s/is sued/are sued/
[the interviewer moved on, but we came back to this subject at the end of the interview]
13:03 ME: okay. Reasons *not* to build up a war chest...
13:04 ME: Two arguments against building up a "war chest" are 1) actually having a large quanitity of liquid assets is felt to make us a more inviting target for lawsuits, because there is the possibility of damages on top of injunctions;
13:05 ME: 2) People who donate us money, by and large, seem to expect us to put the money to work for us in the near term, not towards establishing an endowment.
13:05 ME: In my years on the SPI Board and as
Address-collecting spam robots don't know how to crack ROT13. Do you?
$210K profit. They made $4.1mil.
Used to be, when the people I knew who knew what they were talking about talked about linux, they probably were talking about Debian GNU/Linux.
Things are changing. More and more smart folks I know are frustrated. Most Open source projects are using a "release early and release often" mentality that is a stark contrast to Debian's recent "don't release at all" policy.
Yes, there is always unstable for those that want the latest(ish) versions of things. That's really not the point, as I see it. People are frustrated with the lack of movement, the apparent lack of progress towards getting any new features into stable, even if they arentt the very latest. I think at some point, many people just like to feel like their system is getting new software even if they don't use any new features at all.
Maybe the negative stuff I read on /. and here tossed around between friends is not accurate. Things might not really be as stagnate as they seem from a common user's prespective. But that Debian has gone from a Good Thing to a bit of a joke amongst the sys admins I respect makes me concerned about it's future.
There are some distro's out there that are attempting to fill the void that debian has created, and some are starting to do a good job of it. A world where a debian based distro replaces a bulk of the debian based users is not hard to imagine right now. What happens to debian then? And what happens to a debian based distro when debian doesn't have users?
It could work out great for almost everyone except the actual debian project. i think everyone in a position of influence there needs to compare the costs of addressing the current perception one way or another to the cost of bascially becoming irrelevant.
I hope I am still enjoying doing my work with debian systems many years from now, but I am starting to wonder if I won't be working on some (probably debian based) alternative instead.
well thats my rant, please forgive any spelling mistakes or generally stupid things I might have said. I'm not one of the smart ones.
-Lod
There you go, your done, the waitings over..
Don't you fell better now ? .. Seriously, what's the deal with this Sarge release hysteria ? It's out there, I use it, it works, it seems pretty stable to me (in my case more than Ubuntu warty was)
waiting for ad.doubleclick.net
See following pages for donation info for Debian:
http://www.debian.org/donations
This tells us basically to go to:
http://www.spi-inc.org/donations
Here you find link to donate money. Please note you should designate your money to "Debian" to ensure it is used only for Debian. Otherwise, money will be spread over all the projects supported by SPI, I think.
Osamu
Only if you know where you can earn a steady 20% interest (let alone after taxes and adjusting for inflation.)
There's a small problem with that...
Since the "stable" was released, a lot of apps included in it have been released in newer "stable" versions with numerous bugfixes - so instead of getting pre-alpha quality package from "Stable" (which was included because it was the only thing that was there at that time) I force upgrade to "1.0 stable" version from the "unstable" tree, because it's a year old and proven to be stable, as opposed to 5 years old, pre-alpha. Recently installed Dosemu from the stable tree, for some important work that could be done only with certain ancient DOS application. It kept crashing. Unstable Dosemu worked like a charm - bug fixed.
Because of this ages-long release cycle, there's NO REASON TO USE STABLE at all. Because it still has bugs that have been fixed years ago in other releases, making it LESS stable than most newer "unstable" distros.
Anagram("United States of America") == "Dine out, taste a Mac, fries"
Debian stable is not bad.
In my opinion I prefer Debian for systems that I have to support myself, and Redhat for systems that need third party support for whatever reasons.
The nice thing about Debian is that you generally know that everything 'just works' by default. There is a lot of setup, but it's pretty rare that you have to monkey around with stuff like applying patches and recompiling software or writing your own init scripts.
And if you do run into problems then it's not long before you get a update. And even if a update breaks something then you usually have quite a few versions of the same package to choose from so you can just keep the last known 'good' one.
The down side is that you have to know what your doing. There is no slick GUI stuff to help you out or nice default settings for this type or that type of server. But it's worth it when you get it working.
This is a setup that I've been playing around with to learn how to do stuff. A sort of 'tour-de-force' of free software to push myself a bit.
Debian 'Sid' experimental server:
Kernel 2.6.8, default Debian kernel.
3 disks, 2 on a SATA to PCI adapter, 1 on the onboard PATA controller. They are setup in a RAID 5 array (Linux software RAID) for a total of 223.57 gigabytes of disk storage space.
On that I have a single LVM VG on that RAID 5 array with several LV's.
With that I created my own 'local' top-level-domain with bind.. which I use to build a network domain consisting of a Kerberos realm working in conjunction with OpenLDAP (TLS encrypted via OpenSSL and commincating to Kerberos via Cyrus SASL using the GSSAPI framework) for network authentication and user/resources management.(Libnss_ldap provides for universal UID, GUID mapping and other type things.)
With that I can use secure authentication with kerberos and acheive the Single Sign On solution so that my users can access all the network services by logging in and obtaining tickets.. OpenAFS distributed network filing system for home folders provided via autofs, password-less OpenSSH for secure file transfer thru scp and sftp and secure remote access via ssh, Email (haven't decided that yet), and I am going to see about using CUPS for remote printers and SANED for remote scanners.
Also with the OpenAFS-based home directories this will create the 'roaming profile' effect so that end users will have identical enviroments and GUI setup irregardless of what paticular machine they happen to be using at the moment.
Well, just keep in mind that it's experimental for __me__. So I don't mind using SID.
Otherwise the OpenAFS, Kerberos, OpenLDAP, et al are VERY mature and stable solutions and fairly cross-platform. So it should work fine with my OS X laptop and any other OS that I'd happen to play around with... Solaris maybe, or many different Linux and *BSD variants.
Also in addition to SAMBA I should be able to integrate Windows nicely into it with some work. Although OpenAFS should work with Windows, I just don't know how well.
Keep in mind that this is free software-based domain stuff. VERY flexible.
Other commercial setups are Active Directory (easy compared to setting up this mess, but it's very limited in scope), Novell's eDirectory stuff (NDS). As well as IBM, Sun, and that Netscape stuff that Redhat bought a while back.
I won't attempt to justify having such a graphic on the official X Strike Force page; that was rather over-the-top. However, in that particular case, it was in response to being asked *many times per day* when the next release of X would be packaged for Debian. Furthermore, that graphic has been removed, and Branden has often mentioned that is making a conscious effort to refrain from flaming even in the most trying situations. He also developed a number of "stock answer" files, for ease of dealing with standard issues like duplicate bugs, insufficient information ("X is broken"), and requests for when the next version will be available.
Correct.
"Stable" means that if it works now, it will work later. Once you have it running you can fetch security updates that are carefully backported to ensure compatibility. You can automatically update to the latest packages overnight without having your mailserver or database server crash because "oh shit! the configuration file changed AGAIN" (happened to me, postgres 6.x->7.x added an extra column to the access control file, didnt mention that in the changelog so mine was missing a column, and I spent over an hour trying to figure out why the server was segfaulting without any kind of error message when I tried to connect to it.)
If you're using something like dosemu, its highly unlikely that you need this kind of low-maintenance assurance from your distribution, and you probably could live on testing or unstable.
When I pushed this organization onto Debian (from redhat), STABLE had current, up to date packages on it. Not bleeding edge, but current. If it could somehow magically be "stable" and have current packages on it 3 years ago, don't you think it's logical that it could do the same today?
Do you honestly think STABLE is supposed to have 3 year old packages in it? This is the oldest, most out of date STABLE we've ever had.
It's not old because "that's how you keep it stable"
It's old because of an organizational inability to get testing stable... due to the number of platforms supported, the bulk of software involved, etc.
STABLE in the Debian sense doesn't mean "it won't crash".. it means the package dependencies are stable; that you won't find missing packages. and that's ALL it means.
This is the internet age.. we need up to date software.
I can tell you, running any of our corporate servers on debian now necessitates us using packages form testing and even from unstable, or we build them from source. And if we have to do that, we've lost the benefit we had of using debian in the first place.
I'm seriously contemplating just switching to FreeBSD for this reason, at least it's consistant.
Umm, not flaming you as such, but this needs to be up here, lest everybody think that Debian in general and Branden in particular are a bunch of assholes.
That graphic went up during a time when X was in flux, there had been a major upstream release, and Branden was trying really, really hard to provide a consistent, stable set of packages for X across all the umpteen platforms that Debian officially supports. This is a very, very hard thing to do. And while Branden was trying to do all this, there were the legions of i386 n00bs jumping up and down, moaning complaining, and not contributing, asking "Hey, when are you going to give me my updated X packages??!?!!!one"
Branden at some point got sick of it, and simply told people what they deperately needed to hear: HAANCOSTFU.