Conclusion: Debian for the daring, Lindows & Libranet for learners.
Oh, and keep an eye open for PGI-enabled woody-CDs. PGI is the Progeny Graphical Installer and just rocks. It hit version 1.0 this week, so prepare for an announcement that ISOs are available.
Thanks Progeny (and Branden of XFree86-Maintainership fame in particular) for this piece of software. It's just a shame that PGI and the new debian-installer are too different to have much synergy effects.
I'd love to run this on the computers at the uni. They are WinNT-boxes with some 'delete all changes after reboot'-magic. Now I'm used to run putty.exe to access my linux notebook at home, as it doesn't need to be installed or the registry even.
Can I just install XFree im my home-dir and run it from there(that would rock) or does the admin has to install it?(that would not happen anytime soon)
Uhm, the Debian Free Software Guidelines are Debian's definition of Free Software. And incidently, they were the blueprint for the Open Source Definition. Not really surprising if you consider that Bruce Perens was heavily involved in both of them.
Now let's look at Debian: install must be manually performed for each workstation/server and an extra setup tax is imposed to get it working with a journalled filesystem (to beat a dead horse). Therefore Debian doesn't support journalled filesystems. Linux supports them and Debian tags along for the ride.
Debian has autoinstall from Progeny and fai (fully automatic installation). Just because we don't sell these from the webpage doesn't mean they don't exist. OTOH, if you really needed this, you would have easily found them, now wouldn't you?
Oh, and debconf can run from a database as a backend. There is a LDAP thing in work, which lets you even store machine details.
He did a _lot_ of work for Debian QA. He did maintain more packages than most (or perhaps any) other developers and was one of the No.1 Bug fixers. This guy here is just a troll.
Then please note that woody is not secure at all. While security fixed for potato are prepared by the Debian Security Team and fixes for unstable are done by their maintainers, these fixes always need some time to propagate to woody. If RC bugs or conflicts are found, it might take a long time before a security fix enters woody.
Policy has nothing to do with RPM/DEB. Is has everything to do with the *effort* maintainers put in creating and managing packages. I've come accross several upstream programs where upstream already included a debian/ directory to build DEBs. Sometimes their good, sometimes their bad, but they almost always need some sort of tweaking.
If KDE released some LSB-compliant packages, Debian would still repackage them to comply with Debian policy. I don't get your problem with this. Having only one repository for _all_ distributions would be rather difficult WRT bug fixing and releasing, no? So I guess every distribution will continue to provide its set of packages and I don't know why you think its bad for Debian to provide their packages in.deb format. Please note that Debian and therefore DEB is older than Redhat or SuSE, AFAIK.
In theory, RC bugs don't even appear in testing, they get sifted out by the time the package sits in unstable. If RC bugs are found against packages in testing, this could mean that this package will be dropped. Be sure that all favourite packages will be in woody. Every maintainer should look after his own RC bugs anyway. If one of the packages you use has RC bugs, you could still try to solve them yourself and send a patch to the BTS. Somebody might pick it up and do a NMU if the maintainer is not responsive.
So how well does alien work, and would you use it to install some, or even most software on your system?
Most of the important Open Source Software is already in Debian. If you miss anything, file a RFP(Request for Packaging) bug against wnpp.
The big commercial Packages _are_ mostly self-contained AFAICT. I don't use alien that often, but you manage to install stuff properly most of the time I guess.
Theoretically, the KDE people (for example) should only have to release one set of packages per OS
I could argue that different Linux Distributions are different OSes, but the real point here is: It's the work of the Distribution to package stuff, not upstream's! If official KDE RPM packages don't work on SuSE, tough luck, I guess they have enough resources to tune and build them theirselves.
I've noticed that most of the comments both in the article and others complaining about the 2.4.x kernels and various stability problems are running [...] and even Debian Distros.
Please note that the released version of Debian (2.2r5) ships with a 2.2 kernel exclusively. A 2.4 Kernel for Debian-2.2r5 is maintained by A. Bunk along with the required packages to run it.
Only the next release of Debian will feature a linux-2.4, still along with 2.2 (And 2.2 will be used by the installation routine).
Conspicuously missing from the list of updates is glibc
There is no Debian Security Announcement for glibc out yet, i.e., not all architectures (Debian supports several...) have been rebuilt. This question was asked before and Joey said it'll have to wait for 2.2r6, sorry.
(Of course, you can update your potato box as soon as the advisory is out and packages are uploaded with apt-get upgrade, if you have security in your sources.list)
Debian is a great distro, don't get me wrong, but they need to stop screwing around with Potato and get Woody released.
chill. Most Debian Developers are working for woody, alright? It's just that some of us do release security updates, if you don't mind. And then _one_ person (joey) does point-releases by getting all the security stuff and critical bugfixes together. No big deal. No Debian Developer is working on stable packages apart from security updates, OK?
Here is an example. I am not a KDE advocate or anything but I noticed that all versions of KDE is still listed as "testing" or "unstable"
That might be because QT was not released under the GPL before the release of potato, hmm?. And no, we won't let something as big as KDE into stable. The biggest thing that went in was Mozilla-M18 (the original version in potato was Mozilla-M12 or something, go figure)
October GNOME was not all that stable, and KDE 2.2.2 is one of the most stable desktops out there.
Of course, but october GNOME was all that was there by the time of the release. AFAIK, there are unofficial KDE-packages for potato available on the web, but if you want to run KDE, then you're better off with woody or sid anyway. I hope your concerns are adressed by now. We know that we release too infrequently, we got the stuff in place to do this more often by now, so hope for the future, sorry. This point release is necessary for everybody who needs to install _rock-solid_ software without security issues, not for the latest whistles. Besides, this is probably not worth mentioning on./ anyway.
I also find it disturbing that the author gave us no room for comment in his article, nor did i see anything to suggest he had even asked us about these so called "problems". We would have been happy to answer any questions he had.
Well, it's clear from the C't review that the author did try to point him to the problems:
When a group of developers- more than ever one active in the spirit of GPL-want to successfully distribute a good product, they are usually interested in feedback, in order to improve their product. My concrete indications of security problems within SmoothWall found sheer disinterest with Richard Morrell, developer and project initiator. "That doesn't matter" was about the politest of all comments comment. Trust in the developer's competence and integrity is a basic pre-requisite for the usage of security relevant software. Morell has thoroughly destroyed mine.
Apparently, they did not know he was from a magazine. But then, this shows a rather sad attitude towards normal users, no?
Rumours go it is still kIllustrator, which is no called "Krayon"
While it is true that it's about Krayon, Killustrator is now called Kontour. Krayon is abandoned upstream, most possibly because of the superiority of Killustrator/Kontour.
Incidently, as the article says, Krayon is not even included in SuSE 7.3, apart from a KDE-Menu entry. Krayon is unmaintained upstream and so not longer part of Koffice.
The article finishes with the question whether Distributors will have to scan their packages for possible namespace clashes and in doing so, might abandon a loarge portion of free software that's not cleared.
In a land where you can get sued for using the colour Magenta anything can happen, I guess.
My approach to making a package format is running 'ldd' on every executable and then recording the dependencies, within the package
Ever wondered how Debian packages got their dependencies?
Every library package has a shlibs file, which states the names and the SO-names od the libraries it contains. When building a package, every binary _is_ actually checked with ldd, and the output compared to the shlibs files to see which package provides the library. This information is then substituted into the $shlib:depends variable in debian/control and you get the Depends: line plus additional dependencies added by the maintainer.
There are also ReiserFS boot disks available now that will let you get up and running with a great journalling filesystem from scratch, with the selection of one simple option.
The interview mentiones that there are even EXT3-disks available now.
Slashdot Mirror
Check out any recent post from Branden Robinson on debian-devel, most of them cover this, this one for example.
Michael
Oh, and keep an eye open for PGI-enabled woody-CDs. PGI is the Progeny Graphical Installer and just rocks. It hit version 1.0 this week, so prepare for an announcement that ISOs are available.
Thanks Progeny (and Branden of XFree86-Maintainership fame in particular) for this piece of software. It's just a shame that PGI and the new debian-installer are too different to have much synergy effects.
Michael
Uhm, because they install the new APIs along with it? Ever wondered why > 1000 registry keys are updated when installing Office?
Michael
Wrong. Only stable (and oldstable == potato) is supported by the debian security team at the moment.
If you care for security don't run testing.
Michael
Can I just install XFree im my home-dir and run it from there(that would rock) or does the admin has to install it?(that would not happen anytime soon)
Michael
You know that you have to adhere to the GNU Coding Standard (GCS) if you want to become an official GNU-project, do you? ;)
Michael
Wow, because SuSE invented Samba or is its current upstream or what? Sorry, I don't get this.
Michael
Michael
That's because Christian Marillat used to be the GNOME maintainer for years ;)
I'm not sure he's still around as a developer, though. Haven't heard/seen much of him this year.
Michael
Debian has autoinstall from Progeny and fai (fully automatic installation). Just because we don't sell these from the webpage doesn't mean they don't exist. OTOH, if you really needed this, you would have easily found them, now wouldn't you?
Oh, and debconf can run from a database as a backend. There is a LDAP thing in work, which lets you even store machine details.
Michael
He did a _lot_ of work for Debian QA. He did maintain more packages than most (or perhaps any) other developers and was one of the No.1 Bug fixers. This guy here is just a troll.
regards,
Michael
Michael
If KDE released some LSB-compliant packages, Debian would still repackage them to comply with Debian policy. I don't get your problem with this. Having only one repository for _all_ distributions would be rather difficult WRT bug fixing and releasing, no? So I guess every distribution will continue to provide its set of packages and I don't know why you think its bad for Debian to provide their packages in .deb format. Please note that Debian and therefore DEB is older than Redhat or SuSE, AFAIK.
Michael
Michael
Most of the important Open Source Software is already in Debian. If you miss anything, file a RFP(Request for Packaging) bug against wnpp.
The big commercial Packages _are_ mostly self-contained AFAICT. I don't use alien that often, but you manage to install stuff properly most of the time I guess.
Theoretically, the KDE people (for example) should only have to release one set of packages per OS
I could argue that different Linux Distributions are different OSes, but the real point here is: It's the work of the Distribution to package stuff, not upstream's! If official KDE RPM packages don't work on SuSE, tough luck, I guess they have enough resources to tune and build them theirselves.
Michael
Please note that the released version of Debian (2.2r5) ships with a 2.2 kernel exclusively. A 2.4 Kernel for Debian-2.2r5 is maintained by A. Bunk along with the required packages to run it.
Only the next release of Debian will feature a linux-2.4, still along with 2.2 (And 2.2 will be used by the installation routine).
Michael
There is no Debian Security Announcement for glibc out yet, i.e., not all architectures (Debian supports several...) have been rebuilt. This question was asked before and Joey said it'll have to wait for 2.2r6, sorry.
(Of course, you can update your potato box as soon as the advisory is out and packages are uploaded with apt-get upgrade, if you have security in your sources.list)
Michael
chill. Most Debian Developers are working for woody, alright? It's just that some of us do release security updates, if you don't mind. And then _one_ person (joey) does point-releases by getting all the security stuff and critical bugfixes together. No big deal. No Debian Developer is working on stable packages apart from security updates, OK?
Here is an example. I am not a KDE advocate or anything but I noticed that all versions of KDE is still listed as "testing" or "unstable"
That might be because QT was not released under the GPL before the release of potato, hmm?. And no, we won't let something as big as KDE into stable. The biggest thing that went in was Mozilla-M18 (the original version in potato was Mozilla-M12 or something, go figure)
October GNOME was not all that stable, and KDE 2.2.2 is one of the most stable desktops out there.
Of course, but october GNOME was all that was there by the time of the release. AFAIK, there are unofficial KDE-packages for potato available on the web, but if you want to run KDE, then you're better off with woody or sid anyway. I hope your concerns are adressed by now. We know that we release too infrequently, we got the stuff in place to do this more often by now, so hope for the future, sorry. This point release is necessary for everybody who needs to install _rock-solid_ software without security issues, not for the latest whistles. Besides, this is probably not worth mentioning on ./ anyway.
Michael
Thanks,
Michael
I also find it disturbing that the author gave us no room for comment in his article, nor did i see anything to suggest he had even asked us about these so called "problems". We would have been happy to answer any questions he had.
Well, it's clear from the C't review that the author did try to point him to the problems:
When a group of developers- more than ever one active in the spirit of GPL-want to successfully distribute a good product, they are usually interested in feedback, in order to improve their product. My concrete indications of security problems within SmoothWall found sheer disinterest with Richard Morrell, developer and project initiator. "That doesn't matter" was about the politest of all comments comment. Trust in the developer's competence and integrity is a basic pre-requisite for the usage of security relevant software. Morell has thoroughly destroyed mine.
Apparently, they did not know he was from a magazine. But then, this shows a rather sad attitude towards normal users, no?
Michael
While it is true that it's about Krayon, Killustrator is now called Kontour. Krayon is abandoned upstream, most possibly because of the superiority of Killustrator/Kontour.
Michael
Incidently, as the article says, Krayon is not even included in SuSE 7.3, apart from a KDE-Menu entry. Krayon is unmaintained upstream and so not longer part of Koffice.
The article finishes with the question whether Distributors will have to scan their packages for possible namespace clashes and in doing so, might abandon a loarge portion of free software that's not cleared.
In a land where you can get sued for using the colour Magenta anything can happen, I guess.
Michael
Ever wondered how Debian packages got their dependencies?
Every library package has a shlibs file, which states the names and the SO-names od the libraries it contains. When building a package, every binary _is_ actually checked with ldd, and the output compared to the shlibs files to see which package provides the library. This information is then substituted into the $shlib:depends variable in debian/control and you get the Depends: line plus additional dependencies added by the maintainer.
Michael
Good thing we dumped it in favor of aptitude then, huh? :)
And please make the CD bootable
They _are_ bootable generally.
Michael
The interview mentiones that there are even EXT3-disks available now.
Michael