Alien makes RPM packages available under APT. Can i use deb packages under RPM?
Yes, and alien is just the tool you need.:)
Check the man page for more information. By default, alien converts to.deb format (at least the Debian packaged version does - this might be a compile option), but it can also work the other way around and generate.rpm and.tgz files.
I have used Slackware for almost 4 years, and recently I moved to Debian.
Initially, I loved Slackware, because it didn't have any package manager sitting in my way. After a while, I even deleted the Slackware install scripts.
Adding new programs from source works OK, as long as you don't tweak the configuration options too much. Upgrading a package is another thing. Slackware has no support for that. (The recommended way of upgrading is to reinstall everything from scratch.) I resorted to compiling each of those packages (programs and libraries) myself. This takes some effort: you need to verify that the compiled package uses the same locations for all files as the original Slackware package.
All of this takes time. Lots of time. And each upgrade can break some other program. Which requires more time to fix it. (The easiest solution is to recompile the broken application against the new libraries. If that doesn't work, go check for a more recent version.)
After a while, there's a lot of old cruft on the system, and there's no way to find out what is still used. If a file changes location between versions (or you fail to specify a configure parameter), you're left with both on your hard disk. This requires manual intervention to see which is the correct version.
Finally, I switched. Due to all kinds of changes in my life, I didn't have the time to be a full-time administrator of my Linux box. Now, I can keep 2 boxes up to date with the latest bugfixes in about 15 minutes. And I can be reasonably sure everything will work.
Re:Hard to install and setup?
on
Future Of IDS
·
· Score: 1
They just closed down internet mail where I work now because of the virus. Ironically, the next message (after the announcement) I got came from an internal user, and had the virus in attachement.
(And if you think having no email is bad, just try to work on a web-based application when all the routers block traffic to port 80, and your test server is behind a firewall.)
I'm an IT consultant, making a living by developing applications for large companies. This is a totally different environment than the one described in this interview. My programs have one buyer, and typically run on a single machine.
I have been through a couple of code rewrites. In one project, we simply started from scratch. New database (Oracle 7 -> 8), new data model, new OS (UNIX -> NT) and a new programming language (C -> Java). I had the system requirements and the new data model as input, and I designed all the rest. I never looked at the original code, except to check the semantics of a few queries. (Joel's "hidden knowledge" doesn't apply here, since we were going to a new platform anyway.)
On another project, I redesigned and rewrote parts of the system. Each of those conversions have cost me dearly, and I wasn't really satisfied with the results. (In a partial rewrite, the new code needs to fit in with the existing system, and things get messy very quickly.) I wouldn't have done any of thos rewrites if the old architecture had been able to handle the new requirements.
Finally, I have one remark about aged code: comments are your friends. If you need to look at a piece of code twice before understanding it, you should add comments. If a particular construction is not obvious, explain why you do it that way.
I've only seen it done properly once. Literally half of the screen width was reserved for comments. (Yes, that is excessive, but it encourages people to write things there.) Every change to the code was tagged with the change request it belonged to.
In many cases, the old code was still there, but commented out.
I'd argue that program code is not "hard to read" by itself. It is written that way. Programmers never consider the fact that their work will be read by humans (including themselves). Once you step out of that mindset, you will write readable code.
[Red Hat] offered to provide both the software and the support completely gratis.
Interesting. I didn't know that. I think Red Hat's proposal wasn't valuable unless they provide support. After all, most teachers will have a Windows or Macintosh background (if any), and they will need to get used to the new system.
Getting Linux in schools is one step towards breaking MS's monopoly, and that will hurt the company more in the long run than any financial punishment.
There are 2 major flaws in the Windows uninstall process:
Windows cannot delete files which are in use. Most of the time, this includes the uninstall program. (I've been told this is fixed in XP.)
Most of the time, a Windows `package' includes shared DLLs. If these are used by another program, they cannot (and will not) be uninstalled.
Under Linux, problem 1 doesn't exist. Problem 2 is solved by having separate packages for all shared libraries.
Of course, this causes another problem: when is it safe to uninstall those libraries? The package manager keeps track of all dependencies and will refuse to uninstall something that is still needed by another package.
For Debian, there is deborphan to hunt for unused libraries. I'm sure there exists a similar utility for RPM.
There is a package which does just that: GNU stow. I use that to organize/usr/local. Very easy to use.
You install each package under/usr/local/stow/<packagename>, and then you run stow <packagename> to make the links. After an upgrade, you do stow --restow <packagename>.
(To me, having all binaries in/usr/bin is not a problem: the package manager takes care of them. And stow is sufficient to handle the things I install locally.)
My company has a very effective way to deal with these messages: `send to all' is locked, except for the internal communications department. If you want to send a message for the general interest, you have to send it to these people and they'll forward it.
We still get snail mail copies of most memo's, but sometimes they just arrive too late.
(The main reason for this policy was a disturbing amount of messages from people who had just quit, and wanted to announce this fact.)
Since I live in one of the only European countries (maybe even the only one) where you have to have an ID on you all the time, I want to add a few comments.
Since my 12th birthday, I have had an ID card with my name and address on it (and some minor things like birth date, sex and so on).
Some years ago, another item was added: the "state register's number". This is a unique number for every person (based on the birthdate), which is used by several government-related agencies.
At first, it was optional. You had to select it on renewal form. (Because of privacy issues, I left it unchecked... only to have the official check it right before my eyes.)
And it's going to get worse: the next generation of ID cards will have a chip to store the current contents of the card. It will also store health insurance data, and it should be able to submit government forms over the Internet with this.
(Of course, there's going to be encryption for that. But what if it's broken?)
Europe still has more strict privacy laws than the USA, but that is changing rapidly.
As noted by other posters, nobody is arrested (yet), only their houses were searched. The action was taken because of a complaint by the federation of record companies (roughly the equivalent of the RIAA).
The justice department has issued an official reply to this, stating that persecution of people who download music (as opposed to the ones who actually supply it) has the lowest priority. We'll only have to wait and see what the interpretation of lowest priority will be.
Microsoft bailed out of Java a while ago: Visual J++ has been sold, and the official.NET policy on Java seems to be: "We don't support that."
The only JVM that will be coming from Microsoft will be the one inside IE (or whatever they call it nowadays). And maybe they'll just ditch that in favor of Sun's Java plugin.
What does this really mean for Java? On one side, there's MS, one there's Oracle, Sun, HP and a host of other vendors. Who will "win" in the end? Impossible to say.
So if you are running three different projects, or more than one project, then the one that starts first will get all of your idle time, as far as I know.
Well, that depends on the scheduler. Linux, for example, would distribute the CPU time evenly between all project.
I don't know any off-hand, but there are schedulers which don't use a timeslice. On such a system, you could only get one project to run.
And if your distributed client is a screensaver, you can only run one of those at once.
3) Launches a bunch (16?) "java_vm"s that show in the process table.
This isn't as bad as it seems: all of those processes are threads of a single JVM. So they all share the same memory.
I use N6 on a regular basis now (this reply is written in N6), only switching to 4.75 if I get to a site that crashes 6 - which is way too often. I don't use the mail and news clients.
Netscape 6 on Windows is almost useable, on Linux it's down right beta quality. (The Linux version seems to have all the debugging output turned on.)
SSL support is seriously broken. The program hangs while downloading the page. If I interrupt the download, it locks completely.
There seems to be a bug in the URL handling, causing it to download a page from the wrong server, or using a proxy for sites in the exception list.
So, why am I still using N6? I like the insterface better than the old one, and it's somewhat faster. And things like the cookie and security managers are always welcome.
I think it's time we put this "Gore invented the Internet" story behind us. After all, he even backed down from that himself.
There is one thing that I find more disturbing: for every person who ever believed that Gore invented the Internet, there are 5 who still believe Bill Gates did.
A couple of weeks ago, I used Debian 2.2 to set up a test firewall at work. I'll try to summarize what I did.
This firewall is nowhere accessible through the Internet. One ethernet card is connected to the company Intranet, while the other just has a crosscable attached. Because of this, I wasn't very concerned about security. I wanted to practice a little by tuning the box.
(Why this firewall, you might ask? I figured we needed a setup to demonstrate to our clients that our applications will also work through a firewall setup. And I had nothing more important to do - being between 2 projects.)
When the installation program prompted me to allocate partitions, I opted for a root partition, a small/boot, and the second hard disk for/usr. (Nobody really tells you how to partition hard disks - that's why most newbies end up with a single partition.)
At the end of the installation, I was asked whether I wanted MD5 or crypt passwords. The dialog listed some of the reasons why I would want either one.
The default network installation did activate a couple of services like telnet (don't remember which ones), which I had to uninstall. For the builtin inetd services, I didn't even bother to deactivate them. (I'm not sure why I left inetd running. Probably because I wanted one service from the list.)
I did leave exim because I needed a way for the system to report what's happening. Unfortunately, this left a process listening on port 25.
I deactivated X (the PC had a lousy video card anyway).
I had to recompile my kernel in order to support IP forwarding and Masquerading. In the collection of packages I found mason, which is supposed to make it easier to configure a firewall.
I tried this, and I got a list of all the broadcast messages on the company network (quite a lot). I threw away all that junk, and started studying the HOWTOs. I ended up with a configuration that will forward 5 TCP ports (we have a couple of web servers listening on unusual addresses), DNS (for convienience) and ICMP (to facilitate network debugging).
The machine has a couple of services running that might reduce security: DHCP (to configure the client PC), squid and SAMBA (easier access from my own PC).
The bootup settings: no BIOS password (automatic reboots), but the LILO images are restricted (i.e., you need to enter the password if you want to pass options).
Finally, I had to set a few kernel parameters as mentionned by the HOWTO.
All in all, a pretty secure machine, at least from the network. I can't think of anything that would hold of a determined person who gets access to the console.
I can always close up the remaining holes if I want to, but I don't think anyone will try to break into the machine anyway.
All in all, it took 2 days to get everything the way I wanted (not only the security aspects). I learned a lot out of this and, most importantly, it was fun!
The disappearance of the DOS prompt makes it more difficult to install alternative OSes, but there are ways around that. True, you can't run LOADLIN out of a DOS box anymore, but do you really need to? You always have the option to boot from floppies if you don't want to devote a complete partition to your new OS.
(Another problem: WinNT - and I suppose 2000 as well - doesn't allow raw access to the floppy device, so RAWRITE won't work. Solution: use a bootable CD. Your PC can't boot from CD? Then it's probably not worth to run Win2K or ME.)
I believe there's a greater threat: rescue CDs. Nowadays, you rarely get a full Windows CD when you buy a new PC. All you get is media that allows you to restore the PC to its original configuration.
For example: my company-issued laptop has such a rescue disk. I also have an official Win98 CD, but I suspect it won't install without the rescue disk. This disk only allows to choices: either wipe out the whole disk, or only "fix" the C: partition.
My desktop PC (running NT) has a restore medium as well, and that one effectively repartitions the complete hard disk before reinstalling. (For this one, I do need to install from the rescue disk: I tried installing the "official" WinNT CD.)
I have installed Linux on the laptop, but now I'm hesitant to use the rescue disk (in case Windows really gets messed up).
Installing Linux/BeOS/*BSD on the other machine? I don't think so. If I ever need to reinstall NT, I'll lose everything on the disk.
Ironically, these two machines were sold by vendors who claim to support Linux...
Having said that, I
wish there was a way to make the Blackdown Java Plugin replace the JVM that Netscape ships.
Same here. Netscape's Java is one of the worst I've ever seen. Netscape 6 will always use the plugin even for <APPLET> tags.
(Netscape has promised to send me a CD with the release version of Netscape 6 when it comes out. I hope they can work out the most annoying bugs by then.)
I work for a company that doesn't just expect _unpaid_ overtime, they flat out tell you they expect it.
One of my chiefs tried to pull that one on me.
On the record, he told everyone that he wouldn't accept any overtime on the time registration forms. Later on, he told me in private that he expected me to do more time (promising a bonus at the end of the year).
I never complied to this. Now, it's 18 months later, and I'm about to leave the team. And the bonus? Nobody got one, even the ones that did do unpaid overtime.
Slashdot Mirror
Alien makes RPM packages available under APT. Can i use deb packages under RPM?
Yes, and alien is just the tool you need. :)
Check the man page for more information. By default, alien converts to .deb format (at least the Debian packaged version does - this might be a compile option), but it can also work the other way around and generate .rpm and .tgz files.
I have used Slackware for almost 4 years, and recently I moved to Debian.
Initially, I loved Slackware, because it didn't have any package manager sitting in my way. After a while, I even deleted the Slackware install scripts.
Adding new programs from source works OK, as long as you don't tweak the configuration options too much. Upgrading a package is another thing. Slackware has no support for that. (The recommended way of upgrading is to reinstall everything from scratch.) I resorted to compiling each of those packages (programs and libraries) myself. This takes some effort: you need to verify that the compiled package uses the same locations for all files as the original Slackware package.
All of this takes time. Lots of time. And each upgrade can break some other program. Which requires more time to fix it. (The easiest solution is to recompile the broken application against the new libraries. If that doesn't work, go check for a more recent version.)
After a while, there's a lot of old cruft on the system, and there's no way to find out what is still used. If a file changes location between versions (or you fail to specify a configure parameter), you're left with both on your hard disk. This requires manual intervention to see which is the correct version.
Finally, I switched. Due to all kinds of changes in my life, I didn't have the time to be a full-time administrator of my Linux box. Now, I can keep 2 boxes up to date with the latest bugfixes in about 15 minutes. And I can be reasonably sure everything will work.
You need to install this.
They just closed down internet mail where I work now because of the virus. Ironically, the next message (after the announcement) I got came from an internal user, and had the virus in attachement.
(And if you think having no email is bad, just try to work on a web-based application when all the routers block traffic to port 80, and your test server is behind a firewall.)
I'm an IT consultant, making a living by developing applications for large companies. This is a totally different environment than the one described in this interview. My programs have one buyer, and typically run on a single machine.
I have been through a couple of code rewrites. In one project, we simply started from scratch. New database (Oracle 7 -> 8), new data model, new OS (UNIX -> NT) and a new programming language (C -> Java). I had the system requirements and the new data model as input, and I designed all the rest. I never looked at the original code, except to check the semantics of a few queries. (Joel's "hidden knowledge" doesn't apply here, since we were going to a new platform anyway.)
On another project, I redesigned and rewrote parts of the system. Each of those conversions have cost me dearly, and I wasn't really satisfied with the results. (In a partial rewrite, the new code needs to fit in with the existing system, and things get messy very quickly.) I wouldn't have done any of thos rewrites if the old architecture had been able to handle the new requirements.
Finally, I have one remark about aged code: comments are your friends. If you need to look at a piece of code twice before understanding it, you should add comments. If a particular construction is not obvious, explain why you do it that way.
I've only seen it done properly once. Literally half of the screen width was reserved for comments. (Yes, that is excessive, but it encourages people to write things there.) Every change to the code was tagged with the change request it belonged to. In many cases, the old code was still there, but commented out.
I'd argue that program code is not "hard to read" by itself. It is written that way. Programmers never consider the fact that their work will be read by humans (including themselves). Once you step out of that mindset, you will write readable code.
Interesting. I didn't know that. I think Red Hat's proposal wasn't valuable unless they provide support. After all, most teachers will have a Windows or Macintosh background (if any), and they will need to get used to the new system.
Getting Linux in schools is one step towards breaking MS's monopoly, and that will hurt the company more in the long run than any financial punishment.
There are 2 major flaws in the Windows uninstall process:
Under Linux, problem 1 doesn't exist. Problem 2 is solved by having separate packages for all shared libraries.
Of course, this causes another problem: when is it safe to uninstall those libraries? The package manager keeps track of all dependencies and will refuse to uninstall something that is still needed by another package.
For Debian, there is deborphan to hunt for unused libraries. I'm sure there exists a similar utility for RPM.
There is a package which does just that: GNU stow. I use that to organize /usr/local. Very easy to use.
You install each package under /usr/local/stow/<packagename>, and then you run stow <packagename> to make the links. After an upgrade, you do stow --restow <packagename>.
(To me, having all binaries in /usr/bin is not a problem: the package manager takes care of them. And stow is sufficient to handle the things I install locally.)
If you install ash on Debian, you have the option to install it as /bin/sh. It's a low-priority option, use dpkg-reconfigure ash if you never saw this.
If you bump into a problem because of this setting, you should report it as a policy violation.
IIRC, there was a message on debian-devel stating that the default kernel for Woody would be 2.2.
There are already 2.4 kernels available in the archives, and (of course) the official release will include them as well.
I'm surprised nobody mentioned Kit, from the Knight Rider series. One of the oldest on-board computers.
Goes back to the '80s, IIRC. I suppose I'm getting old...
(I don't really care about a smart-assed computer in my car, but a row of LEDs on the front would be incredibly cool.)
The only times I've had problems with /. logins is when I've used the www. prefix. And some links from outside seem to disregard the cookies.
Don't know if this is a Mozilla problem. IIRC, the same thing happens with Navigator 4.x.
My company has a very effective way to deal with these messages: `send to all' is locked, except for the internal communications department. If you want to send a message for the general interest, you have to send it to these people and they'll forward it.
We still get snail mail copies of most memo's, but sometimes they just arrive too late.
(The main reason for this policy was a disturbing amount of messages from people who had just quit, and wanted to announce this fact.)
Since I live in one of the only European countries (maybe even the only one) where you have to have an ID on you all the time, I want to add a few comments.
Since my 12th birthday, I have had an ID card with my name and address on it (and some minor things like birth date, sex and so on).
Some years ago, another item was added: the "state register's number". This is a unique number for every person (based on the birthdate), which is used by several government-related agencies.
At first, it was optional. You had to select it on renewal form. (Because of privacy issues, I left it unchecked... only to have the official check it right before my eyes.)
And it's going to get worse: the next generation of ID cards will have a chip to store the current contents of the card. It will also store health insurance data, and it should be able to submit government forms over the Internet with this.
(Of course, there's going to be encryption for that. But what if it's broken?)
Europe still has more strict privacy laws than the USA, but that is changing rapidly.
As noted by other posters, nobody is arrested (yet), only their houses were searched. The action was taken because of a complaint by the federation of record companies (roughly the equivalent of the RIAA).
The justice department has issued an official reply to this, stating that persecution of people who download music (as opposed to the ones who actually supply it) has the lowest priority. We'll only have to wait and see what the interpretation of lowest priority will be.
Microsoft bailed out of Java a while ago: Visual J++ has been sold, and the official .NET policy on Java seems to be: "We don't support that."
The only JVM that will be coming from Microsoft will be the one inside IE (or whatever they call it nowadays). And maybe they'll just ditch that in favor of Sun's Java plugin.
What does this really mean for Java? On one side, there's MS, one there's Oracle, Sun, HP and a host of other vendors. Who will "win" in the end? Impossible to say.
Lame joke, I know. But this story doesn't inspire anything better from me.
Read the story, laugh a moment about it, and life goes back to normal.
So if you are running three different projects, or more than one project, then the one that starts first will get all of your idle time, as far as I know.
Well, that depends on the scheduler. Linux, for example, would distribute the CPU time evenly between all project.
I don't know any off-hand, but there are schedulers which don't use a timeslice. On such a system, you could only get one project to run.
And if your distributed client is a screensaver, you can only run one of those at once.
3) Launches a bunch (16?) "java_vm"s that show in the process table.
This isn't as bad as it seems: all of those processes are threads of a single JVM. So they all share the same memory.
I use N6 on a regular basis now (this reply is written in N6), only switching to 4.75 if I get to a site that crashes 6 - which is way too often. I don't use the mail and news clients.
Netscape 6 on Windows is almost useable, on Linux it's down right beta quality. (The Linux version seems to have all the debugging output turned on.)
SSL support is seriously broken. The program hangs while downloading the page. If I interrupt the download, it locks completely.
There seems to be a bug in the URL handling, causing it to download a page from the wrong server, or using a proxy for sites in the exception list.
So, why am I still using N6? I like the insterface better than the old one, and it's somewhat faster. And things like the cookie and security managers are always welcome.
I think it's time we put this "Gore invented the Internet" story behind us. After all, he even backed down from that himself.
There is one thing that I find more disturbing: for every person who ever believed that Gore invented the Internet, there are 5 who still believe Bill Gates did.
A couple of weeks ago, I used Debian 2.2 to set up a test firewall at work. I'll try to summarize what I did.
This firewall is nowhere accessible through the Internet. One ethernet card is connected to the company Intranet, while the other just has a crosscable attached. Because of this, I wasn't very concerned about security. I wanted to practice a little by tuning the box.
(Why this firewall, you might ask? I figured we needed a setup to demonstrate to our clients that our applications will also work through a firewall setup. And I had nothing more important to do - being between 2 projects.)
When the installation program prompted me to allocate partitions, I opted for a root partition, a small /boot, and the second hard disk for /usr. (Nobody really tells you how to partition hard disks - that's why most newbies end up with a single partition.)
At the end of the installation, I was asked whether I wanted MD5 or crypt passwords. The dialog listed some of the reasons why I would want either one.
The default network installation did activate a couple of services like telnet (don't remember which ones), which I had to uninstall. For the builtin inetd services, I didn't even bother to deactivate them. (I'm not sure why I left inetd running. Probably because I wanted one service from the list.)
I did leave exim because I needed a way for the system to report what's happening. Unfortunately, this left a process listening on port 25.
I deactivated X (the PC had a lousy video card anyway).
I had to recompile my kernel in order to support IP forwarding and Masquerading. In the collection of packages I found mason, which is supposed to make it easier to configure a firewall.
I tried this, and I got a list of all the broadcast messages on the company network (quite a lot). I threw away all that junk, and started studying the HOWTOs. I ended up with a configuration that will forward 5 TCP ports (we have a couple of web servers listening on unusual addresses), DNS (for convienience) and ICMP (to facilitate network debugging).
The machine has a couple of services running that might reduce security: DHCP (to configure the client PC), squid and SAMBA (easier access from my own PC).
The bootup settings: no BIOS password (automatic reboots), but the LILO images are restricted (i.e., you need to enter the password if you want to pass options).
Finally, I had to set a few kernel parameters as mentionned by the HOWTO.
All in all, a pretty secure machine, at least from the network. I can't think of anything that would hold of a determined person who gets access to the console.
I can always close up the remaining holes if I want to, but I don't think anyone will try to break into the machine anyway.
All in all, it took 2 days to get everything the way I wanted (not only the security aspects). I learned a lot out of this and, most importantly, it was fun!
The disappearance of the DOS prompt makes it more difficult to install alternative OSes, but there are ways around that. True, you can't run LOADLIN out of a DOS box anymore, but do you really need to? You always have the option to boot from floppies if you don't want to devote a complete partition to your new OS.
(Another problem: WinNT - and I suppose 2000 as well - doesn't allow raw access to the floppy device, so RAWRITE won't work. Solution: use a bootable CD. Your PC can't boot from CD? Then it's probably not worth to run Win2K or ME.)
I believe there's a greater threat: rescue CDs. Nowadays, you rarely get a full Windows CD when you buy a new PC. All you get is media that allows you to restore the PC to its original configuration.
For example: my company-issued laptop has such a rescue disk. I also have an official Win98 CD, but I suspect it won't install without the rescue disk. This disk only allows to choices: either wipe out the whole disk, or only "fix" the C: partition.
My desktop PC (running NT) has a restore medium as well, and that one effectively repartitions the complete hard disk before reinstalling. (For this one, I do need to install from the rescue disk: I tried installing the "official" WinNT CD.)
I have installed Linux on the laptop, but now I'm hesitant to use the rescue disk (in case Windows really gets messed up).
Installing Linux/BeOS/*BSD on the other machine? I don't think so. If I ever need to reinstall NT, I'll lose everything on the disk.
Ironically, these two machines were sold by vendors who claim to support Linux...
I downloaded the exploit code, and then I noticed their site had grabbed my HTTP proxy's address. (Proxy use is mandatory at this ISP.)
This doesn't give any real protection: I'm pretty sure they can get my real address. It just isn't in the code yet.
Same here. Netscape's Java is one of the worst I've ever seen. Netscape 6 will always use the plugin even for <APPLET> tags.
(Netscape has promised to send me a CD with the release version of Netscape 6 when it comes out. I hope they can work out the most annoying bugs by then.)
I work for a company that doesn't just expect _unpaid_ overtime, they flat out tell you they expect it.
One of my chiefs tried to pull that one on me.
On the record, he told everyone that he wouldn't accept any overtime on the time registration forms. Later on, he told me in private that he expected me to do more time (promising a bonus at the end of the year).
I never complied to this. Now, it's 18 months later, and I'm about to leave the team. And the bonus? Nobody got one, even the ones that did do unpaid overtime.