FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 11-05-2008, 04:40 AM
Nate Duehr
 
Default When stability is pointless

It is very common for software developers to plow ahead without thinking
much about the versions the distros provide.


You may want to contact them and see how they would expect users to use
their software effectively.


It's likely: They won't care.

Open-source suffers from not having the "rest" of what is typically seen
in a company making commercial software... a team of documentation
writers, a support staff to answer questions, people reviewing changes
to see if they're sane from a user's perspective, user-interface
standards and people to check them... all those nice things your dollars
pay for.


The open-source software eco-sphere is dense with applications, but very
shallow. It never gains much "depth" of quality. Certain major
applications with paid people taking care of them (the kernel, Apache,
MySQL, etc) all are much better than the average quality level.


Nate


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 11-05-2008, 07:34 AM
Tzafrir Cohen
 
Default When stability is pointless

On Wed, Nov 05, 2008 at 02:41:52AM +0000, Sam Kuper wrote:
> Hi Doug,
>
> Thanks for your comments.
>
> 2008/11/5 Douglas A. Tutty <dtutty@vianet.ca>:
> > Or, are you saying that you are trying to implement a psad recipe from
> > the internet that doesn't apply to the version of psad supplied in
> > Ubuntu?
>
> Essentially correct. But not just any old set of psad instructions:
> the instructions provided on the psad website and in the developer's
> book on Linux firewalls. In other words, pretty much the most
> comprehensive set of instructions I could find.

http://packages.ubuntu.com/psad
http://packages.debian.org/psad

And for older history:
http://archive.debian.net/psad

As you can see, the Ubuntu package is maintained by the Masters of the
Universe. That is to say: it is basically a copy of the package from
Debian Testing (or is it Unstable) close to the time of the release.

>
> > For all Ubuntu is based on Debian, I don't think it follows debian
> > policy. The policy manual says, basically and among other things, that
> > installing a package should result in that package working
> > out-of-the-box in some fashion only needing tweaking by the sysadmin.
>
> Define "working" (or "tweaking"). My experience with some packages in
> Etch suggest that Debian sometimes has problems like this too.

Examples, please?

Bug numbers?

What I mostly expect the distribution to do for me are the "manual
script" you find in HOWTOs. You should not need to install a set of
packages. That is why we have dependencies. You should not need to guess
a long command-line. If there is still a need for one it should be
scripted by the package maintainer or at least documented in
README.Debian .


I have not heard of psad before. So I decided to just check that package
and see what it is about. I didn't have time to actually set it up.
One this that I could see in the README.Debian was that I need to edit
syslog.conf myself. This makes sense if I use sysklod . But it's silly
if I have a shiny new Lenny system with rsyslog. Result:
http://bugs.debian.org/504567 . I hope somebody actually picks it up.

Yes, this is a small thing. I could do it myself. But why should I
bother? Why should the 362 users of the package
(http://qa.debian.org/developer.php?popcon=psad ) bother do the same
thing over?

>
> > I've never used psad but I would be very surprised if the problem you
> > experienced were to happen were you running Debian Stable.
>
> You may be right. Perhaps I should go back to Debian Stable. But one
> of the reasons I switched to Ubuntu was to minimise the gap between a
> package being deprecated by its developer and deprecated by its
> maintainer, in an effort to avoid precisely the sort of problem I
> outlined in my post.
>
> > Since Ubuntu is based not on Debian Stable but on (I think) Unstable, I
> > don't know how one can consider any Ubuntu release to be stable.
>
> Ubuntu has LTS (Long-Term Support) releases, which roughly translate to Stable.

And they are released roughly as often as Debian stable versions are
released.

--
Tzafrir Cohen | tzafrir@jabber.org | VIM is
http://tzafrir.org.il | | a Mutt's
tzafrir@cohens.org.il | | best
ICQ# 16849754 | | friend


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 11-05-2008, 09:31 AM
Johannes Wiedersich
 
Default When stability is pointless

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

Sam Kuper wrote:
> 2008/11/5 Douglas A. Tutty <dtutty@vianet.ca>:
>> Or, are you saying that you are trying to implement a psad recipe from
>> the internet that doesn't apply to the version of psad supplied in
>> Ubuntu?
>
> Essentially correct. But not just any old set of psad instructions:
> the instructions provided on the psad website and in the developer's
> book on Linux firewalls. In other words, pretty much the most
> comprehensive set of instructions I could find.

So what do you think that debian can do about it? For most packages I
know, debian includes the correct version of the documentation. For git,
as an example, the documentation at /usr/share/doc/ always corresponds
to the version of git installed on the system and is upgraded along with
git. (No need to search the web;-) ). Of course this is only possible,
if the license of the documentation matches that of the software (ie. is
free).

If it is important for you for special cases, there is also
backports.org from which you could install newer versions of certain
software without compromising on stability for the rest of your system.

>> For all Ubuntu is based on Debian, I don't think it follows debian
>> policy. The policy manual says, basically and among other things, that
>> installing a package should result in that package working
>> out-of-the-box in some fashion only needing tweaking by the sysadmin.
>
> Define "working" (or "tweaking"). My experience with some packages in
> Etch suggest that Debian sometimes has problems like this too.

Just report a bug and the problem has a chance to get fixed for lenny.

>> I've never used psad but I would be very surprised if the problem you
>> experienced were to happen were you running Debian Stable.
>
> You may be right. Perhaps I should go back to Debian Stable. But one
> of the reasons I switched to Ubuntu was to minimise the gap between a
> package being deprecated by its developer and deprecated by its
> maintainer, in an effort to avoid precisely the sort of problem I
> outlined in my post.

I think this shows the point where you misunderstand how debian works:

There are three levels any package can reach:

- unstable/sid: frequently updated from upstream, latest software

- testing: software has been tested some time and should contain less
changes and bugs than unstable

- stable: software has been extensively tested to work. It is rather
unfrequently updated (about 1.5 years between releases) and hence you
get a 'stable' system to work with.

Pick whichever suits you. You obviously can't have stable software and
frequent updates at the same time...

It is also impossible to predict the right level of stability for
everyone and for every package...

... or to predict which version of a package will be featured in a book
or in some other documentation...

;-(

>> Since Ubuntu is based not on Debian Stable but on (I think) Unstable, I
>> don't know how one can consider any Ubuntu release to be stable.
>
> Ubuntu has LTS (Long-Term Support) releases, which roughly translate to Stable.

Yes, but IIRC it is still based on debian sid. Ie. it never transitioned
debians unstable - testing - stable queue. IIRC it just means that the
developers made a commitment to extend security support. (I hope someone
will correct me, if I'm wrong)

HTH,

Johannes
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkkRddUACgkQC1NzPRl9qEUttwCfb9JuckVBEm b8oQpWnuXn7DnN
TqwAn2tzxsMOQWRoRjkk4Pc50bf2u7lo
=bU4g
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 11-05-2008, 09:58 AM
Teemu Likonen
 
Default When stability is pointless

Johannes Wiedersich (2008-11-05 11:31 +0100) wrote:

> Sam Kuper wrote:
>> Ubuntu has LTS (Long-Term Support) releases, which roughly translate
>> to Stable.
>
> Yes, but IIRC it is still based on debian sid. Ie. it never
> transitioned debians unstable - testing - stable queue. IIRC it just
> means that the developers made a commitment to extend security
> support. (I hope someone will correct me, if I'm wrong)

That's correct. Ubuntu's LTS (long-term support) releases are "stable"
in the sense that they don't change and are supported (i.e., security
and some bug fixes) for longer time than regular releases. In that sense
they are roughly similar to Debian stable.

But, as you said, Ubuntu's LTS releases are still based on Debian Sid
and the development and testing process does not differ (in essence)
from Ubuntu's regular releases. Perhaps they freeze a bit earlier but
it's still tied to the 6-month cycle and not "release when it's ready"
thinking. In that sense LTS releases are no more "stable" than any
Ubuntu release.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 11-05-2008, 10:25 AM
Emanoil Kotsev
 
Default When stability is pointless

Johannes Wiedersich wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
>
> Sam Kuper wrote:
>> 2008/11/5 Douglas A. Tutty <dtutty@vianet.ca>:
>>> Or, are you saying that you are trying to implement a psad recipe from
>>> the internet that doesn't apply to the version of psad supplied in
>>> Ubuntu?
>>
>> Essentially correct. But not just any old set of psad instructions:
>> the instructions provided on the psad website and in the developer's
>> book on Linux firewalls. In other words, pretty much the most
>> comprehensive set of instructions I could find.
>
> So what do you think that debian can do about it? For most packages I
> know, debian includes the correct version of the documentation. For git,
> as an example, the documentation at /usr/share/doc/ always corresponds
> to the version of git installed on the system and is upgraded along with
> git. (No need to search the web;-) ). Of course this is only possible,
> if the license of the documentation matches that of the software (ie. is
> free).
>
> If it is important for you for special cases, there is also
> backports.org from which you could install newer versions of certain
> software without compromising on stability for the rest of your system.
>
>>> For all Ubuntu is based on Debian, I don't think it follows debian
>>> policy. The policy manual says, basically and among other things, that
>>> installing a package should result in that package working
>>> out-of-the-box in some fashion only needing tweaking by the sysadmin.
>>
>> Define "working" (or "tweaking"). My experience with some packages in
>> Etch suggest that Debian sometimes has problems like this too.
>
> Just report a bug and the problem has a chance to get fixed for lenny.
>
>>> I've never used psad but I would be very surprised if the problem you
>>> experienced were to happen were you running Debian Stable.
>>
>> You may be right. Perhaps I should go back to Debian Stable. But one
>> of the reasons I switched to Ubuntu was to minimise the gap between a
>> package being deprecated by its developer and deprecated by its
>> maintainer, in an effort to avoid precisely the sort of problem I
>> outlined in my post.
>
> I think this shows the point where you misunderstand how debian works:
>
> There are three levels any package can reach:
>
> - unstable/sid: frequently updated from upstream, latest software
>
> - testing: software has been tested some time and should contain less
> changes and bugs than unstable
>
> - stable: software has been extensively tested to work. It is rather
> unfrequently updated (about 1.5 years between releases) and hence you
> get a 'stable' system to work with.
>
> Pick whichever suits you. You obviously can't have stable software and
> frequent updates at the same time...
>
> It is also impossible to predict the right level of stability for
> everyone and for every package...
>
> ... or to predict which version of a package will be featured in a book
> or in some other documentation...
>
> ;-(
>
>>> Since Ubuntu is based not on Debian Stable but on (I think) Unstable, I
>>> don't know how one can consider any Ubuntu release to be stable.
>>
>> Ubuntu has LTS (Long-Term Support) releases, which roughly translate to
>> Stable.
>
> Yes, but IIRC it is still based on debian sid. Ie. it never transitioned
> debians unstable - testing - stable queue. IIRC it just means that the
> developers made a commitment to extend security support. (I hope someone
> will correct me, if I'm wrong)
>

Sorry to mix up in your discussion, but I hope sharing my experience will
benefit you.
I've been using debian since potato and must say that it has a genius
versioning system. Actually there are 4 levels for packages, you've
missed "experimental".
So I do use the stable version on my servers and the testing on my notebook
or desktop. It works just great. I should admit that k/ubuntu has much
better configurable or configured desktop settings, but being derived from
unstable it has still problems, though the programmers/developers there
swear that their software (k/ubuntu) is fine.
I've tested kubuntu for over a month now and there are such small problems
that finally broth me back to lenny for desktop. I think the ubuntu problem
is really deriving it from unstable, but I hope they know what they are
doing. From my point of view this is simply not relyable for production use
I mean for getting a job done. I spent about 2 days to make it work for me
and still there are some things that do not work like they should. So I
don't see any difference between lenny (debian testing) and k/ubuntu.
>From my point of view debian testing has the advantage, that at some point
in time it becomes stable which means that you can use this for other few
years and don't have to change anything.

If you miss a package, like I do with few packages, I download the code,
compile, install, test, debug until it's working. then I make a deb
package, install and forget about having troubles with it. It's just great.

regards




--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 11-05-2008, 10:47 AM
Tzafrir Cohen
 
Default When stability is pointless

On Wed, Nov 05, 2008 at 12:58:15PM +0200, Teemu Likonen wrote:
> Johannes Wiedersich (2008-11-05 11:31 +0100) wrote:
>
> > Sam Kuper wrote:
> >> Ubuntu has LTS (Long-Term Support) releases, which roughly translate
> >> to Stable.
> >
> > Yes, but IIRC it is still based on debian sid. Ie. it never
> > transitioned debians unstable - testing - stable queue. IIRC it just
> > means that the developers made a commitment to extend security
> > support. (I hope someone will correct me, if I'm wrong)
>
> That's correct. Ubuntu's LTS (long-term support) releases are "stable"
> in the sense that they don't change and are supported (i.e., security
> and some bug fixes) for longer time than regular releases. In that sense
> they are roughly similar to Debian stable.
>
> But, as you said, Ubuntu's LTS releases are still based on Debian Sid
> and the development and testing process does not differ (in essence)
> from Ubuntu's regular releases. Perhaps they freeze a bit earlier but
> it's still tied to the 6-month cycle and not "release when it's ready"
> thinking. In that sense LTS releases are no more "stable" than any
> Ubuntu release.

Hmm.. that is not entirely correct.

Ubuntu has generally two sections with respect to quality: main and
universe ("multiverse" is the "universe" of "restricted"). Packages in
"main" are maitained by the Ubuntu developers. They should get security
updates for the promised time (e.g: 18 monthes for a standard release,
longer for a LTS version).

Packages in the universe, such as psad, don't get that guarantee. Thus
if you're in Ubuntu and want to keep a fully-supported system, keep
universe out of your apt sources (or at least: avoid normally installing
software from there). Just as you should avoid installing software from
backports.org if you want a fully-supported Debian Stable system (though
maybe non-free would be a better analogy).

--
Tzafrir Cohen | tzafrir@jabber.org | VIM is
http://tzafrir.org.il | | a Mutt's
tzafrir@cohens.org.il | | best
ICQ# 16849754 | | friend


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 11-05-2008, 10:47 AM
Osamu Aoki
 
Default When stability is pointless

Hi,

On Wed, Nov 05, 2008 at 01:26:31AM +0000, Sam Kuper wrote:
> When stability is pointless
> ===========================
>
> Many Linux distributions (and other software environments too) use
> package managers to facilitate the installation, upgrading and
> uninstallation of software packages as needed. At least, that's the
> idea.

Debian acknowledges this problem and we have 2 special archives:
volatile
volatile-sloppy

You do not seem to use these.

Please check:
http://people.debian.org/~osamu/pub/getwiki/html/ch03.en.html#debianarchivebasics
http://www.debian.org/volatile/

(Also if you need new feature, backports.org is place to use.)

> Why have package managers?
> --------------------------
>
> Are package managers necessary? Well, no.

What???? We need this to keep consistency, ...

> One way of managing software
> is simply to install individual software programs/libraries as needed,
> and allow each item to handle its own updating or uninstallation (or
> even just leave that to the user to do manually).

Within stable Debian and security updates and volatile, this is supported.

I do not know what you mean by "manually", though.

> That's pretty much how Windows handles things.

Not really. We know some softwares works on security updated system.

...
> An example
> ----------
>
> Here is my scenario. I have a server running Ubuntu 8.04 LTS: a
> "stable", recent release of a Debian-based Linux distribution. I wish
> to install a security-related program called "psad" (short for "Port
> Scan Attack Detector) on that server. However, the stable package of
> psad for Ubuntu 8.04 turns out to house version 2.1 of psad. That
> wouldn't bother me, except that… I can't set it up!

This is Ubuntu problem. Please ask them.

> The reason I'm having difficulty setting it up is that the
> documentation on installing psad refer not to version 2.1 but to
> version 2.1.4, which requires setting up differently to 2.1.

Debian usually supply NEWS or README.Debian to adress these issue.

I have to say Documentation is generally weak point on Debian.
...

Osamu


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 11-05-2008, 10:47 AM
Osamu Aoki
 
Default When stability is pointless

Hi,

On Wed, Nov 05, 2008 at 01:26:31AM +0000, Sam Kuper wrote:
> When stability is pointless
> ===========================
>
> Many Linux distributions (and other software environments too) use
> package managers to facilitate the installation, upgrading and
> uninstallation of software packages as needed. At least, that's the
> idea.

Debian acknowledges this problem and we have 2 special archives:
volatile
volatile-sloppy

You do not seem to use these.

Please check:
http://people.debian.org/~osamu/pub/getwiki/html/ch03.en.html#debianarchivebasics
http://www.debian.org/volatile/

(Also if you need new feature, backports.org is place to use.)

> Why have package managers?
> --------------------------
>
> Are package managers necessary? Well, no.

What???? We need this to keep consistency, ...

> One way of managing software
> is simply to install individual software programs/libraries as needed,
> and allow each item to handle its own updating or uninstallation (or
> even just leave that to the user to do manually).

Within stable Debian and security updates and volatile, this is supported.

I do not know what you mean by "manually", though.

> That's pretty much how Windows handles things.

Not really. We know some softwares works on security updated system.

...
> An example
> ----------
>
> Here is my scenario. I have a server running Ubuntu 8.04 LTS: a
> "stable", recent release of a Debian-based Linux distribution. I wish
> to install a security-related program called "psad" (short for "Port
> Scan Attack Detector) on that server. However, the stable package of
> psad for Ubuntu 8.04 turns out to house version 2.1 of psad. That
> wouldn't bother me, except that… I can't set it up!

This is Ubuntu problem. Please ask them.

> The reason I'm having difficulty setting it up is that the
> documentation on installing psad refer not to version 2.1 but to
> version 2.1.4, which requires setting up differently to 2.1.

Debian usually supply NEWS or README.Debian to adress these issue.

I have to say Documentation is generally weak point on Debian.
...

Osamu


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-05-2008, 11:26 AM
Nate Bargmann
 
Default When stability is pointless

* Osamu Aoki <osamu@debian.org> [2008 Nov 05 06:05 -0600]:

> > Why have package managers?
> > --------------------------
> >
> > Are package managers necessary? Well, no.
>
> What???? We need this to keep consistency, ...
>
> > One way of managing software
> > is simply to install individual software programs/libraries as needed,
> > and allow each item to handle its own updating or uninstallation (or
> > even just leave that to the user to do manually).
>
> Within stable Debian and security updates and volatile, this is supported.

If the OP would like to do things manually, I invite him to try
Slackware as there is no default package manager (or a very minimal one
that will install and remove packages but not much more). Packages are
little changed from their upstream release and if there are conflicts
between packages, well the system administrator gets to figure that
out.

> I do not know what you mean by "manually", though.

See Slackware. ;-)

- Nate >>

--

"The optimist proclaims that we live in the best of all
possible worlds. The pessimist fears this is true."

Ham radio, Linux, bikes, and more: http://n0nb.us/index.html


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 11-05-2008, 11:26 AM
Nate Bargmann
 
Default When stability is pointless

* Osamu Aoki <osamu@debian.org> [2008 Nov 05 06:05 -0600]:

> > Why have package managers?
> > --------------------------
> >
> > Are package managers necessary? Well, no.
>
> What???? We need this to keep consistency, ...
>
> > One way of managing software
> > is simply to install individual software programs/libraries as needed,
> > and allow each item to handle its own updating or uninstallation (or
> > even just leave that to the user to do manually).
>
> Within stable Debian and security updates and volatile, this is supported.

If the OP would like to do things manually, I invite him to try
Slackware as there is no default package manager (or a very minimal one
that will install and remove packages but not much more). Packages are
little changed from their upstream release and if there are conflicts
between packages, well the system administrator gets to figure that
out.

> I do not know what you mean by "manually", though.

See Slackware. ;-)

- Nate >>

--

"The optimist proclaims that we live in the best of all
possible worlds. The pessimist fears this is true."

Ham radio, Linux, bikes, and more: http://n0nb.us/index.html

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 07:27 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org