Debian backports

Jan Marek jmarek na jcu.cz
Čtvrtek Září 30 09:08:24 CEST 2004


Dobry den,

On Sat, Sep 25, 2004 at 07:15:10PM +0200, Milan Keršláger wrote:
> On Wed, Sep 22, 2004 at 03:14:40PM +0200, Jan Marek wrote:
> > 
> > > Pouzivat unstable/testing je nesmysl, protoze prijdete o bezpecnostni
> > > updaty. To same plati i o jinych podobnych meziverzich.
> > 
> > Alespon u unstable toto neni pravda, protoze bezpecnostni updaty
> > jsou prece delany tvurci SW a zde obvykle byva vlastne zabaleny
> > aktualni (a tedy uz opraveny) SW. Nevim presne, jak to je
> > v testing, ale tise predpokladam, ze pokud se jedna
> > o bezpecnostni update, pak je bude backportovan, nebo tam jde
> > primo balicek z unstable...
> 
> Je videt, ze jste to *nikdy* nezkousel. Ja ano.

to je pravda. A proto jsem taky napsal, ze se domnivam. Jestli
jste to zkousel, mohl jste napsat *konkretni* argumenty, co tam
neslo nebo co to melo za problemy...

Ja osobne jsem preferoval nazor, ze na server je nejlepsi bud
stable nebo unstable (ac to zni hazardne, tak moje dlouhodobe
zkusenosti me utvrzuji v tom, ze je to dobra volba), nez testing.
V soucasne dobe jsem (i diky konferenci) objevil backports a jsem
dost spokojeny, protoze se tam objevuji balicky neprilis dlouho
pote, co byly vydany stabilni release prislusneho SW a pritom
muzu s klidnym svedomim rict, ze je to vse rock stable.

> 
> Tim padem jste zcela mimo misu a mrhate zde jen tim, co si "myslite".
> 
> A to je prave to nabozenstvi. Nepodlozene kecy a vasne.

Nepodlozene proto, ze nepouzivane, myslel jsem, ze me nekdo
doplni. Poctive jsem priznal, ze neco nevim jiste a doplnil jsem
sve mineni o te veci. OK, jestli je tohle nabozenstvi, pak jsem
tedy nabozensky fanatik. Kazdopadne jste mi muj nazor ani
nedoplnil, ani jste mi ho nevyvratil, jen jste mi ho napadl, coz
nepovazuju za korektni debatu.

Me zase vadi tato vase veta:

<citace>Je videt, ze jste to *nikdy* nezkousel. Ja ano.</citace>

Bez konkretnich argumentu, skryta hrozba. Jedna z moznych
interpretaci, nebo zamer? Mozna proste styl debaty, protoze
i v ostatnich pripadech se mi od vas spise argumentu nedostava,
nez ze by prebyvaly.

A protoze jsem se nedozvedel to, jak to funguje u testing-u se
security upgrady od vas, tak jsem si to nasel v Debian security FAQ:

Q: How is security handled for testing and unstable?

A: The short answer is: it's not. Testing and unstable are
rapidly moving targets and the security team does not have the
resources needed to properly support those. If you want to have
a secure (and stable) server you are strongly encouraged to stay
with stable. However, the security secretaries will try to fix
problems in testing and unstable after they are fixed in the
stable release.

Takze o bezpecnostni updaty se neprijde, akorat prioritne se
delaji do stable a potom teprve do testing-u a unstable (pokud se
to stihne). Vas nazor navrchu tedy pravdivy nebyl, nebo alespon
ne zcela. A predpokladam, ze muj argument o aktualizaci SW samymi
tvurci (tedy pokud je problem v SW a ne v balicku samotnem) taky
uplne mimo misu nebyl:

The "testing" distribution is an automatically generated
distribution. It is generated from the "unstable" distribution by
a set of scripts which attempt to move over packages which are
reasonably likely to lack important bugs. They do so in a way
that ensures that dependencies of other packages in testing are
always satisfiable.

A (particular version of a) package will move into testing when
it satisfies all of the following criteria:

- It must have been in unstable for 10, 5 or 2 days, depending on
the urgency of the upload;
- It must be compiled and up to date on all architectures it has
previously been compiled for in unstable;
- It must have fewer release-critical bugs than, or the same number
as, the version currently in "testing" (see below for more
information);
- All of its dependencies must either be satisfiable by packages
already in "testing", or be satisfiable by the group of packages
which are going to be installed at the same time;
- The operation of installing the package into "testing" must not
break any packages currently in "testing". (See below for more
information.)

A package which satisfies the first three of the above is said to
be a Valid Candidate.

(Zdroj: http://www.debian.org/devel/testing/)

Z tohoto je patrne, ze balicek opravujici bezpecnostni chybu muze
byt v testing-u teoreticky uz dva dny pote, co se objevi
v unstable.

Moje zkusenost s Debianem je tato: jestlize se neco nazyva
"unstable", pak neni pravda, ze by to bylo nestabilni, ale proto,
ze "prostredi distribuce" nemusi byt nutne uplne konzistentni,
ale co se podari nainstalovat (a ma splnene vsechny zavislosti)
tak stabilni je, alespon v te podobe, v jake to maji hotove
tvurci programu. A o security updates pro testing a unstable uz
tu bylo obsirne psano.

Takze tak.

Tim koncim, tva Mana (teda Honza Marek).
> 
> -- 
>                         Milan Kerslager
>                         E-mail: milan.kerslager na pslib.cz
>                         WWW:    http://www.pslib.cz/ke/
-- 
Ing. Jan Marek               | Nez mi poslete prilohu .doc, .xls 
University of South Bohemia  | nebo .ppt, prectete si, prosim,
Academic Computer Centre     | WWW stranku uvedenou na poslednim
Phone: +420-38-9032080       | radku signatury...
http://www.gnu.org/philosophy/no-word-attachments.cs.html


Další informace o konferenci Linux