[Grml] Re: Debian Etch and grml
Marc Haber
mh+grml at zugschlus.de
Tue Jan 16 12:48:13 CET 2007
On Sun, Jan 14, 2007 at 02:03:57PM +0100, Michael Prokop wrote:
> * Marc Haber <mh+grml at zugschlus.de> [20070113 14:15]:
> > On Mon, Jan 08, 2007 at 06:01:31PM -0700, s. keeling wrote:
>
> [Debian Testing]
> > > That's also the best place for a newbie to be.
>
> > I disagree with that. Testing might be broken once upon a time, and
> > when you're not able to fix this you don not belong on Testing.
>
> Especially as Debian testing does not get real security-support. :(
> That's not really relevant for workstations for me, but straight
> before a new stable release is available that's an important point -
> at least for me.
There is some kind of Security Support for Debian testing, by means of
the testing security team. Unfortunately, they're missing a lot of the
transparency I'd like to see from a security team, but that's nothing
new for Debian. I plan to blog about this in the near future once I
find the time.
Unfortunately, even stable security support has been somewhat
deteriorating since the sarge release, I hate to say. Especially in
the past few months, in more than one case a security fix has reached
testing by means of a normal unstable maintainer upload and normal
testing migration before the stable security team issued the fix for
stable. In theory, stable security could be much faster than a
maintainer upload since the stable security team has access to
embargoed vulnerability reports, which the normal maintainer does not
have. This is all quite disappointing :-(
> > Stable is the best place for a newbie to be.
>
> "If it works" (the "brand new hardware problem")
Yes, Debian needs to address this.
> and if the newbie does not need support from upstream (see my other
> mail for more details).
This is an issue, yes.
> > > Helping to test testing helps Debian produce sable.
>
> > Yes, but bug reports from newbies are seldomly useful. Which is no
> > offense to the newbie; isolating and reporting bugs is a form of art.
>
> Yes, at least regarding bug reports for package maintainers. ;) But
> newbies can often locate problems in software because they lack
> developer's "business blindness" (Betriebsblindheit). At least
> isolating bugs is usually possible even with newbies, especially if
> they have support on their side (instant messaging, irc,...).
If you have a quick means of communications, things can work, but
debugging via E-Mail with a newbie is a useless waste of time.
> > > That said, Debian's unstable is more stable than many distros'
> > > stable release.
>
> > Disagreed here. Especially in the period right after a stable release,
> > unstable's breakages can be horrible.
>
> The package freeze for Debian etch took place a few weeks ago. The
> unstable pool is "moving [nearly] as usual"
NACK. We did not have any library transitions for months, and new
upstream versions are being withheld.
> and I don't notice any serious problems - and don't really expect to
> find any when etch is out. :)
I remember the PAM breakage where login to an unstable system became
impossible. Without grml, I would have been in serious trouble back
then.
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835
More information about the Grml
mailing list