Debian distributions (was: [exim] Re: which linux for exim)

Góra strony
Delete this message
Reply to this message
Autor: Marc Haber
Data:  
Dla: exim-users
Stare tematy: [exim] Re: which linux for exim
Temat: Debian distributions (was: [exim] Re: which linux for exim)
On Wed, 21 Sep 2005 07:49:12 +0300, Jari Aalto <jari.aalto@???>
wrote:
>1) Run "testing". You get almost all new features in timely manner. No
>breakage. Nowadays security team supports testing as well:
>
> ...Supporting Testing Security. Joey Hess announced the beginning of
> full security support for Debian's testing distribution. The Debian
> testing security team has spent the past year building the team and
> creating infrastructure. Advisories for security fixes will only be
> announced for updates that are made available through the new
> repository and don't reach testing through normal propagation from
> unstable. <http://www.us.debian.org/News/weekly/2005/37/>


Once testing security support has proven that it actually works, that
might be an option for people who can afford frequent updates.

>2) It is _very_ rare to encounter breakage even with "unstable". If
>some package breaks during upgrade, within week there is a correction,
>because developer will provide fix quickly for these high level bugs.


Relatively quickly. Just for the record: I am an experienced Debian
developer, and I am running stable+very conservatively selected
backports on my publicly visible hosts. My desktop boxes all run
unstable, but they're neither publicly visible, nor do I depend on
them running. If one breaks, I can use another until the breakage has
been fixed.

I advise against running unstable for anybody who is not extremely
familiar with Debian innards.

>For the record: that may happen 1-3 times a year but, not necessarily.
>It depends how you run you run apt-update(1): it might be bad luck to
>get that "wrong" version. If updated a week later, a newer version in
>the update repository would have solved the problem.


And in case of a mistimed update, a productive server might be down
with the admin unable to fix because of lack of knowledge. Don't.

>3) Running "stable" is obsolete by all standards if stable means
>running secure web server, feature rich MTA with virus scanners up to
>date and other spam tools. Until Debian comes with a plan of about 6
>month "stable" releases, don't count on this branch.


This is bad advice. Volatile exists as an addition to stable which
will keep your filtering tools up to date.

>But if "stable" is used (works also for testing), there are methods to
>selectively be up to date with particular important packages It's
>called APT pinning.


This is even worse advice. Using packages from unstable will pull in
libraries from unstable, which will have you end up combining the
disadvantages of stable with the disadvantages of unstable. Don't.
Don't for yourself, and BY ALL MEANS DON'T recommend this dangerous
and badly adviced practice to newbies.

>Use (1) for servers.


This is - at the current state of affairs - bad advice.

>Keep some package more up to date from unstable
>with the "pinning" technique.


This is worse advice.

>Works great.


And that's an outright lie. Anyone who says that disqualifies his own
judgement for not seeing the _BAD_ disadvantages.

Greetings
Marc

-- 
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber         |   " Questions are the         | Mailadresse im Header
Mannheim, Germany  |     Beginning of Wisdom "     | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834