Your message dated Thu, 1 Oct 2015 10:41:40 +0100
with message-id <[email protected]>
and subject line Re: [Aptitude-devel] Bug#668876: fetch from
snapshot.debian.org if package not found.
has caused the Debian Bug report #668876,
regarding fetch from snapshot.debian.org if package not found.
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
668876: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668876
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: aptitude
Version: 0.6.6-1
Severity: wishlist
I suggest, when aptitude doesn't find a package in all mirrors, it
should automatically look out in snapshot.debian.org to fetch the package.
The same should be implemented in all apt implementations like software
centre (it uses APT python right?), apt-get, synaptic etc...
--- End Message ---
--- Begin Message ---
tags -1 + wontfix
stop
2012-04-15 14:30 FOSS tech. support:
On 04/15/12 15:31, Axel Beckert wrote:
Hi,
FOSS tech. support wrote:
I suggest, when aptitude doesn't find a package in all mirrors, it
should automatically look out in snapshot.debian.org to fetch the
package.
I don't think that's a good idea:
It circumvents the package signing as AFAIK APT and friends just look
on the signature of the package lists and hashsums, not on the
individual package signature -- that's just done before including a
package in the archive.
Additionally, if a package is not on the mirrors, but on snapshot.d.o,
it's very likely outdated and shouldn't be installed for that reason
unless explicitly wanted.
And snapshot.d.o is likely not capable of coping with the load this
would cause as it is not meant to be a mirror.
OTOH adding some user interface for explicity retrieving packages from
snapshot.d.o shouldn't hurt. But that depends a lot on the actual user
interface and is hence not likely generalised (except may be the
downloading backend).
So it'll be disabled by default.
I've found this to be problematic on desktop systems where upgrading
requires HUGE volumes of downloads and sometimes breaks the system (I
know testing is testing...), so the user may prefer not to upgrade.
Instead of directly fetching, I think links to snapshot.debian.org
should be added in source.list automatically... but by default this'll
be disabled. What do you think?
As Axel said, the purpose of that service is not to serve as a catch-all
of problems in the mirrors.
I am not sure which is the concrete problem that desktop systems
upgrading requiring huge volumes of downloads cannot get them from
mirrors, but mirrors are much better suited than snapshots. In fact, if
you need to download the same content again and again from mirrors for
say >20 computers every day (and that's what's causing the massive
amount of downloads), you probably should set some local mirror of the
packages that you really need; you update on demand and in sync.
From your comment "testing is testing" I deduce that you are using
testing, which by nature is a volatile distribution. If one does "apt
update" just before the other operations, packages should be there
except packages in transition, and if you include those in
operations... well, yes, testing is testing :-)
For about 2 months now testing is quite broken for some people, due to
nasty library transitions and some specific problems of KDE, so not
finding packages in the mirror is not a big problem in comparison.
If package A depends on package Bdep and Bdep is not available and
cannot be installed, there are some chances that the package had
security problems or is rc-buggy and does nasty things on your system,
and that was why it was retired soon and without a proper transition.
So installing it anyway would be a disservice to users, as Axes said.
If this is implemented as a "ad-hoc download" (like with wget), the
verification that the package is trustable wouldn't happen. If instead
snapshots was enabled in every system to retrieve the package just in
case, even if it wouldn't be downloaded by default, the list of packages
available would be retrieved by tens or thousands of people every day,
would not work and would bring the server down (even if it's in one of
the fastest networks probably in the world, either network or server
hardware would be overloaded).
So in summary, this is not a good idea to solve the problem in this way.
If one wants a system without such hiccups, one should use stable or
backing it with local mirrors.
Marking as +wontfix and closing, because after more than 3 years it is
clear that this is not going to be addressed anytime soon.
Cheers.
--
Manuel A. Fernandez Montecelo <[email protected]>
--- End Message ---
_______________________________________________
Aptitude-devel mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/aptitude-devel
