Like I said, I haven't had any real problems except the ssl/ssh thing.
A quick query to debian-security provided me with some solutions.
There are some things that help minimize the risks: follow the
mailing list and newsgroups; check the websites often; do an 'apt-get
upgrade' but don't download anything if it seems like an awful lot
is to be downloaded, which usually means a change in libc or X,
which could have serious consequences. It's kind of a game of
Russian roulette I suppose, which apt-get is gonna bite me sort of
thing. But it's really not that bad.
If you look at the packages in "unstable", they're really the latest
"stable" release from the source's source. For example, Apache 1.3.19,
mysql 3.23.37, etc. This is the code the coder recommends. I mean, why
would someone even attempt to make a package out of bad code? I trust
most of the Debian development team to make good choices when it comes
to releasing packages, even in the "unstable" branch. A package could
be unstable because, well, making a binary package that will work with
unknown combinations of other binary packages is a bit complicated.
I have seen other very minor problems, like files in the wrong place
(once), and other stuff that is the result of packaging itself, like
dpkg not running the install script the first time. This kind of stuff
is what made me seek out a new OS. I mean, OpenBSD is running Apache
1.3.19, mysql 3.23.37, glib/gtk+ 1.2.10, and other current code in
their new release. Sure, they don't have packages for every binary
on the system, but it works. Major upgrade every six months, minor
patching in between. I got sick of having to update the whole damn
libc binary package with Debian potato after the third time. I guess
it's not so bad when I have to update a bunch of junk in "unstable",
because, well, it IS "unstable", and at least I have current software :)
Following your favorite distro's "unstable" has other advantages.
You know what will be in the next release, which is what most people
will be running. You already know how that stuff works, so you can
act like a big shot on mailing lists :), or at least tell others
what to watch out for when upgrading. It's also great for advocacy,
"Are you switching to XXX? The next release has blah blah blah ...".
But probably most importantly, you do have the chance to discover
bugs and report them.
I won't follow OpenBSD's "-current" branch until about a month before
the tree freeze. When you squeeze six months of updating everything
from libc to perl to X into 3 months of coding, things can be a little
rough. There have already been major changes in the tree for
2.9-current, and 2.9 hasn't even been released yet. But in about
3 months, there will be a call for testers, to try out the new code,
and help discover the bugs that the developers hadn't noticed. I
didn't pay for the software, the least I can do is see if I can
use it, and let them know what happens.
<[EMAIL PROTECTED]>
On Mon, May 14, 2001 at 10:17:19PM -0700, Cory Petkovsek wrote:
> Jacob, I don't mean to pry, but doesn't running code labled 'unstable' defeat the
>purpose of running a stable operating system? Sure the kernel never crashes, only
>your apps do, but it seems to me that the benefit to running CVS or unstable software
>(new features) is not worth the instability, the KNOWN (and unknown) bugs, dependency
>problems and conflicts (such as your description below).
>
> ;)
>
> On Mon, May 14, 2001 at 07:34:55PM -0700, Jacob Meuser wrote:
> > Depends how you define stable. The biggest problem I've run
> > across was a OpenSSH (I guess Debian still calls it ssh) binary
> > built against a different OpenSSL (or as Debian calls it, ssl)
> > library. Not too big of a deal, just rebuild OpenSSH locally.
> > But that's when I found out that to build OpenSSH on Debian,
> > you need gimp libraries, which was kind of lame.
> > I'm using it on my laptop, which I haven't been using much
> > lately, due to the cracks in the screen :(
> > I was updating daily (usually about 5mb or so a day, I have
> > a lot of packages ;) for about 6 weeks, and the ssh problem
> > was the only one that caused me some downtime.
> > I imagine there were and are things that don't work quite
> > as well as they could, but I haven't used them at the time
> > they were b0rked.
> >
> > <[EMAIL PROTECTED]>
> > On Mon, May 14, 2001 at 11:46:46AM -0700, Rob Hudson wrote:
> > > How stable is sid? Didn't they have a freeze a while back?
> > >
> > > > On 20010514.1136, Jacob Meuser said ...
> > > >
> > > > Or sid, well I follow "unstable" to be exact. Works well at this
> > > > point in time. The first few attempts a couple months ago were
> > > > pretty shoddy, but it works well now. Also note the recent
> > > > switch from 4.0.2 -> 4.0.3, so there may be some kinks again.
> > > >
> > > > <[EMAIL PROTECTED]>
> > > >
> > > > On Mon, May 14, 2001 at 10:07:12AM -0700, Ben Barrett wrote:
> > > > > Rob, just use woody instead of potato : )
> > > > > 'works fine for me -- only complaint is that KDE starts
> > > > > by default, not enlightenment...
> > > > >
> > > > > ben
> > > > >
> > > > >
> > > > > On Mon, 14 May 2001, Rob Hudson wrote:
> > > > >
> > > > > > Anyone tried the debs for X4? I think branden [1] has some of X4.0.3,
> > > > > > but was curious how well they work. I've done the binary install of
> > > > > > X4 before, but if the debian install is better, I'll give that a shot
> > > > > > (I'm rebuilding my system).
> > > > > >
> > > > > > Thanks,
> > > > > > Rob
> > > > > >
> > > > > > References:
> > > > > > [1] http://people.debian.org/~branden/
> > > > > >
> > > > >
> > > > >
> > > >
> > >
> > >
>
>
