I'll take up the challenge (since I've got some time here)! Paul Lussier opined: > > >You keep mentioning "the Debian repository". I'd like to point out >that what the sources.list file *usually* points at is not just a >repository or collecition of sw that has been packaged up in .dep >fashion. Rather, it is actually a mirror of THE DISTRIBUTION itself. >
Also, mine here at home points to other "non-distribution" packages (such as a nightly CVS build of wine). Yet, it works great (for reasons below). >My point is that Debian has significantly more packages IN THE >DISTRIBUTION than any other distribution. They have a set of very >strict guidelines which dictate who can maintain packages and which >packages make into the distribution than does RedHat. This is where >the "responsibility hierarchy" I previously mentioned comes from. It's called Policy (see package debian-policy). As long as the packages are built in accordance to policy (and tools like lintian and debhelper are used to build and check that it's so), the package will play well with the distribution. This policy is the second of the reasons that debian upgrades so well (the dpkg and apt tools are the first). Policy includes such things as maintainer contacts, how things interact, how dependancies are specified, etc. > >RH may well have package maintainers who are responsible for the >packages in their distribution. However, there is a significant >amount of sw available for RH which is NOT part of their >distribution. For this sw, there is essentially no way to hold >anyone responsible if there is something wrong with the way it's >packaged, etc. Yet, the same sw is very likely to actually be a part >of the Debian distribution. As a result, if you determine that >there's a problem with the package, you have recourse you can take. >I.e. you can contact the package maintainer, failing that, you can >contact other Debian maintainers, and keep working yourself up the >chain until you may actually get the package marked or put on hold >until the problem is fixed. If you're pointing at the testing or >unstable releases, you may be able to get the package pulled until a >fix is available. Another nice thing is the number of packages each maintainer maintains. I did a check once, and I think the average was around 2-3 packages (definitely under 10). Thus, each package gets a lot of dedicated attention. Not certain how many folks Red Hat, Mandrake, etc, have, but I doubt they have enough to give every other package their own dedicated maintainer. Nothing against the commercial distributions, but there's a limit to how much money they can spend (i.e. they have to make money). Debian can do it because they assumed they'd have most packages maintained by a distributed set of volunteers, and built the policies, got them agreed to by the volunteers (who also wrote them), and everyone basically follows them. They also don't have to worry about paying the volunteers (obviously). It's sort of like Linux on a higher, more formalized layer. Note that testing now has over 7,000 packages (according to a quick apt-cache stats, and subtracting non-distribution packages I download) > >With RH, this is basically impossible. If you find a problem with a >package not in the core distribution, what recourse do you have? You >*might* be able to contact the maintainer, but that's about it. >There's no way to make sure rpmfind notifies everyone looking for >that package that there's a problem. Even notifying Bugtraq wouldn't >be good enough, since most people have no idea what that is. > >Okay, I'm done with this debate now. Someone else wanna take over >for me? I need a nap or something. Coffee just isn't doing it for >me this morning ;) >-- Glad to help jeff --------------------------------------------- Thought for the day: On the 11th day of the 11th month, they declared an armistice, ending "the war to end all wars." ***************************************************************** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the text 'unsubscribe gnhlug' in the message body. *****************************************************************
