Re: potential damage to Debian "stable" when installing packages from "testing"
On 12/08/2016 08:53 PM, Rob van der Putten wrote: > Hi there > > > On 08/12/16 16:27, Alex Mestiashvili wrote: > >> 0) backport it yourself. It is not that hard to dget a dsc file from >> testing and try to build it for the current release. Often works without >> additional efforts. > > That's what I do. I'm rather blunt about it; > 1. Does it compile? > 2. Does it install? > 3. Does it work? > 4. Am I still happy about it after a while? > > Recently I ran into some squid and libcap3 problems; > http://www.sput.nl/software/squid/squid-backport.html > > According to a friend it's OK to replace the maintainer supplied symbols > file with the generated one. And the libcap3 does indeed compile and > build a package. > I'm considering building Squid with it and want to name the new package > 3.5.22-1~bpo8+2 instead of 3.5.22-1~bpo8+1. > Is this possible and how do I do this? > > > Regards, > Rob You just will need to add or rename the current version in debian/changelog file. I'll suggest not to use +2 suffix but rather something which will not overlap with a new official backport version, for example ~local. It is important to note that the version of your locally build package is less than the new version from backports, so the new official version will be installed automatically when released and you will not stuck forever with the old one. Just out of curiosity I tried to build squid from testing for jessie, here is the log: https://paste.debian.net/901373/
Re: Re: potential damage to Debian "stable" when installing packages from "testing"
> 0) backport it yourself. It is not that hard to dget a dsc file from > testing and try to build it for the current release. Often works without > additional efforts. The great debian-reference has a guide to doing that: https://www.debian.org/doc/manuals/debian-reference/ch02.en.html#_porting_a_package_to_the_stable_system
Re: potential damage to Debian "stable" when installing packages from "testing"
Hi there On 08/12/16 16:27, Alex Mestiashvili wrote: 0) backport it yourself. It is not that hard to dget a dsc file from testing and try to build it for the current release. Often works without additional efforts. That's what I do. I'm rather blunt about it; 1. Does it compile? 2. Does it install? 3. Does it work? 4. Am I still happy about it after a while? Recently I ran into some squid and libcap3 problems; http://www.sput.nl/software/squid/squid-backport.html According to a friend it's OK to replace the maintainer supplied symbols file with the generated one. And the libcap3 does indeed compile and build a package. I'm considering building Squid with it and want to name the new package 3.5.22-1~bpo8+2 instead of 3.5.22-1~bpo8+1. Is this possible and how do I do this? Regards, Rob
Re: potential damage to Debian "stable" when installing packages from "testing"
On 12/08/2016 02:14 PM, Greg Wooledge wrote: > On Thu, Dec 08, 2016 at 01:58:18PM +0200, Martin T wrote: >> let's say that I need a package named "weechat"(version 1.6-1) from >> Debian "testing": > > Let's not say that. > > Let's instead say "I am running jessie, but jessie's version of weechat > (1.0.1-1) is missing some features I need. What should I do?" > > The next step then is to look at jessie-backports. There is a newer > version of weechat (1.5-1~bpo8+1) in jessie-backports. So try that > one. > > If that one STILL isn't new enough for you, then you have two choices: > > 1) Install weechat yourself from upstream source code. > 2) Upgrade your entire system to stretch (testing). > 0) backport it yourself. It is not that hard to dget a dsc file from testing and try to build it for the current release. Often works without additional efforts.
Re: potential damage to Debian "stable" when installing packages from "testing"
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, Dec 08, 2016 at 08:14:08AM -0500, Greg Wooledge wrote: [...] > > # apt-get install -t testing weechat [...] > BAD! BAD! BAD! Somewhat disagree: not really bad, but definitely dangerous. Whoever does this should look out for some breakage and "interesting times" (FWIW I'm running a Frankendebian right now, with a mix of stable and *unstable*. It's usable, but I gotta watch out for several things. Among other, aptitude totally freaks out when told to install anything :) > > I guess one should not worry about new packages? > > You should ABSOLUTELY worry about the UPGRADED pacakges! Especially > when one of them is libc6. That will affect basically EVERY program > on your entire system. Yeah, libc is definitely a tough one (FWIW again, my libc6 does come from unstable: but I must admit I had to *gulp* before taking that plunge. It turned out much easier than I expected, but that will totally depend on the set of packages installed) > You should NOT do this! My point of view: you should totally do this, but only if you *know* what you're getting into and if you know you'll enjoy the ride. Some experience on how Debian works, some raw will to tinker and being prepared to jump into the lifeboat (you got good backups, have you?) are essential. > Mixing testing and stable sources produces what we call a frankendebian. > It is an unsupportable mess. It is not a question of whether it will > break, but rather HOW SOON it will break. That's how my work environment has looked for the last ~10 years. Rock solid. But you better be prepared for some tinkering, and have your lifeboats ready (something you've got to have anyway, because... your hardware might as well explode under you). Apart from that I agree 100% with Greg. And if you don't want to delve in your distro's innards: keep to stable (or at most, to late testing, but that's already dipping your toe in the water, that's how it started out with me and see where I am now ;-) > This is why we have jessie-backports. Agreed. An awesome service. regards - -- tomás -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlhJZtYACgkQBcgs9XrR2kZpowCfZJI3XncBUm4apCvCLFLGHEjn KqYAnR5Dj4hO7vAxoVZtAvlpoBAN9Ma2 =vqfb -END PGP SIGNATURE-
Re: potential damage to Debian "stable" when installing packages from "testing"
On 2016-12-08, Martin Twrote: > Hi, > > let's say that I need a package named "weechat"(version 1.6-1) from > Debian "testing": > > # apt-get install -t testing weechat > Reading package lists... Done > Building dependency tree > Reading state information... Done > The following extra packages will be installed: > binutils libc-bin libc-dev-bin libc-l10n libc6 libc6-dev libgcrypt20 > libgnutls30 libhogweed4 libncurses5 libn > weechat-curses > Suggested packages: > binutils-doc glibc-doc rng-tools gnutls-bin weechat-doc > Recommended packages: > manpages-dev weechat-plugins > The following NEW packages will be installed: > libc-l10n libgnutls30 libhogweed4 libnettle6 > The following packages will be upgraded: > binutils libc-bin libc-dev-bin libc6 libc6-dev libgcrypt20 > libncurses5 libncursesw5 libp11-kit0 libtasn1-6 li > 16 upgraded, 4 newly installed, 0 to remove and 511 not upgraded. > Need to get 18.7 MB of archives. > After this operation, 8,111 kB of additional disk space will be used. > Do you want to continue? [Y/n] n > Abort. > # > > I guess one should not worry about new packages? However, as seen > above, such operation would upgrade some packages which are > dependencies for many other packages. For example libc6, libgcrypt20 > or libncurses5. What are the consequences with that? I would guess it > shouldn't cause problems because (usually) dependencies require > version x OR higher. For example libc6 (>= 2.14) or libgcrypt20 (>= > 1.6.1). > > > > thanks, > Martin > > "Debian Stable should not be combined with other releases. If you're trying to install software that isn't available in the current Debian Stable release, it's not a good idea to add repositories for other Debian releases. The problems might not happen right away, but the next time you install updates." [1] Fortunately, a later version of weechat is available from debian-backports.[2] That would be a much safer choice. 1: https://wiki.debian.org/DontBreakDebian 2: https://backports.debian.org/ -- Liam
Re: potential damage to Debian "stable" when installing packages from "testing"
On Thu, Dec 08, 2016 at 01:58:18PM +0200, Martin T wrote: > let's say that I need a package named "weechat"(version 1.6-1) from > Debian "testing": Let's not say that. Let's instead say "I am running jessie, but jessie's version of weechat (1.0.1-1) is missing some features I need. What should I do?" The next step then is to look at jessie-backports. There is a newer version of weechat (1.5-1~bpo8+1) in jessie-backports. So try that one. If that one STILL isn't new enough for you, then you have two choices: 1) Install weechat yourself from upstream source code. 2) Upgrade your entire system to stretch (testing). > # apt-get install -t testing weechat > Reading package lists... Done > Building dependency tree > Reading state information... Done > The following extra packages will be installed: > binutils libc-bin libc-dev-bin libc-l10n libc6 libc6-dev libgcrypt20 > libgnutls30 libhogweed4 libncurses5 libn > weechat-curses > Suggested packages: > binutils-doc glibc-doc rng-tools gnutls-bin weechat-doc > Recommended packages: > manpages-dev weechat-plugins > The following NEW packages will be installed: > libc-l10n libgnutls30 libhogweed4 libnettle6 > The following packages will be upgraded: > binutils libc-bin libc-dev-bin libc6 libc6-dev libgcrypt20 BAD! BAD! BAD! > I guess one should not worry about new packages? You should ABSOLUTELY worry about the UPGRADED pacakges! Especially when one of them is libc6. That will affect basically EVERY program on your entire system. You should NOT do this! Mixing testing and stable sources produces what we call a frankendebian. It is an unsupportable mess. It is not a question of whether it will break, but rather HOW SOON it will break. This is why we have jessie-backports.