On Ma, 12 ian 21, 10:23:23, Michael Grant wrote: > Let's say I want to run 'testing' to be more on the edge to get the > latest and greatest of packages and to incrementally always be on top > of updates rather than having to do large release updates. But from > time to time there is a security update to a package which is newer, > or if something specific is broken, I may want to go back to a > specific version of something. What should I put in my sources.list? Obviously you need unstable in your sources.list to be able to pull packages from there, though you must pin unstable to a lower value depending on how you intend to handle such packages. How to do that is left as an exercise for the reader ;) I would recommend some value between 2 and 99, so that such packages are automatically updated once a newer version is available in testing. You should probably avoid 1 as it is the default value for experimental (should you ever need that too) and 100 would cause those packages to continue tracking unstable, even when not necessary anymore. Older versions of packages are available from the local APT cache or https://snapshot.debian.org, in most cases it shouldn't be necessary to add anything to sources.list. > I read all the argments here for running stable vs sid and I kind of > like being in the middle. I update my systems every few weeks or more > if necessary. I used to run stable+backports but there were things > that just took ages to get into backports, or never made it into > backports, but installing them from testing would suck in so many > dependencies that I would end up running testing or some weird hybrid. > I am considering changing things around though and going back to > running stable + backports and occasionally pulling something in from > testing but I am not sure yet, the dependency nightmare still looms in > my mind. Honestly I have been running testing for about 10 years now > in production and have had very few problems. > > As I read about this, it seems like it's not going to be possible to > run testing and pull in security fixes. Is it correct that security > fixes can only be applied to stable releases? Stable and oldstable (only for one year after the stable release) are the only distributions with official security support from Debian. Security support for testing is definitely possible (it was actually done for a while), provided there are enough people willing to do the work. At the moment this is done only on a best effort basis, by prioritising the package migration from unstable. However, there is no guarantee updated package are even uploaded to unstable in a timely matter, or the package migration could be blocked for reasons that you might not be able to circumvent just by forcing the update. Debian stable exists and works the way it is for a reason ;) > Or are the backports now so well up to date with testing that I > shouldn't worry about this and move back to a stable release? Just to make sure there is no misunderstanding: backports is meant only to augment stable with a few, select packages. Packages in backports are only tested in combination with stable and their dependencies from backports. There are no checks on how (apparently) unrelated backports might interact between themselves. There might be hidden issues, conflicts, etc. Kind regards, Andrei -- http://wiki.debian.org/FAQsFromDebianUser
Attachment:
signature.asc
Description: PGP signature