* Dale Scheetz said: > > Does anyone here take this seriously? > > > > Or is stability, reliability, and therefore cost-of-ownership a > > non-issue with the Debian group? > > > and have we stopped beating our wives? > > It seems to me that you have missed a fundamental point: > > Potato is unstable. Unstable is, by definition "fragile". No one running a > production machine is ever encouraged to use packages from unstable. Slink is as fragile as potato in that respect. > That said, lets look at your idea: > > While staticly linked binaries would have avoided the recent brokenness in > bash. It is not the solution to a "fragile" development process. How > different would the situation be if the staticly linked bash (upgraded > first to "guarantee" success of the rest of the install) was subtly broken > such that certain crucial install processes fail. Now you are in the same > boat as with dynamic linked brokenness. The conclusion drawn from it is that such a complex shell as bash should not ever be used as a single-mode shell either linked statically or not. SASH or ASH are more suitable for that. Less complex - less prone for "subtle" programming errors. And if a STANDARD shell is "subtly" broken, then it should never be used and relied upon. [snip] > The "problem" you are trying to fix is the frailty of human developers who > don't always do the "right thing". Debian deals with these problems by > having a publicly available "unstable" distribution, so that such problems > may be discovered by those willing to risk breaking their systems to find > them. It is not intended to provide the general user with the most > up-to-date packages, as some folks seem to want to believe. Hmm... still, the problem that was raised applies to all and every Debian version, not only to unstable - dynamic linking can break everywhere, not only with unstable. What does dynamic linking have to do with unstable releases? > If you still think there is need for an on-root rescue package, see the > recent discussion on the rescue package. It was finally decided (at least > this is the message I got from the discussion) that sash was already > delivered staticly linked and provide all of the tools necessary to > recover from most broken situations. Well, I didn't read that disccusion, lamentably, as I was on my vacation, but even if sash is used then init is still dynamically linked, and /bin/sh as well - and sash uses /bin/sh when it cannot manage otherwise. > Install sash and you should always be able to recover: > > ln -s /bin/sh /wherever/sash provided ln works. marek
Attachment:
pgpGWoy_S0Q1b.pgp
Description: PGP signature