* Justin Wells said: > > Potato is unstable. Unstable is, by definition "fragile". No one running a > > production machine is ever encouraged to use packages from unstable. > > I'm not complaining that it actually crashed here, so much as I am > complaining that this is just a disaster waiting to happen, whether > potato is marked stable or unstable--it's fundamentally in there. And, as I said before, dynamic linking can break anywhere, not only in an unstable distro. [snip] > So, I have been running Linux systems for five years now, and administered > all kinds of Unix stuff, and generally consider myself to be an experienced > Unix person. > > So what the F*!@<+ is going on, where are static binaries? Why aren't they > installed by default? Why aren't they used by core system tools? > > Let's look at other OS's: RedHat has, by default, a suite of static > binaries installed just for this purpose--including a static rpm. > Solaris has a bunch of static stuff in /sbin. All the BSD systems slackware had them from the beginning as well... > > While staticly linked binaries would have avoided the recent brokenness in > > bash. It is not the solution to a "fragile" development process. > > Yes it is, because bash is a hugely complicated and large program that > changes regularly. Eliminating a fundamental dependency on that, for > everything the installer does, is an enormous reduction in the number > of failure points. Huge. Exactly. And if the posix compliance is an issue, then ash should be used. The problem is that many scripts have a lot's of bashisms in them, but that is being dealt with right now, as I recall. > The existence of dependencies such as this one makes the whole thing > fairly fragile, subject to being broken every time some human makes > an error in its vicinity. Since humans are prone to make errors, that > makes things fragile. And a standard shell linked to ncurses... It gives me creeps, frankly... > It also makes a running Debian system fragile, because unless I went > out of my way to install the sash package, I'm going to be unable to > recover. That's why sash should be there as a part of a base system and with an already configured bootmanager to enable it's use after reading the initial README of the Debian distro. marek
Attachment:
pgpmX0dDckz7r.pgp
Description: PGP signature