Re: Why Linux, Why Debian
On Friday 13 February 2004 15:58, Wouter Verhelst wrote:
> Op vr 13-02-2004, om 00:09 schreef Manoj Srivastava:
> When you're running a -STABLE FreeBSD system, all that is -STABLE is
> everything in your 'make world', i.e. the base system, a compiler, and a
> number of tools, including (at least parts of) bind but, e.g., no
> webserver, X, or window manager; For the latter, you'll need to install
> them from binary releases either on CD-ROM (which will never be updated
> for obvious reasons) or downloaded from the 'Net (which will be updated
> along with the ports tree), or to compile them from the ports tree.
> There is, however, only one version of the ports tree. Whereas in
> Debian, you have multiple versions of, e.g., apache, KDE, and X11 -one
> for every suite with security updates for the stable suite- there is no
> such thing on FreeBSD. Although, of course, the port makefile will be
> updated if a vulnerability has been found in a given package, the only
> way to plug the hole on your system in such a situation is to install
> the new version of the package, with all possible problems that may
> cause. Compare to Debian, where you have the ability to install the same
> version of the software, with the security fix backported. Also, if
> you're working with a ports-installed version of the vulnerable package,
> you'll stay vulnerable for as long as the compilation runs, which may or
> may not be a considerable amount of time.
> This has benefits in other areas too, of course, although it is much
> cited as one of the problems of stable; but the benefits of this system
> should be pointed out too, I think.
I would like to add some experience from statistical point of view.
The FreeBSD port system is nice, but it is not so sane and safe in my opinion.
When you do major upgrades (between two releases), no matter how binary or
source you will always end up with poluted and somehow messed-up system, the
old stuff is not replaced as sane as in Debian, then you will try to fix the
things up using portupgrade/portinstall/fixportdb utils and the like, and
these is no chance to to be that the system is clean as much as clean
reinstall from scratch. I thing that Gentoo portage polutes the system on
upgrade too. That's my experience with it.
I have a slink installation (yes, slink ! ;-) which was copied many times
around my machines and the were upgraded for years and I'm scared to imagine
how many hours were safed to me not to reinstall from scratch. I can not say
the same for upgrading FreeBSD 3.x - 4.x even with extensively reading and
knowing by heart the UPDATING file with the exclusive steps one should do
they carefully supply. No consistence or reliable protocol for upgrades like
those found in debian.
On the other hand I don't know what the definiton of "source based distro" is,
but when doing local builds I do trust that locally built deb's will be
installed in a safe and sane way, replacing properly the old stuff. We all
know how to rebuild debian source packages with the present official tools.
The last kick-ass util is apt-fu (still unofficial) having lots of useful
pub 4096R/0E4BD0AB 2003-03-18 <keyserver.bu.edu ; pgp.mit.edu>
fingerprint 1AE7 7C66 0A26 5BFF DF22 5D55 1C57 0C89 0E4B D0AB