[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [mailinglists] Re: Trusting Backports and unofficial Repositories

FWIW, I run woody + bunk-{1,2} backports plus a very selective few
backports.org backports.  And then I have a fair number of backports I've
done myself.  And download.kde.org :-)

> that's fine and it may work well for you, but telling yourself that it is
> still 'stable' (or even that it is any more stable or reliable than
> 'unstable') is pure self-delusion. 

While what you say is true, there is a decent chance that if you break
something you'll only break whatever app(s) you upgraded.  So if I run
spamassassin from backports.org (or from Adrian Bunk's backports or
wherever), hopefully you can back that change out and still have a
functioning system.  I've run unstable in the past and managed to get to a
state where I can't bootup after an upgrade and now I get to reinstall from
scratch.  And once I've done that, what next?  Try running unstable again?
I've probably had this happen 2-3 times since 1997 or so, so maybe that's
not too bad.  But downtime is very costly for me and I'm sure many others.

> what you have is an untested and unique hybrid, that is quite different
> (possibly in subtle bug-inducing ways) from ANYONE else's system.  you're
> the sole guinea-pig for your combination of packages and versions, so
> your ability to benefit from other people's experiences and reports is
> reduced.

True...  If you limit the backports you run, hopefully you have the option
of backing all of the way out to stable.  Not really possible without a
reinstall if you're running unstable.


> ps: another point about "unstable" - nothing is ever forcing you to
> upgrade when you don't want to.  if your latest unstable upgrade has all
> your packages working exactly as you want and there are no bugs or
> security holes discovered that bother you and there's no new features
> that you need or want, then don't upgrade until you need to.  in short,
> "if it's working, don't fix it".
Right, but then you do want some new version of some package - say KDE
3.2.x, and you do an "apt-get upgrade" to get it, and suddenly you're
upgrading every package on your system.  Running a backport from
download.kde.org does not have this effect - an apt-get upgrade will
upgrade only kde + dependencies.  The depndencies are surprisingly few most
of the time, although recently xfree 4.3 got added to that mix.

> also, you don't have to do a full upgrade to unstable.  you can upgrade
> just what you need and only the packages you specify plus any required
> versions of dependancies will be upgraded (usually the exact same
> dependancies that would be required by any backports upgrade, except that
> they're official debian packages rather than unofficial and unsupported).
> the rest will stay as they were.
Honestly, most of the backports packages are compiled against stable
libraries where possible so you end up not upgrading nearly as much.

> so, who needs backports when debian's package management tools and ftp
> archive already caters for that need, and has done so nearly from the
> start?

The fact that they exist and that anyone is participating in this
discussion means that there is some need for them in my mind.  (Or some
need for something other than stable, testing, and unstable.)  I don't mind
running unstable in general, but the couple of times that things have
broken badly on me it's been really really bad.  Maybe apt-get needs a
capability like cvs where you can say "apt-get upgrade -D last Tuesday" so
you can hit what was a stable version of unstable when you do upgrades ;-)

Take care,
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
pgp key available

Reply to: