Re: When Debian 4.1 will arrive... will anyone care?
On Fri, Apr 20, 2007 at 06:28:26PM +1000, Craig Sanders wrote:
> On Fri, Apr 20, 2007 at 07:37:35AM +0200, Mike Hommey wrote:
> > On Fri, Apr 20, 2007 at 03:17:34PM +1000, Craig Sanders <cas@taz.net.au> wrote:
> > > IMO, if you need a 'stable' system with some newer packages, you're
> > > better off learning how apt's pinning stuff works than bothering with
> > > backports. it's not hard.
> > There is a very good reason to prefer backports over unstable/testing
> > packages got with pinning: the glibc.
> ooh. scary. when you put it like that, i can really understand why
> anyone ought to be terrified of apt & pinning.
> or maybe, just maybe, anyone running stable+some-from-unstable should
> actually test any upgrades on another machine *BEFORE* they install them
> on their production servers. new glibc or not.
New glibc is a reason why pulling packages from testing/unstable may not be
*possible*: each stable release in recent years has bumped the minimum
kernel version requirements for glibc, so someone who for whatever reason
needs to continue using a 2.4 kernel on their etch system cannot use the
glibc from lenny, so a backport would be needed. (FWIW, I think it's fair
to consider this a bug of Debian's shlibs system.)
> oddly enough, that's precisely what they should do before
> upgrading/installing any packages from backports too. and testing. and
> before upgrading from an old debian stable release to a brand-new debian
> stable release.
One thing is testing the package set before deploying it, another thing is
having a game plan for getting critical fixes (such as security fixes)
applied once deployed. The greater the number of packages you're pulling
from testing/unstable, the less you can rely on the availability of
targetted security fixes that can be deployed without pulling in other
behavior changes.
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
vorlon@debian.org http://www.debian.org/
Reply to: