Re: When stability is pointless
On Wed, Nov 05, 2008 at 02:41:52AM +0000, Sam Kuper wrote:
> Hi Doug,
> Thanks for your comments.
> 2008/11/5 Douglas A. Tutty <firstname.lastname@example.org>:
> > Or, are you saying that you are trying to implement a psad recipe from
> > the internet that doesn't apply to the version of psad supplied in
> > Ubuntu?
> Essentially correct. But not just any old set of psad instructions:
> the instructions provided on the psad website and in the developer's
> book on Linux firewalls. In other words, pretty much the most
> comprehensive set of instructions I could find.
And for older history:
As you can see, the Ubuntu package is maintained by the Masters of the
Universe. That is to say: it is basically a copy of the package from
Debian Testing (or is it Unstable) close to the time of the release.
> > For all Ubuntu is based on Debian, I don't think it follows debian
> > policy. The policy manual says, basically and among other things, that
> > installing a package should result in that package working
> > out-of-the-box in some fashion only needing tweaking by the sysadmin.
> Define "working" (or "tweaking"). My experience with some packages in
> Etch suggest that Debian sometimes has problems like this too.
What I mostly expect the distribution to do for me are the "manual
script" you find in HOWTOs. You should not need to install a set of
packages. That is why we have dependencies. You should not need to guess
a long command-line. If there is still a need for one it should be
scripted by the package maintainer or at least documented in
I have not heard of psad before. So I decided to just check that package
and see what it is about. I didn't have time to actually set it up.
One this that I could see in the README.Debian was that I need to edit
syslog.conf myself. This makes sense if I use sysklod . But it's silly
if I have a shiny new Lenny system with rsyslog. Result:
http://bugs.debian.org/504567 . I hope somebody actually picks it up.
Yes, this is a small thing. I could do it myself. But why should I
bother? Why should the 362 users of the package
(http://qa.debian.org/developer.php?popcon=psad ) bother do the same
> > I've never used psad but I would be very surprised if the problem you
> > experienced were to happen were you running Debian Stable.
> You may be right. Perhaps I should go back to Debian Stable. But one
> of the reasons I switched to Ubuntu was to minimise the gap between a
> package being deprecated by its developer and deprecated by its
> maintainer, in an effort to avoid precisely the sort of problem I
> outlined in my post.
> > Since Ubuntu is based not on Debian Stable but on (I think) Unstable, I
> > don't know how one can consider any Ubuntu release to be stable.
> Ubuntu has LTS (Long-Term Support) releases, which roughly translate to Stable.
And they are released roughly as often as Debian stable versions are
Tzafrir Cohen | email@example.com | VIM is
http://tzafrir.org.il | | a Mutt's
firstname.lastname@example.org | | best
ICQ# 16849754 | | friend