On Sb, 10 iul 21, 06:51:43, Brian Thompson wrote: > On Sat, 2021-07-10 at 13:43 +0200, tv.debian@googlemail.com wrote: > > Hi, Debian unstable with bits of experimental here > > Is it (usually) wise to intermix different suites? It depends :) In my opinion I'd say the order from less to more dangerous would be: 1. stable + select packages from stable-backports Generally quite safe, though security support for -backports is on best-effort basis and could be delayed for various reasons. 2. oldstable + select packages from oldstable-backports-sloppy Package versions in -backports-sloppy are also from testing, so an upgrade from oldstable to stable is much more likely to run into issues if you start with this mix. Besides, oldstable only receives security support for one year after the last stable release, to allow sufficient time to prepare the dist-upgrade. This mix makes sense e.g. if you intend to keep running a system on oldstable for a very limited time (a few moths or so), that will then be decommissioned, reinstalled etc. instead of dist-upgraded to stable. 3. testing + select packages from unstable Testing doesn't have any direct security support, but security fixes should be migrated faster from unstable. Whenever this is not the case (why?), it could make sense to upgrade specific packages. Similar considerations for bug fixes, in expectation that the package will eventually migrate to testing. Be prepared to handle the situation where the package will not migrate as expected (or ever). 4. unstable + select packages from experimental Experimental is an incomplete suite (same as -backports), it can only be used on top of something, typically unstable. Packages in experimental can be everything from (surprise!) experiments that will never make it to unstable, test packages long forgotten that might not even install properly on any recent Debian, pre-releases of newer upstream versions (yummy!), to release-quality packages that are uploaded there instead of unstable during the freeze (as per Release Team's policy). The -backports (-sloppy probably as well) and experimental archives are treated specially by APT, no additional configuration should be necessary for the typical use case mentioned above. For combination 3. you probably want to use a setup similar with -backports for security upgrades and something similar to experimental for bug fixes. Understanding of APT pinning is a good prerequisite for such a setup, which is why I'm intentionally vague. ;) Of course, one way to learn is by actually trying it and breaking stuff (as most of us probably did). At a minimum you should avoid doing this in "production" (whatever that means for you). > I guess it wouldn't matter > that much for bits and pieces of experimental in unstable since you are already > in agreeance with having an unstable system to begin with. Experimental can be way more dangerous than unstable, see above. Most (but not all!) packages in unstable are meant to eventually migrate to testing and then become part of the next stable release. > I wanted to do the same thing with getting testing security updates into > unstable, but I didn't think that was wise (plus it's the other way direction). It's unclear to me what exactly you meant with this, but I think I addressed it above anyway. Kind regards, Andrei -- http://wiki.debian.org/FAQsFromDebianUser
Attachment:
signature.asc
Description: PGP signature