Hi, I appreciate Boyd's enthusiasm but I hope he will be a bit careful checking facts and learn best practices.
On Wed, Jul 08, 2009 at 01:45:56PM -0500, Boyd Stephen Smith Jr. wrote: > In <20090708155214.ga5...@osamu.debian.net>, Osamu Aoki wrote: > >On Wed, Jul 08, 2009 at 10:41:44AM -0500, Boyd Stephen Smith Jr. wrote: > >> In <90bb445a0907071607k26d7720fwf19c65e91c501...@mail.gmail.com>, Akira > >> Kitada wrote: > >> >So here's my question. How can you manage new softwares while keeping > >> >the system stable? > >> >Using packages from backports.org or Sid? Do you build .deb packages > >> > yourself? Can you keep the Lenny's intact? ... > >> You can choose the version from backports, testing, sid, or experimental > >> through the aptitude curses interface, or by using 'aptitude install -t > >> $release $packages' or 'aptitude install $package=$version'. > > > >"You can install a package" is different from "you can get reliable > >system". This type of reckless comment is dangerous as advise to > >general public. (Boyd knowing well, he may be OK) I was once reminded > >by other DD when I made similar remarks... > > It's true that a mixed system isn't completely supported. This is important and there is reason for this :-) > However, ... I know it works mostly ... but this is not something novice user should be casually advised to do without knowing how to judge when to do it. > The main difficulty I've encountered when running a mixed system is that > 'aptitude safe-upgrade' and 'aptitude full-upgrade' often need more advice > as to what to install. I found the aptitude curses UI quite valuable when > resolving those issues. If you throw up your hands and mail the list as > soon as aptitude can't auto-resolve an installation/upgrade to your > satisfaction, a mixed system isn't for you. sigh ... > >> If Sid/experimental doesn't contain a new enough package for you, find > >> it is some other signed repository, add it to your sources.list, set a > >> priority (200 maybe?) for it, and add the signing key to your apt > >> keychain. > >> > >> If it isn't in any signed repository, just install a .deb using dpkg, or > >> an .rpm via alien. If you *have* to compile to software yourself, roll > >> your own .deb; it's not that hard to make a minimal one so that the > >> software can be easily uninstalled and file conflicts can be detected. > > > >Oh.... you are going too far. > > The supported options are (a) don't install that software or (b) get that > software into Debian by becoming a Debian maintainer. Some people > can't/won't take either of those options. I do not share your idea .... there is many things you can do as non-DD such as making private backports. This is elaborated in my "Debian Reference" if you ever cared to read. > My advice is a third option. It is not supported, but it works quite a bit > better than doing all the work of a package manager yourself. Stow, > mentioned elsewhere in the thread, is also a great tool if there is no .deb > available, but it still leaves you having to fight with the ./configure && > make process which is not *always* trivial. I encourage much more careful approach to your system maintenance and advise to others. Osamu PS: Boyd seemed to suggest any signed archive can be used. I hope he will not find a malicious archive with a signature .... I know installing malicious package can easily erase his system. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
