On Vi, 18 iul 14, 13:32:19, Bob Holtzman wrote: > > deb http://security.debian.org/ wheezy/updates main contrib non-free > > is already in sources, a simple switch from debian.org to debian.net is > all that's required. True?
The security archive is handled specially and even http.debian.net recommends to not rely on third-party mirrors. > To recap and make *damned* sure I understand, > > deb http://ftp.us.debian.org/debian/ wheezy main non-free contrib > deb http://ftp.us.debian.org/debian/ wheezy-updates main contrib > non-free > > are replaced with > > deb http://http.debian.net/debian stable main contrib non-free(http > twice? doesn't look right) Because it isn't. 'wheezy' and 'wheezy-updates' are two different suites[1]. [1] terminology used in sources.list(5) > and the security and backports archives are unchanged except for the > switch to debian.net. No, don't do that. Let me try to explain: Debian has several suites that are relevant for a stable release. They can be identified based on the URL and the third component of a sources.list stanza deb http://mirror.example.com/whatever/ codename main ^^^^^^^^^^ This is the archive that holds all regular packages. Any Debian installation connected to the internet should have this in sources.list, to be able to install new packages and update to the latest point release. There are a few hundred mirrors all around the world providing this. Traditionally one would use a specific mirror directly (e.g. one geographically close to you). If you use the ftp.<your country code>.debian.org "mirror" you might actually be pointed to a different physical mirror every time, like is the case with ftp.us.debian.org. deb http://security.debian.org/ wheezy/updates main (optionally 'contrib' and 'non-free' if you use them) This is the security archive, used to publish urgent security updates. It's hosted on several Debian machines all around the worlds. Mirroring it is discouraged and even if you do want to use a mirror, *always* keep the canonical entry in your sources.list, as a backup (the mirror might get stale). Most packages initially published through the security archive will be included in the next point release. deb http://mirror.example.com/whatever wheezy-updates main (optionally 'contrib' and 'non-free' if you use them) This is the stable-updates suite, former volatile. It contains packages that might need frequent updates to function properly, but these updates are not security related. It currently contains 24 packages of limited interest to most users. To use it you add one additional entry same as your regular archive, but replace 'wheezy' with 'wheezy-updates'. Most mirrors will probably carry this suite as well and the http redirector below should therefore support is as well. http.debian.net (mind the .net instead of .org) is a relatively new service, that uses a clever algorithm to redirect you to a mirror that is: fast, close to you, up to date, etc. It uses .net because it's not hosted on a Debian machine, but it's still provided by someone "close" to Debian (in this case a Debian Member). Because of all the above I would suggest you edit your sources.list to look like this (indenting for visibility only): # regular Debian archive # (append 'contrib' and 'non-free' if you need them) deb http://http.debian.net/debian/ wheezy main # the security archive # (append 'contrib' and 'non-free' if you need them) deb http://security.debian.org/ wheezy/updates main Please note that I specifically use the release codename. Using 'stable' instead is possible, but will have "interesting" results if you upgrade after Jessie is released. Kind regards, Andrei -- http://wiki.debian.org/FAQsFromDebianUser Offtopic discussions among Debian users and developers: http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic http://nuvreauspam.ro/gpg-transition.txt
signature.asc
Description: Digital signature
