LMDE and updates

All Gurus once were Newbies
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Please stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions prefer the other forums within the support section.
Before you post please read this

Re: LMDE and updates

Postby xfrank on Sat Jun 07, 2014 12:08 pm

I'm slowly convincing that the Debian stable hypothesis defended by Killer de Bug and KBD47 is not bad at all. :)
This if:

1 - the most important programs are backported (LibreOffice, Firefox...)
2 - security issues are fixed
3 - the transition from the actual stable version to the next is easy and transparent (to keep the "rolling" essential nature of LMDE, that is, not to have to reinstall the OS ever).

About the point 3: how a LMDE-Debian-Stable will transition from the actual version to the newer one? Automatically? changing the repos? :?:
Linux: LMDE (Mate), Mint13 (Xfce), Peppermint 3 (LXDE), Manjaro (Xfce and Netbook Edition)
xfrank
Level 4
Level 4
 
Posts: 247
Joined: Sat Nov 24, 2012 6:09 pm
Location: Mexico

Linux Mint is funded by ads and donations.
 

Re: LMDE and updates

Postby KBD47 on Sat Jun 07, 2014 12:33 pm

xfrank, I have never had a successful distribution upgrade with Ubuntu. But I have had several successful upgrades with Debian Stable, moving not just to the next release, but up to Testing and even Sid.
My foremost thought is new users. I would never push new users toward Debian Testing, not even with the Update Pack method. Every time I would shove them toward Main Mint.
I learned to use Linux around three years ago starting with Mepis 11. It was based upon Debian Stable. I knew nothing about Linux, I beat the crap out of that installation trying to learn Linux and it never broke. Ubuntu would never have held up to my Linux ignorance like that :-) I know how unbreakable Debian Stable is. And if it is polished like Mint, and if some caution is applied with backporting necessary apps like LibreOffice and newer versions of Browsers, it will work great. For years I have used Stable with newer versions of Chrome browser without issue, so I don't see any problems with using a newer version of Firefox with Stable.
I hope Mint does it. I think it would be brilliant, and would bring in new Linux users. I would promote it for use with older hardware, and for those who never want to learn anything about Linux, but just use it for years without any drama :-)
BTW: Even if LMDE doesn't go with Stable, current LMDE users could follow Jessie into Freeze and out the other side with New Stable. It would mean a little work changing sources, the need to add some repositories, but it's been done before :-)
Last edited by KBD47 on Sat Jun 07, 2014 12:36 pm, edited 1 time in total.
KBD47
Level 6
Level 6
 
Posts: 1025
Joined: Fri Jul 29, 2011 12:03 am

Re: LMDE and updates

Postby killer de bug on Sat Jun 07, 2014 12:35 pm

KBD47 wrote:Edit: BTW Debian is now extending long term support even beyond the normal 3 years.
https://www.debian.org/News/2014/20140424
Putting it on par with Ubuntu LTS support of 5 years, if anyone wanted to use the OS for 5 years without a distribution-upgrade.

Yeah I saw a while ago. It could play in the final choice.

KBD47 wrote:Debian Stable is aimed at running on servers flawlessly for many years. It almost impossible to beat for stability.

For stability, even Testing is stable in my opinion :lol:
The problem of Debian Stable has always been the new softwares...

xfrank wrote:1 - the most important programs are backported (LibreOffice, Firefox...)

Firefox is packaged by Linux Mint team so no worries here. For other softwares that's much more difficult to say ;)
xfrank wrote:2 - security issues are fixed

Debian Stable has a security team and fixes are coming much faster than in Testing
xfrank wrote:3 - the transition from the actual stable version to the next is easy and transparent (to keep the "rolling" essential nature of LMDE, that is, not to have to reinstall the OS ever).

That's how Debian works :)

xfrank wrote:About the point 3: how a LMDE-Debian-Stable will transition from the actual version to the newer one? Automatically? changing the repos? :?:

It could be exactly like an UP... :)
One day Debian team release a new version and you get notified in Linux Mint Update Manager ;)
If I have seen further it is by standing on the shoulders of giants. [Isaac Newton]
User avatar
killer de bug
Level 7
Level 7
 
Posts: 1758
Joined: Tue Jul 08, 2008 1:49 pm
Location: Austria

Re: LMDE and updates

Postby killer de bug on Sat Jun 07, 2014 12:38 pm

KBD47 wrote:BTW: Even if LMDE doesn't go with Stable, current LMDE users could follow Jessie into Freeze and out the other side with New Stable. It would mean a little work changing sources, the need to add some repositories, but it's been done before :-)


We need to wait for Debian Stable to catch us since we are halfway between Stable and Testing ;)
LMDE on stable can not be done before Jessie is the new stable :)
If I have seen further it is by standing on the shoulders of giants. [Isaac Newton]
User avatar
killer de bug
Level 7
Level 7
 
Posts: 1758
Joined: Tue Jul 08, 2008 1:49 pm
Location: Austria

Re: LMDE and updates

Postby woodsman on Sat Jun 07, 2014 1:25 pm

Okay, suppose LMDE moves to stable. That would pacify many users with respect to security updates. That leaves open the question of which packages to continually backport.

Creating a nominal backport list falls way short of the current Debian Backports effort. Should LMDE based on stable include the full Debian Backports? Why not? After all, most LMDE users choose LMDE for the basic reason of having recent versions installed.
woodsman
Level 4
Level 4
 
Posts: 205
Joined: Tue May 11, 2010 10:22 pm

Re: LMDE and updates

Postby KBD47 on Sat Jun 07, 2014 5:13 pm

killer de bug wrote:
KBD47 wrote:BTW: Even if LMDE doesn't go with Stable, current LMDE users could follow Jessie into Freeze and out the other side with New Stable. It would mean a little work changing sources, the need to add some repositories, but it's been done before :-)


We need to wait for Debian Stable to catch us since we are halfway between Stable and Testing ;)
LMDE on stable can not be done before Jessie is the new stable :)


Right. LMDE can really only be switched to the Debian Stable source when there is an LMDE iso released around the same time new Stable is released, either just before, or just after the new stable comes out. I have had success doing this in the past. MATE LMDE would probably be no problem whatsoever, Cinnamon LMDE might be a bit trickier. Probably when Jessie goes into freeze, depending upon the next Mint LMDE update pack, I will be switching my sources to Jessie on a Cinnamon LMDE install I have on an external drive. Of course I'm hoping LMDE will move to Stable next release :-)
KBD47
Level 6
Level 6
 
Posts: 1025
Joined: Fri Jul 29, 2011 12:03 am

Re: LMDE and updates

Postby KBD47 on Sat Jun 07, 2014 5:22 pm

woodsman wrote:Okay, suppose LMDE moves to stable. That would pacify many users with respect to security updates. That leaves open the question of which packages to continually backport.

Creating a nominal backport list falls way short of the current Debian Backports effort. Should LMDE based on stable include the full Debian Backports? Why not? After all, most LMDE users choose LMDE for the basic reason of having recent versions installed.


It's all speculation, but since Debian has numerous backported packages in its backport repo, it would be kind of crazy to repeat those efforts. Perhaps the Mint team could use packages already backported to Debian, and then focus their efforts on anything they want backported that isn't already available.
http://backports.debian.org/
KBD47
Level 6
Level 6
 
Posts: 1025
Joined: Fri Jul 29, 2011 12:03 am

Re: LMDE and updates

Postby kurotsugi on Sun Jun 08, 2014 12:03 am

I just read the manual... Testing has not security team. Update comes from Sid. It can take 2 days or 10 or 2 months...
So obvioulsy if security is the most important for the user, then use either Sid or Stable but not testing...

you got it wrong. security updates have the highest priority and will migrate to testing in 1 or 2 days. regular updates takes 5-10 days. if any updates takes longer than 10 days it means something is wrong with the packages.
I'll give you a hint: Regressions happen all the time
it's not quite true with current debian since debian testing now have always releasable testing policy.
https://wiki.debian.org/Debate/JessieRe ... bleTesting
http://lwn.net/Articles/550612/

jessie is now boringly stable. cinnamon is the only DE didn't work with testing and the reason behind it isn't the regression in testing. rather it's because cinnamon didn't got updated since several months ago. on another hand, moving LMDE into stable actually didn't fix anything about security stuffs and the long period between UP. the frozen period started next september. it means LMDE is still based on testing until next year. do we expect to get no security updates until next year?
kurotsugi
Level 5
Level 5
 
Posts: 891
Joined: Fri Jan 25, 2013 3:54 am

Re: LMDE and updates

Postby KBD47 on Sun Jun 08, 2014 1:28 am

kurotsugi,
I understand that 'always releasable testing' was a proposal, and not a policy. Has that actually been implemented?

Q: How is security handled for testing?

A: Security for testing benefits from the security efforts of the entire project for unstable. However, there is a minimum two-day migration delay, and sometimes security fixes can be held up by transitions. The Security Team helps to move along those transitions holding back important security uploads, but this is not always possible and delays may occur. Especially in the months after a new stable release, when many new versions are uploaded to unstable, security fixes for testing may lag behind. If you want to have a secure (and stable) server you are strongly encouraged to stay with stable.
https://www.debian.org/security/faq#testing
Freeze is proposed for this November, 2014:
https://release.debian.org/jessie/freeze_policy.html
KBD47
Level 6
Level 6
 
Posts: 1025
Joined: Fri Jul 29, 2011 12:03 am

Re: LMDE and updates

Postby killer de bug on Sun Jun 08, 2014 3:43 am

kurotsugi wrote:you got it wrong. security updates have the highest priority and will migrate to testing in 1 or 2 days.

You should really read the manual... :wink:

2 days is the minimal time. It doesn't mean that in 2 days the fix is in Testing.


Take a look at these two packages (I took them randomly and don't want to waste my time to see if it's the only ones or not).
https://security-tracker.debian.org/tra ... -2014-0195
http://packages.qa.debian.org/o/openssl.html

https://security-tracker.debian.org/tra ... -2014-3153
http://packages.qa.debian.org/l/linux.html

These 2 packages prove you wrong.

kurotsugi wrote:regular updates takes 5-10 days. if any updates takes longer than 10 days it means something is wrong with the packages.

Wrong again... Seriously, read the manual. Thanks. 10 days is THE MINIMAL TIME!

kurotsugi wrote:jessie is now boringly stable. cinnamon is the only DE didn't work with testing and the reason behind it isn't the regression in testing. rather it's because cinnamon didn't got updated since several months ago. on another hand, moving LMDE into stable actually didn't fix anything about security stuffs and the long period between UP. the frozen period started next september. it means LMDE is still based on testing until next year. do we expect to get no security updates until next year?

Always releasable policy was a proposition. It's not applied.

And Cinnamon is constantly upgraded. Version 2.2 was out one month ago. Go on github, have a look... :roll:
What don't you understand in 'the team is small and can't keep working on fixing features broken by the new version of GTK' ???
Last edited by killer de bug on Sun Jun 08, 2014 4:03 am, edited 1 time in total.
If I have seen further it is by standing on the shoulders of giants. [Isaac Newton]
User avatar
killer de bug
Level 7
Level 7
 
Posts: 1758
Joined: Tue Jul 08, 2008 1:49 pm
Location: Austria

Re: LMDE and updates

Postby killer de bug on Sun Jun 08, 2014 3:52 am

Kurotsugi,

Please read pages 23 to 27 of the Debian Handbook. What you're looking for is at the top of page 25. First line :)
Here is the link for on-line reading: http://debian-handbook.info/browse/stab ... dp22264912
If I have seen further it is by standing on the shoulders of giants. [Isaac Newton]
User avatar
killer de bug
Level 7
Level 7
 
Posts: 1758
Joined: Tue Jul 08, 2008 1:49 pm
Location: Austria

Re: LMDE and updates

Postby py-thon on Mon Jun 09, 2014 12:46 pm

xfrank wrote:About the point 3: how a LMDE-Debian-Stable will transition from the actual version to the newer one? Automatically? changing the repos? :?:

Normally with Debian there are two possibilities:
1. your sources point to the repos using the version's name (currently wheezy) then you won't leave wheezy ever until you change your sources (from wheezy to jessie, which currently is testing and will be the name of the next stable version, or to stable).
2. your sources point to the repos using the version's type (that would be stable in this case) then you would automatically get a big update when the new stable version is published.
Tower: LMDE Mate 64bit - Netbook: LMDE Mate 32bit
py-thon
Level 4
Level 4
 
Posts: 237
Joined: Fri Sep 27, 2013 2:24 pm
Location: Paraguay

Re: LMDE and updates

Postby xfrank on Mon Jun 09, 2014 10:53 pm

py-thon wrote:Normally with Debian there are two possibilities:
1. your sources point to the repos using the version's name (currently wheezy) then you won't leave wheezy ever until you change your sources (from wheezy to jessie, which currently is testing and will be the name of the next stable version, or to stable).
2. your sources point to the repos using the version's type (that would be stable in this case) then you would automatically get a big update when the new stable version is published.


I'm not familiar with "pure" Debian. Changing the sources seems straightforward, but would be nicer the scenario presented by Killer de Bug:
Killer de Bug wrote:It could be exactly like an UP... :)
One day Debian team release a new version and you get notified in Linux Mint Update Manager ;)

:wink:
Linux: LMDE (Mate), Mint13 (Xfce), Peppermint 3 (LXDE), Manjaro (Xfce and Netbook Edition)
xfrank
Level 4
Level 4
 
Posts: 247
Joined: Sat Nov 24, 2012 6:09 pm
Location: Mexico

Re: LMDE and updates

Postby kurotsugi on Tue Jun 10, 2014 2:46 pm

the releasable isn't officially declared as a policy (politics in debian. debian's tends to take long time to create even the smallest decision) but the ideas have been implemented. debian now have stricker criteria to move packages from sid to testing. you can take a look into our 'debian testing breakage' thread and see compare between wheezy and jessie breakage.

wheezy
Code: Select all
Update 2 Dec 2012- multiarch in testing: convert your system asap

Update 15 may 2012- cinnamon is to be removed with today's updates.

Update 7 may 2012- iceweasel12 is uninstallable in testing, see viewtopic.php?f=199&t=100493&p=576750#p576744

Update 12 march 2012- nvidia and VB fail against the new 3.2.0-2 kernel; reinstall the correspondent dkms modules viewtopic.php?f=198&t=67502&p=553788#p553773

Update 10 february 2012- kernel 3.2 enters testing - for now we have reports of breakages with nvidia viewtopic.php?f=198&t=67502&p=539953#p539934

Update 8 november 2011- GNOME-SHELL migrated to testing in today's updates.

Update 6 october 2011- don't update at the moment the python update brings several breakages

Update 28 september 2011- be careful with the xorg updates, there's severe issues both with ATI and nvidia follow them from here on

Update 10 august 2011- the 3.0 series kernel hits testing and brings issues, follow them from here viewtopic.php?f=141&t=67502&start=960#p458899

Update 5 august 2011- watch the new package dnet-common: it may break your wireless viewtopic.php?f=141&t=67502&p=457254#p457254

Update 12 july 2011- if you are not using latest or incoming watch out python-imaging upgrade - it will break MintInstall viewtopic.php?f=141&t=67502&p=447271#p447217

Update 2 july 2011- better hold the upgrades for now the new xorg and mesa will break the nvidia and ati drivers viewtopic.php?f=141&t=67502&start=680#p442574

Update 22 june 2011- Kernel updated to 39.2, in 32bit system the update will be to a 39.2-pae kernel; watch some issues with linux-headers not been automatically installed viewtopic.php?f=141&t=67502&p=438453#p438314

Update 15 june 2011- Adobe Flash update- if after the update, flash stops working, see Clem's post for troubleshooting viewtopic.php?f=141&t=67502&start=540#p435212 - and many thanks Clem for providing this support 8)

Update 4 june 2011- xchat is to be removed viewtopic.php?f=141&t=67502&p=431082#p431082

Update 17 May 2011- F-Spot fails to update viewtopic.php?f=141&t=67502&start=440#p423021

Update 13 May 2011- issues with legacy nvidia-cards: one report here viewtopic.php?f=141&t=67502&p=421418#p421407

Update 30 Apr 2011- a couple of updates are due: first grub was updated to v. rc1-13 what brought a few bugs in special setups (raid and multi-hdd systems) and the "error: symbol not found: grub_env_export" see here: viewtopic.php?f=141&t=71374 here viewtopic.php?f=141&t=67502&start=340#p414088 and here viewtopic.php?f=141&t=71603 , and lately gstreamer viewtopic.php?f=141&t=67502&start=360#p415117

Update 12 Apr 2011- The .38 kernel arrived to LMDE, together with xorg updates, so expect some issues and follow the thread from this point viewtopic.php?f=141&t=67502&start=200#p407043;
- Also mintsystem pkg was updated to v. 7.7.5 and for now the most notorious change was the removal of the "mark all upgrades" button in synaptic, this thread covers the issue viewtopic.php?f=141&t=70449&start=0

Update 30 Mar 2011- MintMenu v 5.1.7 has a bug in the show recent document plugin, already fixed in v. 5.1.8 viewtopic.php?f=141&t=67502&p=401714#p401735, so please upgrade your system;

Update 23 Mar 2011- the upgrade of kexec-tools to version 2.0.1-4, disabled the ability of reboot into grub, the system reboots, to boot again without going though grub;
Chech viking777 post for more info about the issue
viewtopic.php?f=141&t=67502&start=60#p398542

Update 20 Mar 2011- Attention ATI users: refer to these posts please:
viewtopic.php?f=141&t=67502&p=397378#p397258
viewtopic.php?f=141&t=67502&p=397378#p397374
viewtopic.php?f=141&t=68729

Update 16 Mar 2011- LibreOffice came in today's updates, it will ask you to remove part of OpenOffice (even if in the same process other part of OO will be updated -the process is not so clean as in sid, where the change was made in one move).
Depending on the customizations you made on your system the change should be smooth, ending with a full replacement of OO with LO, if for some some reason that doesn't happen there's a new metapackage called libreoffice that should take care of it.

Update 4 Mar 2011- The vlc/libva1 issue is solved. If you pinned/unmarked libva1 from update, can now proceed safely; if you chose to remove vlc, look in synaptic for the new vlc 1.1.7 and install it; if you didn't update your system at all in these days can now do it.


jessie
Code: Select all
03-05-13 Chrome-unstable viewtopic.php?f=198&t=132747&p=715343#p714796
25-05-13 Python3.3 transition viewtopic.php?f=198&t=132747#p722624
13-6-13 Kernel upgrade viewtopic.php?f=198&t=132747&start=40#p730550
12-8-13 gjs upgrade removes cinnamon/nemo viewtopic.php?f=198&t=132747&p=753080#p752564
02-04-14 upgrade from libcogl12 to libcogl20 removes cinnamon viewtopic.php?f=198&t=132747&start=140#p842700
the latest two breakage isn't actually on jessie. it's LMDE's fault for having long UP period.

@killer: as for the handbook...when did that handbook created? you need to update your information and see how debian's developer work.
Code: Select all
 lack of critical bugs, or, at least fewer than the version currently included in Testing;
at least 10 days spent in Unstable, which is sufficient time to find and report any serious problems;
successful compilation on all officially supported architectures;
dependencies that can be satisfied in Testing, or that can at least be moved there together with the package in question

the time limit doesn't apply for security updates from sid. FYI a package in sid have a certain urgency level. for an instance, security updates have high or highest urgency level and only delayed for one or two days until it moved into testing. the other kind of updates such as this audacious (http://packages.qa.debian.org/a/audacious.html) have lower urgency lave and longer time delay. in audacious case, it got 10 day delay. the time limit could be vary between 1, 2, 5, or 10 depends on the urgency level. as you suggested, I take a look into http://packages.qa.debian.org/o/openssl.html that site said that the packages will moved into testing in two days. [quote]testing migration
excuses:

Too young, only 0 of 2 days old
Not considered[/code]

anyway, let's stay more on the topic. we were discussing about
1. whether if debian testing got their security managed. you was saying "testing didn't got regular security updates". then I were showing the proof that it wasn't true. it clearly shown that testing got regular security updates. your point about debian's handbook and the time limit for the package migration IMO is a lil bit way OOT. it doesn't change the fact that testing got regular security updates.
2. whether if the migration into debian stable will solve the problem regarding security updates on LMDE. my last argument was "it doesn't solve the problem since LMDE will stay on testing until jessie became stable". LMDE will stay as a vulnerable distro until testing becomes stable.
kurotsugi
Level 5
Level 5
 
Posts: 891
Joined: Fri Jan 25, 2013 3:54 am

Re: LMDE and updates

Postby killer de bug on Tue Jun 10, 2014 4:23 pm

kurotsugi wrote:@killer: as for the handbook...when did that handbook created? you need to update your information and see how debian's developer work.

You're an unlucky guy... This book is really up to date and written by one of the top contributor of Debian since 10 years...

kurotsugi wrote:the time limit doesn't apply for security updates from sid. FYI a package in sid have a certain urgency level.

Yes it does. For the highest priority minimal time is 2 days. Not 1 or 0. It's 2 days. And this is the minimal time. Sometimes the package doesn't reach testing even after 10 days... This is because of the dependencies... Of course a package can migrate after 5 days. But it was supposed to move after 2. 5 days is not a normal time... It's either 2 or 10 days for the minimal waiting time.

kurotsugi wrote:the time limit could be vary between 1, 2, 5, or 10 depends on the urgency level.

No! That's wrong I already told you to read the manual. Read it please. If you don't understand something ask your question, but don't post wrong information.

kurotsugi wrote:anyway, let's stay more on the topic. we were discussing about
1. whether if debian testing got their security managed. you was saying "testing didn't got regular security updates". then I were showing the proof that it wasn't true. it clearly shown that testing got regular security updates. your point about debian's handbook and the time limit for the package migration IMO is a lil bit way OOT. it doesn't change the fact that testing got regular security updates.

This is definitely on topic. If you don't understand how it's work for package migration from Sid to testing, how can you discuss this issue.
I said exactly that if security fix is the most important for the user then Testing is not the right distro. Of course testing gets security fixes. LMDE does also (you just have to wait 6 months...). But in the case of testing you don't know when they will come because you can't predict when a package will move to testing. It can be 2 days, or more or never if you have dependencies problem...
If you want Debian and security fixes for everything instantly, then you should use Stable or Sid. But not testing, for the reasons given previously... If you don't trust me look at the list of security issues for packages inside Debian. Look at the number of issues solved in Sid and Stable which are not solved in Testing...

I'm done for this subject. If you don't want to read the manual, I cannot do it for you...


Finally for the always releasable testing it's absolutely not in use. If it was, the purpose would be to reduce the freeze to a minimal amount of time (between 15 days and 1 month). But you will see that the freeze will last 6 months.
If I have seen further it is by standing on the shoulders of giants. [Isaac Newton]
User avatar
killer de bug
Level 7
Level 7
 
Posts: 1758
Joined: Tue Jul 08, 2008 1:49 pm
Location: Austria

Linux Mint is funded by ads and donations.
 
Previous

Return to Newbie Questions

Who is online

Users browsing this forum: No registered users and 5 guests