Linux Mint 18 “Sarah” Cinnamon released!

[Cosmo.]

Another matter is: is it wise to upgrade in-place from 17.x to 18 at all ("überhaupt")?

This depends from 2 main questions:

At first: How stable is LM 18 at all? I cannot judge, because I am still downloading. But there are numerous open bugs, which did never get an update in the beta release. So only an installed LM 18 final can tell, if they are solved.

Second: What will Clem tell about that, when the upgrade path is ready? I don't know and hardly any other user can know this at now.

A third aspect will the tests with the upgrade path, which obviously cannot be done at now.

[Pjotr]

Another matter is: is it wise to upgrade in-place from 17.x to 18 at all ("überhaupt")?

This depends from 2 main questions:

At first: How stable is LM 18 at all? I cannot judge, because I am still downloading. But there are numerous open bugs, which did never get an update in the beta release. So only an installed LM 18 final can tell, if they are solved.

True. But it's not the inevitable "teething troubles" (Anfangsschwierigkeiten) that I meant.

Second: What will Clem tell about that, when the upgrade path is ready? I don't know and hardly any other user can know this at now.

A third aspect will be the tests with the upgrade path, which obviously cannot be done at now.

I've had years of experience with in-place release upgrades from Ubuntu. That taught me to distrust them.

As much as I respect Clem and acknowledge his great capabilities, I'm convinced that a clean upgrade (i.e. a clean installation) of Mint 18 will technically be the best solution. Inevitably.

[sphyrth]

Finally!
I wasn't at all disappointed with the delay of the release, but I WAS getting worried. I guess those nasty bugs are no match for the Mint Team.

[gary.zw]

Been using Mint 18 fresh install for about 10 hours--no problems.

[mdavies5]

Using for 24 hours and a great release but I am missing Gnome-Schedule and hope this will be included soon in the repository.

[OS_Researcher]

I have installed 18 on one of my laptops and my main desktop! WOW! It works great! The installs went without a hitch! Great job Clem and Team!

[Pentarctagon]

I think my favorite feature so far is the drop down menu animation

[red-e-made]

There will be a way to update to 18 from the Update Manager, but it hasn't been released yet. Probably be a couple of weeks from what I hear, but who knows?

I've only been using Mint since 2007, and I think importing these upgrades into the Update Manager was one of the best decisions this team ever made. Like starting Cinnamon, it makes using it comfortable and stable. But I just enjoy the entire LiveUSB-making/using process. Not for any concerns about what the upgrades might bring; I just like playing around with a new .iso in live for a while.

Also, kudos on going with gpg. Dead easy to use and it's hard to get more secure than that. Enjoying 18.

[jeanpaulberes]

Hi all,

Do you have an idea when the UPGRADE procedure from Linux Mint 17.3 towards Linux Mint 18 will be published ?
Thanks,

Kind regards,
JP

[Cosmo.]

Why don't you read. before you post. Immediately above your post is the information as far as at now available.

[turtlebay]

I installed 18 Mate x32 over a faulty 17.2 XFCE edition and it's fantastic. Well done Clem and team!

[nhra1ss]

Been running Sarah since last night off USB and running great. I can see installing it by tonight,

[majpooper]

Did you follow the link in the said paragraph?

Well I guess I am just a slow leaner because it is not clear to me at all how to Import the signing key from a Keyserver - and yes I am trying to follow the said paragraph.
https://linuxmint.com/verify.php

And from where do I download the the sha256sum.txt and the sha256sum.txt.gpg from ?

Sorry, none of this is clear - as a matter of fact it is all quite cryptic. So just saying follow the paragraph is not helpful. But better instructions or a How To would be helpful

[Cosmo.]

And from where do I download the the sha256sum.txt and the sha256sum.txt.gpg from ?

You find them here, below the download links.

[Reorx]

Well I guess I am just a slow leaner because it is not clear to me at all how to Import the signing key from a Keyserver - and yes I am trying to follow the said paragraph.

Try the link in my post on page 1 of this thread. You will have to adapt the commands a bit but I think it will help...

[Pjotr]

Well I guess I am just a slow leaner because it is not clear to me at all how to Import the signing key from a Keyserver - and yes I am trying to follow the said paragraph.

Try the link in my post on page 1 of this thread. You will have to adapt the commands a bit but I think it will help...

Thanks for that link.

I wonder how many people are going to jump through all of those complicated hoops. I fear that the net result of dropping md5sum will be, that most people won't do any check at all, anymore.... That's not good behaviour at all, of course, but that's probably the reality.

If people only want to run a swift and easy corruption check, like with md5sum, that should still be officially supported. Otherwise the new system is more of a legal disclaimer than a practical tool for the majority.

[NChewie]

Re the verification of the ISO...

I did post a comment to the release blog, but it appears to have been moderated out

The gist of it was that the SHA256 file and its gpg signature are quite hidden, and anyone going directly to Downloads from the main web page will not find them easily. The link to the location is in the release blog (not the release notes, the download page, or the user manual). I suggest that the link to the checksums and the gpg signature of that file should be on the Downloads page.

In that earlier post, I then suggested that there should be some guidelines to run a gpg verify from windows, as that is where many new users will come from.
I included a handy link to a site which showed how to do it: https://www.deepdotweb.com/jolly-rogers ... authentic/

and I noted that the message
Not enough information to check signature validity. Check details.
is actually a sign of successful gpg verification, not failure (as it seems). Such obscure status messages would scare away some potential users!

I see in this topic on Thursday June 30th, Reorx gave a link to a very good page on PeppermintLinux doing pretty much that...


Is there any reason why we have the SHA256.txt file signed but not the ISO itself?

[Reorx]

I wonder how many people are going to jump through all of those complicated hoops. I fear that the net result of dropping md5sum will be, that most people won't do any check at all, anymore.... That's not good behaviour at all, of course, but that's probably the reality.

If people only want to run a swift and easy corruption check, like with md5sum, that should still be officially supported.

I have been using (simple) checksums to check D/Led ISO files since I started using Linux Mint (2009 - LM7 Gloria) and never had a problem. SHA256SUM is a reasonable replacement for MD5SUM (IMO). I don't really feel a need for the more complex new method of "authentication". I D/Led the ISO files for the 64 bit versions of LM18 Cinnamon and MATE the day they were published. Verified the SHA256SUMs and burned them to USB sticks (the original ISOs are still in my Downloads folder)... I have installed them on my experimentation machine but they won't see a production machine of mine for a while - probably at least several months. If they are found to be counterfeits, I'm sure I will hear about it before they go into production in my world...

[Pjotr]

SHA256SUM is a reasonable replacement for MD5SUM (IMO). I don't really feel a need for the more complex new method of "authentication"

You're right: I overlooked the fact that with sha256sum a simple corruption check is still possible, without the complicated gpg hoops. Thanks for the reminder.

For the other readers: I've written a small how-to for the simple corruption check:
https://sites.google.com/site/easylinux ... -SHA256sum
(item 12, right column)

[Cosmo.]

The sha256sums are indeed far too hidden. The should be easily reachable on the download page (as this has been in the past). At now the user has to act like a scout and then he needs to do 4 clicks to find them. Usually a user, how wants to download, will go to the download page, not to the blog (which furthermore will be after some time hard to find behind the newer blogs).

I also think, that the procedure is at now far too complicated to do for the average user. Another problem is that for users, coming from Windows (where gnupg is usually not installed), the gpg-check is not doable (except they would at first install gnupg, what at first would has to get explained).

Things would get somehow easier, if 2 preconditions would get created: At first integrating the gpg-check into the nemo-seahorse plugin and at second install this plugin by default. In this case those checks could be done from the running system - at least from the running live system.

In one point I disagree with others: It is IMO important to give a way to check, if the downloaded ISO is really authentic. It should not be left to sum luck, if attacks like the one, that happened in February, are possibly successful at some time again. It should also be possible for the user, who had downloaded the ISO-image at the time of an attack, to proof, if the download is valid or not. So the gpg-check is a good and important thing, but the usual user is neither expected to search like a criminal investigator with the depth of several clicks for the needed files nor is he expected to be a rocket scientist. Mint is made with the idea of a easy to use GUI; it is absolutely inconsistent, that the very first step to get Mint and proof its validity gives the need to use the terminal, where numerous users already panic, if they only open it.