타토카 wrote:

Hello, dear Debian Community! I just want to ask you a few questions:
1. How is Debian Sid stable then Arch Linux, for example? How often does Debian Sid crash and breaked?

this depends upon which packages are used frequently.

2. I have seen on the Debian official site about Debian Sid and PAM. If I have this problem with PAM, what should I do?

ask here giving as much information as possible.

3. And how is it a good idea using Debian Sid for professional work and programming? I know that people use Arch for it, but I don't know about
using Debian Sid for it.

see above, it depends, but also if you are a programmer and
developer you may have a good idea of how to fix things when
they break. but a general good practice is to always have a
separate booting partition or even a whole different machine
set up with a more stable environment for backup, restoration,
comparisons, experimentation, etc.

if you do not feel comfortable with this kind of thinking
and testing then it is probably a good idea to stick to Debian
stable instead of Debian testing or Debian unstable (aka Sid).

4. As I know Debian Sid does not have some packages like Arch, why? They
have rolling releases? I mean packages, for example, hyprland.

i don't know anything about Arch linux, sorry.


songbird

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 7/22/24 3:38 AM, 타토카 wrote:

Hello, dear Debian Community! I just want to ask you a few questions:
1. How is Debian Sid stable then Arch Linux, for example? How often
does Debian Sid crash and breaked?

I can't speak about Arch; I mostly use Sid on all my workstations, but
none of my servers. In about 20 years, I think there were two times when
the breakage was severe-ish, and even then, recovery wasn't terribly
difficult.

"unstable" really doesn't refer so much to the system being unstable,
but rather to the available packages being unstable, constantly in flux.
You might have Foo version 2.0 this morning, and version 2.1 this
evening, which may break, or fix a breakage of, some other package.

2. I have seen on the Debian official site about Debian Sid and PAM.
If I have this problem with PAM, what should I do?

I don't know what you're speaking about.

3. And how is it a good idea using Debian Sid for professional work
and programming? I know that people use Arch for it, but I don't know
about using Debian Sid for it.

Depends. Again, I would not put sid/unstable on a server, but for a workstation, and if a "Professional" has the ability to compensate for unexpected breakages, sure, absolutely. As I've said, I've run sid on my work-place computers for at least two decades; those machines have been
more reliable than the Windows computers I used to run (back in the
pre-Win10 days, granted, but I still find Debian sid more reliable, for
me, than Win11 PCs).

4. As I know Debian Sid does not have some packages like Arch, why?
They have rolling releases? I mean packages, for example, hyprland.

A strong positive about Debian is that it is very focused on Free
Software (free as in "libre"). I don't want to have to worry about
hidden proprietary licensing "gotchas"; with Debian (as long as I don't
stray out of the Debian ecosphere), that's not a worry. This is one
reason some apps are not in Debian that you'll find in other distros,
because those apps are not sufficiently "Free".

Another reason a package may not be in Debian is that Debian is
volunteer-run; if a volunteers wants to package XYZ for Debian, s/he can
do so; if no volunteer wants to package XYZ for Debian, it won't be in
the Debian repositories.

My understanding of a "rolling release" is, "Here's the next thing we're
giving you." My understanding of Debian Testing, and Sid to a greater
extent, is, "Here's the next thing we plan to give you, but it may be
broken; use with care, and report back to us if you come across any
problems."


--
Kent West <")))><
IT Support / Client Support
Abilene Christian University
Westing Peacefully - http://kentwest.blogspot.com

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue, Jul 23, 2024 at 00:25:27 +0500, 타토카 wrote:

I have read on the official Debian website about sid (in russian version): "Maybe. There was one real case where PAM broke. PAM checks all users, so without PAM no one can login, even as a root. If you work in a precarious environment, you must be able to handle such situations.".

It sounds like it was discussing either a real problem that happened
in the past, or a hypothetical problem that *could* happen in the future.

I don't know how to handle with this situation with PAM. How can I solve
this problem, when it will be nessesary?

The fact that you can't even tell what the page is talking about is a
sign that you might not want to run an UNSTABLE operating system.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue, 23 Jul 2024 01:27:49 +0500
타토카 <[email protected]> wrote:

I know what PAM is. I understand what the problem is described on the website. But I think if I get Debian Sid Update and after that PAM
will crash, I just want to know what the solution can be for it. I am interested in Debian Sid. But I just want to Insure myself of
problems, which happened in the past or could happen in the future.

There are many things that can break to prevent you using a system. Why
are you only concerned about PAM? I've had a variety of non-booting
systems in the past, none of the problems ever involved PAM, most
involved grub in its early years.

--
Joe

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, Jul 22, 2024 at 21:38:23 +0100, Joe wrote:

On Tue, 23 Jul 2024 01:27:49 +0500
타토카 <[email protected]> wrote:

I know what PAM is. I understand what the problem is described on the website. But I think if I get Debian Sid Update and after that PAM
will crash, I just want to know what the solution can be for it. I am interested in Debian Sid. But I just want to Insure myself of
problems, which happened in the past or could happen in the future.

There are many things that can break to prevent you using a system. Why
are you only concerned about PAM? I've had a variety of non-booting
systems in the past, none of the problems ever involved PAM, most
involved grub in its early years.

I think the OP is missing the forest for the trees. (English idiom. It
means you're getting lost in the details and not seeing the big picture.)

The question isn't just "how do you recover from a broken libpam package
that prevents all logins". Although that's certainly a question for
which a sid user should have an answer.

Rather, it's "how do you recover from *any* situation where the system
doesn't let you boot and/or log in normally".

And there is no single answer. It's a question that's supposed to make
you think. You should be able to come up with something, if you're
going to use unstable. Obviously, different situational details would
demand slightly different answers. Or radically different answers.

The point is, you should be able to think of an answer.

If you can't, then running unstable may not be your best choice.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue 23 Jul 2024 at 00:25:27 (+0500), 타토카 wrote:

I have read on the official Debian website about sid (in russian version): "Maybe. There was one real case where PAM broke. PAM checks all users, so without PAM no one can login, even as a root. If you work in a precarious environment, you must be able to handle such situations.".
I don't know how to handle with this situation with PAM. How can I solve
this problem, when it will be nessesary?

Hyprland is tilling window manager.

And what were the 2 times of problems, which you have faced for two
decades? How did you solve them?

Google's top hit for pam broken in sid was:

https://lists.debian.org/debian-user/2001/06/msg03589.html

One fix is in this post, another is in the follow-up. To run sid,
you ought to be able to think up and do receovery actions like
that, though bear in mind that sid is not an installable distribution
because packages go "missing" at times.

Were I running sid, I would not only keep backups of my own stuff,
but also of all the packages that I had installed. With stable,
I don't bother to backup packages, or even the OS itself except
for everything I've configured/changed.

Re: archlinux, from what I've read, I don't think you can make
comparisons with sid. One could make lists of similarities and
differences between it and testing. But Debian doesn't really
have a rolling release, partly because the attention of the
developers turns to bug-squashing the frozen testing before
its release, usually about every couple of years.

Cheers,
David.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 23 Jul 2024 01:27 +0500, from [email protected] (타토카):

I know what PAM is. I understand what the problem is described on the website. But I think if I get Debian Sid Update and after that PAM will crash, I just want to know what the solution can be for it.

You have mentioned at least twice that you have read this somewhere on
the Debian web site.

Well, there is _literally_ well into the millions of web pages (if by
web page you mean unique content accessible through discrete URLs) on
the Debian web site. The bug tracker alone has over a million entries
in total, many of which are likely far out of date and most of which
almost certainly consisting of multiple discrete posts from different
people. The mailing list archives almost certainly have millions of
posts in between all the different lists hosted by the Debian project.

If there is something in _particular_ that you are worried about which
you read on the Debian web site, you'll need to provide a link to
where you read it. Otherwise everyone here is just guessing.

I am interested
in Debian Sid. But I just want to Insure myself of problems, which happened in the past or could happen in the future.

_There is no guarantee whatsoever that Sid won't give you problems._

That's pretty much the whole point of Sid: to serve as a testbed where
breakage is allowed and expected, where problems can be sorted out
before they get into Testing; and Testing, in turn, goes into a
stabilization phase before it becomes the next Stable roughly once
every two years as of late. (It's not quite that tidy in practice, but
that's the gist of it.)

In the words of <https://www.debian.org/releases/sid/>:

"sid" is subject to massive changes and in-place library updates.
This can result in a very "unstable" system which contains packages
that cannot be installed due to missing libraries, dependencies that
cannot be fulfilled etc. Use it at your own risk!

Yes, some people do use Sid as a daily driver. But one really
shouldn't do that _without_ solid knowledge of Linux in general and
Debian in particular, and a willingness to help solve problems. I've
been using Linux as a daily driver OS for close to a quarter century
and consider myself fairly adept at it; and I wouldn't run Sid, mostly
because I actually need my computer to do _other_ things.

--
Michael Kjörling 🔗 https://michael.kjorling.se “Remember when, on the Internet, nobody cared that you were a dog?”

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hi,

On Mon, Jul 22, 2024 at 01:38:07PM +0500, 타토카 wrote:

Hello, dear Debian Community! I just want to ask you a few questions:
1. How is Debian Sid stable then Arch Linux, for example? How often does Debian Sid crash and breaked?

If you have to ask this question, you should not try to use Debian
sid. Debian sid is not meant for use by end users. It is the
in-development next release of Debian. There are frequently problems
and incompatibilities which will be resolved as Debian developers
work together on it. There is little sympathy for any user who
experiences these and doesn't know what to do about them¹.

You will not have found any advice anywhere on Debian's web sites
telling you to use Debian sid.

2. I have seen on the Debian official site about Debian Sid and PAM. If I have this problem with PAM, what should I do?

You shouldn't be using Debian sid, so no need for us to try to
untangle what you mean here.

3. And how is it a good idea using Debian Sid for professional work and programming? I know that people use Arch for it, but I don't know about
using Debian Sid for it.
4. As I know Debian Sid does not have some packages like Arch, why? They
have rolling releases? I mean packages, for example, hyprland.

Debian sid is not a rolling release. Debian does not have a rolling
release. Additionally, Debian sid isn't a release of any
description.

You should not be using Debian sid.

Thanks,
Andy

¹ Reporting and diagnosing bugs in sid and discussing solutions with
the developers are useful activities. Saying it broke and just
asking for help is not. If you are in danger of ending up doing
the latter, do not use Debian sid.

--
https://bitfolk.com/ -- No-nonsense VPS hosting

-----BEGIN PGP SIGNATURE-----

iF0EARECAB0WIQQOQjbLUpUeFFNgZiIgmbZMvxVJCwUCZp7RxQAKCRAgmbZMvxVJ C03DAKCaEXv2QhA9h8ND38YD7Aym+zjHjACgjgJem1t0QTeeJDgWEQzuqVCOGTw=
=bjnO
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon 22 Jul 2024 at 18:10:24 (-0400), Jeffrey Walton wrote:

On Mon, Jul 22, 2024 at 5:41 PM Andy Smith <[email protected]> wrote:

On Mon, Jul 22, 2024 at 01:38:07PM +0500, 타토카 wrote:

[...]
4. As I know Debian Sid does not have some packages like Arch, why? They have rolling releases? I mean packages, for example, hyprland.

Debian sid is not a rolling release. Debian does not have a rolling release. Additionally, Debian sid isn't a release of any
description.

You should not be using Debian sid.

I wish Debian had a rolling release. Years between releases means
software will get stale and accumulate bugs that will lead to
vulnerable and exploitable hosts on the network.

A perfect case on point is "TTY1 layer bug", <https://thenewstack.io/design-system-can-update-greg-kroah-hartman-linux-security/>.
Folks thought it was benign, and did not patch it or port existing
patches. It was one of those accumulated bugs that would get cleared
at the next major release. Then, years after it was disclosed, someone figured out it was exploitable.

A rolling release of 6 months would have cleared the bug close to the
time it became known. It would not have festered for years.

Fixing a bug close to when it becomes known is evidence of a [more]
secure system. That's because most compromises happen three or six
months after the bug was disclosed and patches were available. And the compromises continue for years afterwards. Confer, <https://www.cs.umd.edu/~waa/pubs/Windows_of_Vulnerability.pdf>.

I'm not sure what your point is. This article was written in 2016,
at which time jessie was the stable release and wheezy was oldstable.
The kernel version in wheezy was 3.2. The article says:

"However, running old kernel doesn’t mean it’s a bad thing. There are
genuine reasons why people do run older kernels, and that is why
Linux maintains LTS releases, updating them, largely thanks to
Kroah-Hartman’s coordination work, with bug fixes long after the bulk
of development work has moved on to newer versions of the kernel. But
what good is fixing those older releases if companies are not pushing
the patches to their Linux-dependent devices?

"Over four years old, the 3.2 kernel is an LTS release and still is
getting two fixes a day and being updated on a regular basis: Kernel
developer Ben Hutchings is doing a release every other week. The
Debian community is doing an excellent job at taking those patches
and keeping it updated.

"“A non-profit organization built of volunteer people is doing a
better job than some of the largest Linux providers out there. That’s
insane. That’s bad. Base yourself on Debian or update your kernel
overtime,” Kroah-Hartman said."

The machine I'm typing on is running bullseye and was installed with linux-image-5.10.0-13-amd64. It's running linux-image-5.10.0-31-amd64
now, so that's 22 different versions over 27 months, and a lot of work
put in by the Debian Kernel Team, thanks. I think Kroah-Hartman's
praise still applies.

Cheers,
David.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 22 Jul 2024 21:20 -0500, from [email protected] (David Wright):

The machine I'm typing on is running bullseye and was installed with linux-image-5.10.0-13-amd64. It's running linux-image-5.10.0-31-amd64
now, so that's 22 different versions over 27 months, and a lot of work
put in by the Debian Kernel Team, thanks. I think Kroah-Hartman's
praise still applies.

It is a lot of work.

Note that the -13- and -31- respectively refers to the ABI version of
the build, which isn't necessarily the same thing as an updated
kernel. It's not that uncommon for kernel updates to not increase the
ABI version tag, so in practice your system has probably seen many
more than 22 kernels over that period of time. (Without having
checked, I wouldn't be surprised if the real number of kernel updates
is on the order of 2-3 times the number of ABI bumps.)

--
Michael Kjörling 🔗 https://michael.kjorling.se “Remember when, on the Internet, nobody cared that you were a dog?”

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

This particular one may originate from <http://wooledge.org/~greg/sidfaq.html#14>

I had forgotten that page even existed. It hasn't been touched in 16
years.

-rw-r--r-- 1 greg greg 11031 Dec 12 2007 sidfaq.html

At this point it should be considered a historical artifact rather than
a living document.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 7/23/24 09:45, 타토카 wrote:

Does anyone here use Debian Sid for professional work and programming?

I do.

Are
you happy with this?

I am.

I just want to know your opinions about this
experience.

I have several old kernels and respective initrds on my machine
and I have another machine running Debian testing (and of course
a daily backup of my data).
So in case an upgrade makes my workstation unusable and I don't
have the time right then I can use the other machine.

I'm running Debian unstable since more than five years now
mainly to help with testing and the occasional bug report.

In these five years it happened once or twice that after an upgrade
I couldn't use my machine anymore. It took me a couple of hours or so
to get it working again. I have ~40 years experience with *nix,
~30 years with Linux and ~20 years with Debian.
I've also built my own distributions (using Yocto).
So I generally know what to do if something fails.

I run a daily apt update/upgrade, but never a dist-upgrade
(I have pinned packages). So regularly apt upgrade doesn't
upgrade some packages that I think it should, and normally I just
wait until the Debian developers have sorted it out.

Occasionally it happens that a package isn't upgraded for weeks and I
decide to look after it, which takes some time.

Sometimes the packages that aren't upgraded accumulate (e.g. during
the t64 transition I had 300+ packages not upgraded) and when I have
the time I try to sort it out it may take longer than half a day.
And as I'm still not an expert with dpkg and apt I sometimes ask
questions here and generally get helpful answers.

So yes, I'm still happy with running Debian unstable.

I hope this helps you to decide if unstable is something for you.

Detlef

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 29 Jul 2024 00:57:48 +0500
타토카 <[email protected]> wrote:

Is it enough to have usb Debian live (for example XFCE) and use
Debian Sid? I mean I don't have another one computer, if the main
computer will be "broken".

It would certainly help, though better would be a hard/SSD drive with
USB adaptor. I have an old netbook with a hardwired early SSD which is
very slow. I used to have a 1.8" mechanical hard drive with built-in USB
(no longer made) with an i386 Debian installed which would boot on
pretty well anything Intel/AMD-ish and ran my netbook much faster than
its own drive. A real drive would also be more reliable than a USB
stick.

For repair purposes, if you can see the problem and know how to fix it,
a Debian installation image will also work as a rescue system, making
chroot into the failed system easy.

--
Joe

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, Jul 29, 2024 at 20:26:00 +0500, 타토카 wrote:

If I want to use rescue mode for debian via netinst, will my pc have to
have an internet connection? Yea, it is a stupid question, but anyway.

No, you do not need an internet connection to boot the netinst image.
Not even to install from it (though it's strongly recommended).

You could, in theory, install from the netinst image on a non-networked
PC and just have the bare Debian "Standard" installation (no desktop environments). In fact, some people prefer installing this way.

As a rescue image, the Debian installer (netinst or larger) tends to be
missing a lot of tools that you might want. You can usually get what
you need done, but it might take several tries to find fallback tools
when your expected tools are not there.

But no, you don't need Internet.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 29 Jul 2024 20:26:00 +0500
타토카 <[email protected]> wrote:

If I want to use rescue mode for debian via netinst, will my pc have
to have an internet connection? Yea, it is a stupid question, but
anyway.

No, it allows not to configure networking. If you don't actually need
anything from the Net, you should be OK. There will be some time wasted
as it tries to autoconfigure, but it will give up and go on.

--
Joe

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue, Jul 30, 2024 at 14:53:39 +0100, Joe wrote:

As far as I
know, Debian doesn't use beta versions of any software, even in
unstable, so Firefox itself in unstable is likely to be the same
Firefox downloaded by thousands of people using other distributions,
and is no more likely to fail in unstable than anywhere else.

Debian *does* use git snapshots and other pre-releases for some packages,
but not for Firefox ESR.

Firefox ESR is taken from the closest thing there is in this world to
an upstream stable release series for a major web browser. I would
worry less about the firefox-esr package in unstable than pretty much
*any* other package, when it comes to upstream bugs.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue, 30 Jul 2024 16:56:16 +0500
타토카 <[email protected]> wrote:

I have another one question, which is important for me. When using
debian sid, how much probably, that problems can remove or move to
anywhere some important data from my PC (passwords, photos, notes,
etc.). I understand that some unstable packages in debian sid can
break the system, but what about data?

In general, no, but there's no real limit to what a broken program may
do. In almost twenty years, I've never had any data loss for any reason
other than human (usually me) error, basically from deleting something
I shouldn't have. I've never known a program bug to damage data. That
of course is not saying that it won't happen tomorrow, but the odds are
very much against it. There's probably more risk of data damage from
hardware failure than from software bugs.

But you're protected from data loss by backups, aren't you?

For example, can unstable package firefox spread my password to
intruders?

Impossible to say, but web browsers are among the most complex desktop applications, so are more likely than most things to have bugs. I just
don't keep passwords or other confidential information in browsers. I'm
sure Mozilla is more trustworthy than, for example, Google, but I don't actually trust any software if I have a choice.

In the case of Firefox, and most other software, Debian is taking the
upstream version of the software most recently released, and making a
Debian package from it. Problems occur most often in dependencies, and
other system things, but rarely in the software itself. As far as I
know, Debian doesn't use beta versions of any software, even in
unstable, so Firefox itself in unstable is likely to be the same
Firefox downloaded by thousands of people using other distributions,
and is no more likely to fail in unstable than anywhere else.

Generally the unstable problems are in upgrading, such as where not all components of a large suite of software have been upgraded, so it
is often impossible to upgrade any of it until all or nearly all parts
are available. You may without warning lose the use of a program
because something it depends on has been withdrawn, as recently
happened to AutoKey. A python library was withdrawn, and a new version
provided a week or two later. This is fairly rare, more likely is the
inability to upgrade something for a few weeks. The old version still
works fine. My unstable installation currently has 17 packages not
upgradeable, down from over 90 a few weeks ago. But I don't use any of
them, and probably none of them have stopped working, so it's not a
problem. This installation has over 3300 packages.

Please note that it is the set of software versions which are the
unstable feature of sid, not the software itself. In unstable, the
version of a program currently being developed might change every week.
There is a strong possibility of bugs in new software, but that will be
true for anyone using very recent software, not just Debian. There is
always a choice between new features and stability, you can't have both.

--
Joe

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue, Jul 30, 2024 at 19:54:49 +0500, 타토카 wrote:

"Debian *does* use git snapshots and other pre-releases for some packages, but not for Firefox ESR." - What do you mean?

For example, the package xserver-xorg-video-intel in bookworm has
version 2:2.99.917+git20210115-1

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)