Debian Weekly News - September 19th, 2000

Welcome to Debian Weekly News, a newsletter for the Debian community.

Work is underway on designing a replacement for Debian's aging installer. The replacement aims to address many problems of the current installer: It will be modular so it is easier to maintain and extend, and the user interface will be modular as well, opening the possibility of an X based install. Other concerns include hardware auto-detection, automated "kick-start" style installs, and support for the Hurd. This and much more is under discussion in a long thread on the debian-boot mailing list. The plan is to have the new installer ready for the release of woody.

An important new set of features have been checked into apt's development cvs branch. They allow apt to "pin" packages at a particular version or Debian release, so they will not be upgraded even if apt sees that newer versions are available. This makes it possible to add both stable and unstable to sources.list, configure apt to only use stable by default, and override apt at the command line as needed to easily download packages from unstable. Other uses include downgrading, and controlling how apt uses third party repositories such as Helix GNOME, and other things we are only beginning to think of. Jason Gunthorpe adds, "Sadly, I don't have a complete set of docs for this function yet, and I'm not finished my major source-incompatible changes to the library so this code isn't going into unstable for a good while yet."

Security fixes for Debian 2.1 will end on September 30th. The security team announced that "Debian is phasing out support for Debian 2.1". Moreover, only very important fixes will be backported to slink before the 30th, and they will only be built for the i386 and m68k platforms. They recommend that "sparc and alpha users should upgrade to Debian 2.2 (potato) immediately", and that's good advice for users of any architecture who care about security. The security team is, however, still open to feedback about this. There were no security fixes this week.

The Kernel Cousin Debian is a new Debian news source that was first published on September 7th. Kernel Cousins provide detailed summaries of mailing list traffic in a variety of projects, now including the debian-devel mailing list (the Kernel Cousin Debian Hurd has summarized debian-hurd for some time now). The new Kernel Cousin Debian goes into more detail and covers more threads than does Debian Weekly News -- while Debian Weekly News attempts to cover more mailing lists and other news sources, and provide a more condensed summary than does the Kernel Cousin. We hope they both prove to be valuable resources, and welcome the new Kernel Cousin Debian -- DWN will probably borrow some material from it in the future.

The Kernel Cousin Debian for September 14th covers several threads from the past couple of weeks including discussions about whether debhelper should be build-essential, changing a system's default shell, and why an old version of pine with a free license isn't in Debian yet. They are also looking for more contributors.

Graphing the Debian web of trust. It's been a few years since the Debian keyring was last graphed. Now new graphs of the debian gpg keyring have been produced. The graph of the gpg keyring has some interesting properties -- the gpg keyring revolves around DPL Wichert Akkerman. And since each key signing happens at a real life meeting between two developers, this is a great way to get a feel for how often we meet in real life.

Lots of KDE applications continue to be added to Debian this week, including the following and 83 other packages:

Finally, a quick editorial. Though it's not directly related to Debian, this Freshmeat article is an interesting read. In it, a developer of the Conectiva distribution talks about making rpm suitable for use with apt. It seems Conectiva has modified apt to work with rpm's, but making full use of apt makes demands of packages that rpm's cannot easily meet. "Just like a painter who paints the floor of a room and gets trapped in a corner, certain features in RPM seem to have been designed to make integration with APT impossible" The problems Conectiva is running into involve things like rpm's handing of conffiles, the lack of interactive maintainer scripts, and the tendency of rpm's not to restart daemons on upgrade -- issues that are partly technical, but mainly matters of policy. This is perhaps the best answer to the age old question, "which is better, rpm or deb?": Neither. Policy is what really matters, and Debian has a large lead over every other distribution in terms of having a formalized, well-developed, and consistently applied package policy. Let's make sure we maintain that lead.

To receive this newsletter weekly in your mailbox, subscribe to the debian-news mailing list.

Back issues of this newsletter are available.

This issue of Debian Weekly News was edited by Joey Hess.