Re: [PLUG] Religious Questions

[Tobias DiPasquale <toby@cbcg.net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sep 13, 2004, at 9:06 AM, sean finney wrote:
> the development process is not at all the same!  first off, anyone can
> contribute to or become a developer for debian.  debian has a strict
> set of guidelines for what and how software gets into the distribution,
> and what quality assurance checks it must pass.  but perhaps most
> importantly, this is all completely transparent to the general public.
> all the rules, guidelines, bugs, development statuses, and security
> issues are made available.

Anyone can submit to Fedora. Its fully open source now. As far as being 
transparent, well, that it is, but that doesn't mean that its not also 
confusing at the same time. They seem to have a really tough time 
getting their documentation straight. When you find 3 different 
documents on their site that have three different ways of doing things 
that all claim to be the right way, you could see how that might irk a 
person. RedHat Enterprsie Linux is definitely not open source, though, 
and so you're right on that score.

> as far as available software, my rhn account says that redhat provides
> 1215 seperate packages for the latest version of their enteprise 
> server.
> you do realize that debian has well over 10 TIMES that amount?

In stable? I don't think so. Debian stable and Debian testing/unstable 
are two very different beasts. As I've said in the past, my beef is 
with stable, not testing/unstable. Besides, the RPM community is much 
larger than RedHat's FTP servers. Freshrpms has some great stuff.

> the whole point of pulling only what you need (+ deps, yes) is that you
> minimize what isn't part of the stable security infrastructure.  we've 
> been
> over the security issue as well.  it's not that there is no security
> infrastracture for testing, it's just you don't have the same guarantee
> that you do with stable.  and if you're concerned about security, then
> you'd already be subscribed to debian-security-announce, and you'd know
> about it ahead of time.  typically security updates to testing are only
> a day or so behind, assuming that the issue isn't moot because the
> version in testing is usually far ahead of what's in stable to begin
> with.

Good points.

> not having used gentoo, i can't say anything one way or another.  i 
> have
> friends who are big fans though.  maybe when i finally get that amd64
> system, i'll give it a whirl.  however, i do have extensive experience
> with redhat, and i think that having to manage 50+ production machines
> gives me sufficient credentials to bitch about it :)

Gentoo's pretty cool. It's a source-based distro where everything is 
downloaded and compiled as you request it (dependencies are resolved 
automatically and compiled as well). The system layout is reminiscent 
of BSD, which was the main influence of the project to start, and has a 
large and growing user community. Automated installs would be a pain in 
the ass, but if you had multiple machines with the same hardware you 
could just make a disk image.

Sure it definitely does. Just as having to manage 2x that many Debian 
machines gives me leave to do the same about it. No distro is perfect 
and to be fair, Debian really does rock when you know what you're doing 
with it. I'm just saying that, for me, the big reason in using Debian's 
was APT and that now exists for RH/SuSE which frees those distros from 
the classic RPM dependency hell. Having to add a few extra lines to 
/etc/apt/sources.list or /etc/yum.conf for some external package 
repositories (freshrpms, etc) is a small price to pay for getting a 
bunch of great software for RH/SuSE. Personally, a lot of software 
makes it into Debian's repositories that has little merit and some 
stuff that has a lot of merit never makes it there (e.g. the pape 
mirror with DJBs djbdns and daemontools).

As well, Debian's installer is notoriously chaffing, whereas RH leads 
the field in Linux installation technology (I know they are coming out 
with a new installer for sarge, but I haven't used it yet, so I can 
only comment on the current one). Ever used FAI for Debian? It makes 
you want to gouge your own eye out. Kickstart, OTOH is pretty smooth 
stuff and can do more than FAI with much less setup overhead.

> basically, you provide a control file for a dummy/non-existant package,
> and equivs will convince your system that you have that package
> installed.  say for example, you want to run a newer version of x.org's
> xserver, and don't have xfree86 installed.  there's tons of stuff that
> depends on having an x server, so you could use equivs to tell your
> system that you indeed have one installed.

Oh yeah, Gentoo has a similar thing called virtual packages. I had to 
do the same thing to get some software to work with the X.org server 
when it first hit. Pretty handy.

Anyway, lets just agree to disagree on this issue. You're a Debian guy 
that is frustrated with RedHat, I'm a Gentoo guy that is frustrated 
with the amount of software that he's had to backport to Debian stable. 
And besides, if all there was to use was Debian, I wouldn't be too 
worse off. Cool?

- --
Tobias DiPasquale
202A 04C4 2CE6 B985 8520  88D6 CD25 1A6C B9B5 1595
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (Darwin)

iD8DBQFBRaSszSUabLm1FZURAkusAJ4l6ezinp8CgXgCTsqHx0tc/U/k0ACaAyiL
KxUeKz1B6U28OoKBeof8u+o=
=ZDRe
-----END PGP SIGNATURE-----

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug