Date: Mon, 27 Oct 2003 11:54:59 -0500 From: Toomas Karmo To: Bob Garrison , zhao@astro.utoronto.ca, rock@astro.utoronto.ca, robertb@opentrend.net, mochnacki@astro.utoronto.ca, samir@cs.utoronto.ca Subject: Linux package management comparisons (Debian, Mandrake, ReDHat,...) Dear Prof. Garrison, Hugh Zhao, et al. in Dept of Astron, and Rob Brockway in the world of commercial Linux consultants, and Samir Girdhar in the Dept of Comp Sci: Linux package management tools are of high importance for following two reasons: (a) Only if our tools are simple to use can be assured that we will on EACH business day check for security patches. (We cannot apply security patches once a month, or once a week. Daily patching is a mission requirement. But if the tools are hard to use, we will neglect daily patching.) (b) Only if our tools are simple to use can we be assured that we will be able to install mildly out-of-the-way end-user apps. (Two examples of such apps: (i) Plain-ASCII Web browsier links, superior to the traditional plain-ASCII browser lynx in understanding frames. (ii) Antiword, as a tool for converting a Microsoft Word file into plain ASCII, and sending that plain ASCII to standard output.) Prof. Garrison has drawn my attention to a Mandrake newsletter which itself refers to http://lwn.net/Articles/49967/. The http://lwn.net/Articles/49967/ article is a report on tests of package management in Debian, Mandrake, RedHat, Slackware, and SuSE. The winner is Debian, Mandrake comes in second. Do forward this mail to anyone who may find it useful. Rapidly, Tom = Tom Karmo http://www.metascientia.com ____________________________________________________________________________ Date: Mon, 27 Oct 2003 12:52:02 -0500 (EST) From: Robert Brockway To: Stefan Mochnacki cc: Toomas Karmo , Bob Garrison , zhao@astro.utoronto.ca, rock@astro.utoronto.ca, robertb@opentrend.net, mochnacki@astro.utoronto.ca, samir@cs.utoronto.ca, karmo@ungrad1.astro.utoronto.ca, consultants@opentrend.net Subject: Re: Linux package management comparisons (Debian, Mandrake, ReDHat,...) On Mon, 27 Oct 2003, Stefan Mochnacki wrote: > This is very interesting! What do the Debian and Mandrake management systems > cost? I can't say much about Mankdrake (I rarely if ever use it) but will comment on Debian... The software and the management system in Debian are completely free. The Debian developers (about 400 individuals spread all across the world) maintain the highest levels of professionalism in the development of the distribution. The distribution known as "Debian Stable" goes through months of rigorous testing and a code freeze[1] of several months. This extensive testing not only provides for a very robust operating system, but it also allows for a powerful software management system. The ease of maintaining a Debian Stable system (including adding security updates) has to be seen to be believed. If there was sufficient interest in the possible deployment of Debian we could arrange a demonstration. We would also be happy to show off the power of thinclient and some of the other capabilities available in modern systems like Debian. [1] During a code freeze, only code required to fix security issues or bugs is added. No software is moved to a newer version. Rob -- Robert Brockway Senior Technical Consultant, OpenTrend Solutions. Phone: 416-669-3073, Email: rbrockway@opentrend.net, http://www.opentrend.net OpenTrend Solutions: Reliable, secure solutions to real world problems. ------------------------------------------------------------------------------ Date: Mon, 27 Oct 2003 13:08:37 -0500 (EST) From: Hugh Zhao To: Robert Brockway cc: Stefan Mochnacki , Toomas Karmo , Bob Garrison , , , , , , Subject: Re: Linux package management comparisons (Debian, Mandrake, ReDHat,...) I am quite ignorant about Debian, but told it is quite robust. As everyone is aware that RedHat is in transition period. It is developing a model that other linux distributors will eventually follow suite if proved to be successful. This is good news and also bad news. I am wondering what Debian will end up. It can not sustain itself forever without some kind of commercial schemes. Hugh ============================================================== Hugh Zhao, Ph.D (Tel) (416)946-7286 Computing Systems Manager (Fax) (416)971-2026 Department of Astronomy & Astrophysics University of Toronto Toronto, Ontario E-mail M5S 3H8 CANADA zhao@astro.utoronto.ca ============================================================== _____________________________________________________________________________ Date: Mon, 27 Oct 2003 13:48:39 -0500 (EST) From: Robert Brockway To: Hugh Zhao cc: Robert Brockway , Stefan Mochnacki , Toomas Karmo , Bob Garrison , rock@astro.utoronto.ca, robertb@opentrend.net, mochnacki@astro.utoronto.ca, samir@cs.utoronto.ca, karmo@ungrad1.astro.utoronto.ca, consultants@opentrend.net Subject: Re: Linux package management comparisons (Debian, Mandrake, ReDHat,...) On Mon, 27 Oct 2003, Hugh Zhao wrote: > I am wondering what Debian will end up. It can not sustain itself forever > without some kind of commercial schemes. So far so good. Among the "technically savvy" I would propose that Debian is the most popular Linux distribution although I can't say that anyone has actually done a survey of distribution usage[1]. The Debian project (backed by Software in the Public Interest) is powering along and currently has more people who want to be developers that it can handle. OpenTrend Solutions and other companies that use open source software to provide commercial solutions also donate a percentage of gross revenue to projects such as Debian. The current indication is that Debian is picking up a larger proportion of the Linux user base (a group which is itself growing at a rapid rate) than ever before. Similarly, the BSD projects: FreeBSD, NetBSD and OpenBSD aren't backed by companies but have methods they use to bring in sufficient funds to continue developing these excellent operating systems. [1] There is always the Linux Counter: (http://counter.li.org). Cheers, Rob (Linux counter project ID 16440 :) -- Robert Brockway Senior Technical Consultant, OpenTrend Solutions. Phone: 416-669-3073, Email: rbrockway@opentrend.net, http://www.opentrend.net OpenTrend Solutions: Reliable, secure solutions to real world problems. _____________________________________________________________________________ Date: Mon, 27 Oct 2003 17:41:02 -0500 From: Toomas Karmo To: Robert Brockway Cc: Stefan Mochnacki , Bob Garrison , zhao@astro.utoronto.ca, rock@astro.utoronto.ca, robertb@opentrend.net, mochnacki@astro.utoronto.ca, samir@cs.utoronto.ca, karmo@ungrad1.astro.utoronto.ca, consultants@opentrend.net Subject: Debian viable longterm (cf U of Calgary Dept of Phys) Universal Coordinated Time (= UTC = EST+5 = EDT+4): 20031027T213315Z Dear Rob, Prof. Mochnacki, et al, Yes, as Rob remarks, Debian is available for zero dollars. Here's some further background on Debian and other distros: * Debian, unlike RedHat, Mandrake, SUSe, and Slackware, has a charter, or similar constitutional document, formally forswearing commercial ambition. This insulates Debian from commercial pressures which have led RedHat at one point to incorporate beta software in a distro, and have led Mandrake (when troubled, many months ago, by the French equivalent of Chapter 11) to make what appeared to me to be a misleading statement, a piece of suit-speak. (Sorry, eveyone, but I can't remember the DETAILS of the seeming fib, the seeming spin out of Armani/Calvin Klein/Gucci space. I just remember being convinced that some Mandrake corporate pronouncement was not candid.) On the down side, it does make Debian a little slower than RedHat and Mandrake in rolling out new stuff. I SEEM to remember that it took Debian a long time to make the 2.4.x series of kernels available. And Debian does rely, I guess even more than Mandrake, on charitable contributions to keep its wheels turning. * In appraising the quality of Debian, it is rational to check the quality of documentation. I'm not as well briefed as I could be here, but can at least give a pointer to the best of the various Debian manuals: http://www.debian.org/doc/manuals/reference/reference.en.html (That's a manual under the umbrella of the Debian Documentation Project, or DBP.) I **SEEM** to remember that that manual goes into the nitty-gritty of the Debian packaging formalism. It's essential that that nitty-gritty be documented at the level of detail appropriate for a curious user. We need to know, for example, how we can inspect the actual script that installs a given package. Say you are installing foo on your box. There has to be a script which decides what directories to create, what symbolic links to make, what permissions to bestow, etc, etc. The script might end up being VERY complicated - as is indeed, I'm sure, the case with the Debian install of asrophysics tool IRAF, not as yet tested on my Debian box. Recall that IRAF when installed in a more naive RedHat setting is quite tricky, obliging us to create a special account by hand, and moreover to make the default shell for that account the rather archaic shell tcsh rather than the contemporary shell bash. I think that in Debian all that stuff no longer happens by hand, but is scripted. Further, I think we are given the e-mail adddress of the package maintainer, responsible for the sanity of the script. (Part of the Debian culture is a notion of human, as opposed to corporate, accountability: each package is associated with an identifiable individual responsible for it, who does such things as script-writing, ideally liaising all the while with the upstream developers. The Debian IRAF package maintainer, then, is likely to be a careful script-writer who at least in the ideal case maintains contacts with the upstream people, the actual IRAF creaters, at the National Optical Astronomy Observatory. When he's puzzled on how to script something for the Debian IRAF installer, then, I hope, he gets in touch with the actual IRAF programming team at NOAO.) * Syntax for my daily updates of the whole Debian system: ((QUOTE)) apt-get update apt-get check apt-get -u upgrade ((/QUOTE)) This syntax updates the list of available packages in the Debian "stable" branch, then upgrades any package that has been updated in the last 24 hours. The apt-get tool is configured in such a way as to be sure to contact inter alia the special Debian server that urgently reflects security-related updates. * Size of Debian: 8 CDs if bought, for around CAN$70, from the www.chguy.net guy in Manitoba or Saskatchewan or whatever. (One can burn one's own CDs for free. But the www.chguy.net provides tech support for no extra charge if asked, and moreover ploughs some of the dollars he gets from his customers back into Debian, by way of a charitable donation.) I think this is about twice the size of Mandrake and RedHat, meaning that we get extra goodies. (Sometimes we WANT extra goodies. Just Saturday night, I found it useful to run not IRC, but its archaic predecessor, talk. Unrusprisingly. talk was absent from my system, since it's IRC that I know and use: but a rapid invocation of apt-get install talk and apt-get install talkd fixed that problem, in just one minute.) The trick is to install very selectively, only puttiing in the packages thare are useful. The installer, conveniently, gives for each package not a one-line description, but an at-least-one-PARAGRAPH description, in some cases with some juicy detail like the URL of the upstream developer's organization. (Those at-least-one-paragraph descriptions are part of what gets updated daily with ((QUOTE)) apt-get update ((/QUOTE)).) * If Hugh needs to investigate distros at some stage, he might find it helpful to contact the Dept of Physics at the University of Calgary. That particular Department runs on Debian, not on RedHat. Of course RedHat will be NEARLY ubiquitous in the universe of North American physics-and-astronomy departments. * Here's the full history of my involvement with all THREE distros: +a__In ancient times, that is to say the summer of 1997, I went for RedHat, since that particular distro was much in the news. I found a lot of software misconfigured, but toughed it out. +b__In perhaps the autumn of 2000, Prof. Garrison and I together found a consultant, more recently vanished off the face of the earth, who was knowledgeable about distros. That consultant pointed us to Mandrake, as a firm which had started its rise to prominence by repairing RedHat's configuration errors. Prof. Garrison and I found Mandrake quite stable and clean. +c__I've taken the position that I must find out what the best infotech engineers are doing and imitate them. (This rule ****ALWAYS**** works. Peple who followed that rule in 1955 or so would have found themselves using those new-fangled shortcuts, the "compilers", and making plans to replace their hot valves with so-called "transistors". People who followed that rule in 1965 would have taken "time sharing" seriously, and would have deprecated the then-almost-ubiquitous idea that you format your job as a stack of keypunched cards, which you hand over the Computer Centre counter to a clerk. People who followed that rule in 1985 would have found themselves in a Sun- or HP- or IBM- or Digital-crafted Unix, to their great benefit, and would have bypassed such things as Microsoft. People who followed that rule in 1995 would have migrated away from a restricted-licence Unix to Linux, again to their benefit. And I believe that when compilers first came out, many scoffed at them. And I KNOW that when time-sharing was new, people thought it dirty. And I boldly predict that people who follow my rule in 2010 or 2015 will migrate away from Linux to a better, quite different, kernel, the "Hurd" kernel - already available as Debian GNU/Hurd, but not at present mature enough to be safe. So, working in a spirit of considerable cynicism, I avoid **ANY** loyalties of a personal kind in operating system space: as soon as the next Best Minds at M.I.T. or Cambridge or Stanford or whatever get onto the Best Operating System Flavour, I unashamedly follow them. Woof! Woof! I'm shameless, I stress.) In the spring of 2003, I decided, on the strength of of conversations with Rob, that my infallible rule now entailed a switch out of Mandrake into Debian. Very rapidly, rather enjoying these mails, Tom PS: Hugh, Prof. Mochancki, whoever: Do forward this mail to anyone who may need to see it at any stage. (It WILL be appropriate to forward it to the computer committee if massive trouble develops with RedHat at some stage, obliging the U of T to adjust its procurement philosophies.) I for my part will forward to the TLUG listserv, but with the identities of Hugh, Prof. Mochnacki, Prof. Garrison, the "computer committee", and the U of T concealed.) _____________________________________________________________________________ Date: Mon, 27 Oct 2003 19:10:00 -0500 (EST) From: Robert Brockway To: Toomas Karmo cc: Robert Brockway , Stefan Mochnacki , Bob Garrison , zhao@astro.utoronto.ca, rock@astro.utoronto.ca, robertb@opentrend.net, mochnacki@astro.utoronto.ca, samir@cs.utoronto.ca, karmo@ungrad1.astro.utoronto.ca, consultants@opentrend.net Subject: Re: Debian viable longterm (cf U of Calgary Dept of Phys) > 2010 or 2015 will migrate away from Linux to a better, quite > different, kernel, the "Hurd" kernel - already available as > Debian GNU/Hurd, but not at present mature enough to be safe. Yes, the Hurd is very exciting. As I understand it, Debian plans to run a Linux based system and a Hurd based system in parrellel indefinately. The two systems should appear outwardly identical insofar as this is possible (the method for low level utilities to access the kernel might be different and so on). > So, working in a spirit of considerable cynicism, I avoid > **ANY** loyalties of a personal kind in operating system space: > as soon as the next Best Minds at M.I.T. > or Cambridge or Stanford or > whatever get onto the Best Operating System Flavour, I > unashamedly follow them. Woof! Woof! I'm shameless, I stress.) I think this is the way to be. I'm eagerly watching the next generation of operating systems evolve. I suspect (and hope) they will put to shame anything we have available now. As well as the likes of Plan9, Brazil & Inferno, there is Eros which looks very interesting: http://www.eros-os.org/ > PS: Hugh, Prof. Mochancki, whoever: Do forward this mail to anyone who > may need to see it at any stage. (It WILL be appropriate to forward it > to the computer committee if massive trouble develops with RedHat at > some stage, obliging One point that has held open source software (OSS) back in the past, and sometimes plagues Debian is the fear that there is no company backing the software. I feel this concern is ungrounded. Community supported projects like Debian consistently show themselves to be better supported than most operating systems or applications coming out of the commercial world. In any case, many companies are prepared to offer support for Debian, such as a committment towards timely tech support (and yes, that includes us ;) One last point, the pronounciation of Debian is often unclear. It is comprised of the names of the original developers, Deb and Ian, and is pronounced as such. Cheers, Rob -- Robert Brockway Senior Technical Consultant, OpenTrend Solutions. Phone: 416-669-3073, Email: rbrockway@opentrend.net, http://www.opentrend.net OpenTrend Solutions: Reliable, secure solutions to real world problems. ______________________________________________________________________________