Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Why I'm dropping recommendation of Gentoo
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2, 3, ... 25, 26, 27  Next  
Reply to topic    Gentoo Forums Forum Index Gentoo Chat
View previous topic :: View next topic  
Author Message
kimchi_sg
Advocate
Advocate


Joined: 26 Nov 2004
Posts: 2915
Location: Singapore

PostPosted: Fri Mar 25, 2005 9:51 am    Post subject: Reply with quote

jsosic wrote:
x86 becomes "stable", and ~x86 becomes what x86 currently is. You and few alike would be satisfied, but allot of users would go away from Gentoo. Love it or not, Gentoo IS BLEEDING EDGE.

But isn't x86 supposed to be, well, stable? It really is Gentoo's fault that this promise is not being delivered upon.

P.S. I run an all ~x86 system currently. But I can understand, after the great binutils b0rk, why people want an all x86 system now. Maybe I'm just beginning to see the validity of labrador's points. :)
_________________
Murphy's Law of Gentoo installation: If a compile can fail, it will.

MacGillicuddy's Corollary: At the most inopportune time.

Please search and read the FAQs before posting.
Back to top
View user's profile Send private message
jsosic
Guru
Guru


Joined: 02 Aug 2004
Posts: 510
Location: Split (Croatia)

PostPosted: Fri Mar 25, 2005 10:09 am    Post subject: Reply with quote

Labrador complains primary about security issues and how bugfixing by releasing latest version of a package is not stable. And those thing like binutils happen, you know, Forest (Gump) would have said: Shit Happens.
Back to top
View user's profile Send private message
Eldomir
n00b
n00b


Joined: 09 Nov 2003
Posts: 63
Location: Madrid/Spain/EU

PostPosted: Fri Mar 25, 2005 10:14 am    Post subject: Reply with quote

I don't know enough to really express an opinion in this discussion, but after reading through it (and learning quite a bit, I didn't know about glsa although the output when I did glsa -h scared me), I would like to point out only one thing:

As a Gentoo user I appreciate it when someone points out ways in which Gentoo could be improved. (Yes, I've been reading these forums for a long time and I've also read those "I'm leaving because gentoo suxx0rz" posts and didn't even bother to read the whole thread). But I don't think Labrador was being arrogant or demanding - at least I didn't feel it that way when I read his posts. Things like "STFU if you don't like it just use another distro", although they seem to be defending Gentoo, are NOT helping the community and are, in fact, arrogant. If what he suggests is undoable or just not practical that's a different thing and should be said - but the fact of expressing criticism, specially constructive criticism, is *helping* us, damnit! After all, these forums are among the most civilized and helpful on the net....most of the time ;)

I know this post doesn't contribute to the discussion and sounds patronizing...just slap me in the face :P
_________________
"Give a man a fire and he will be warm for a day. Set a man on fire and he will be warm for the rest of his life"
-- Terry Pratchett
Back to top
View user's profile Send private message
kimchi_sg
Advocate
Advocate


Joined: 26 Nov 2004
Posts: 2915
Location: Singapore

PostPosted: Fri Mar 25, 2005 10:21 am    Post subject: Reply with quote

jsosic wrote:
Labrador complains primary about security issues and how bugfixing by releasing latest version of a package is not stable.

I was commenting about your own post, not any of labrador's. Please don't sidestep the question.

Gentoo Handbook part 3 chapter 3 wrote:
The Stable Branch

The ACCEPT_KEYWORDS variable defines what software branch you use on your system. It defaults to the stable software branch for your architecture, for instance x86.
We recommend that you only use the stable branch. However, if you don't care about stability this much and you want to help out Gentoo by submitting bugreports to http://bugs.gentoo.org, read on.

The Testing Branch

If you want to use more recent software you can consider using the testing branch instead. To have Portage use the testing branch, add a ~ in front of your architecture.

jsosic wrote:
And those thing like binutils happen, you know, Forest (Gump) would have said: Shit Happens.

Well, that will prove that the ~x86 branch lacks QA. Sometimes it feels that this is the case for the x86 branch, too. Anyone who needs an excuse not to use Gentoo can quote me on this.

If you're commenting that I've not commented on labrador's points, with that previous para, I've just did. ;)
_________________
Murphy's Law of Gentoo installation: If a compile can fail, it will.

MacGillicuddy's Corollary: At the most inopportune time.

Please search and read the FAQs before posting.
Back to top
View user's profile Send private message
labrador
Guru
Guru


Joined: 04 Oct 2003
Posts: 316

PostPosted: Fri Mar 25, 2005 10:48 pm    Post subject: The issue: HIGH MAINTENANCE Reply with quote

Let's remember what I'm talking about: high maintenance.

Yes, you have all of the details available to build and maintain
a secure and mostly stable system. However it takes too long
to do. For this reason, anyone who doesn't have the time,
will not find Gentoo is a good fit.

The recommendation that people fix the problems they complain
about is a tired rhetoric of open source. In the end,
the success of packages and distros has to involve the
concept of an end user, who isn't a developer, and just
needs something reliable that works.

I've spent the time reporting bugs, offering to test betas,
offering the insertion of debug code to get more detail
from my failing case (like the rsync timeout bug). I've put
in my time, so I don't think the accusation of all take and
no give applies.

Here is a recent bug report I made that is still open:
http://bugs.gentoo.org/show_bug.cgi?id=83254
If you bother to read it, it shows other people having the
same problem. Some people on the forums said goodbye
over this problem. I made the bug report out of concern for
Gentoo. I could see that something fundamentally wrong
with rsync could do harm for the sense of Gentoo
reliability.

If anyone expects Gentoo to function in the server rooms
of the world, you have to change Gentoo. The people
who are keeping mail servers running and managing spam
volumes and virus problems, etc., cannot possibly cope
with a bunch of Gentoo boxes that are maintained
through emerge -u world.

If the goal of Gentoo is merely to provide something for
hobby box users and developers, then it is right on track.

Some people don't understand what maintenance I'm talking
about, so I'll have to give some examples...

Recently uw-imap was changed to require a special USE flag
if you required non-SSL imap connections. That caused
me and many others to see imap failures after upgrading.
Here is the flak on that:
http://forums.gentoo.org/viewtopic-t-303408-highlight-.html

Right now I have one box running a stable set for everything,
and yet I'm required to use unstable ati-drivers for the current
version of Xorg. That should never happen and it isn't
an isolated example. I blame QA for allowing that version
of Xorg to go to stable. What am I supposed to do to fix that?

If I don't upgrade to the current Xorg, several other packages
that depend on that version of Xorg would also have to stay behind.
It is also much more time consuming to upgrade al a carte than
with emerge -u world.

I have KDE 3.3 on one machine, and kicker always segfaults on launch
of some X application. Dropping back to KDE 3.2 as my Session avoids
that problem.

Recently I had something failing to build because glibc had been
recently rebuilt. rebuilding qt fixed that (several hours later).

In general, I've noticed more ebuilds broken, and more things released
to stable than should have been, in the last 4 to 6 months. Perhaps
it is a sign of the sheer volume of packages and complexities of
a growing distribution. In any case, it crossed the threshold of how
much time I have to manage it.

And that is the issue: time. You can't get more time by contributing
more time to open source, or whatever. The only solution is to seek
something that involves less time to keep it going.


Last edited by labrador on Tue Mar 29, 2005 3:07 pm; edited 1 time in total
Back to top
View user's profile Send private message
hollywoodcole
n00b
n00b


Joined: 26 Oct 2004
Posts: 68
Location: Oxford, Mississippi

PostPosted: Sat Mar 26, 2005 5:53 am    Post subject: Reply with quote

freeix wrote:
hollywoodcole wrote:
I should hope by know from the number of post you have you know that you can make gentoo as stable and secure as you need it to be and also specify what packages you want!

No, that's pointless fanboy talk. A gentoo installation cannot be both stable and secure because many GLSA issues are resolved by upgrading to the latest version of a package, and that is not stable. Where do you think the "stable" in "Debian stable" comes from?


How about you back the fuck off!..fanboy talk? No-one said the newest package is stable. I said its what you emerge and you can specify what and what not to emerge. Just becasue its out in portage doesn't meant your gonna need to update it.

oh yeah who the fuck are u?
_________________
If the code and the comments disagree, then both are probably wrong.
---/usr/games/fortune

Hollywoodcole.com
Back to top
View user's profile Send private message
TrueDFX
Retired Dev
Retired Dev


Joined: 02 Jun 2004
Posts: 1348

PostPosted: Sat Mar 26, 2005 6:16 am    Post subject: Reply with quote

hollywoodcole: Not updating is even less secure than upgrading, since any security holes will remain in your installed versions of programs.
Back to top
View user's profile Send private message
Gherald
Veteran
Veteran


Joined: 23 Aug 2004
Posts: 1399
Location: CLUAConsole

PostPosted: Sat Mar 26, 2005 7:28 am    Post subject: Reply with quote

TrueDFX wrote:
hollywoodcole: Not updating is even less secure than upgrading, since any security holes will remain in your installed versions of programs.

I think you meant...

Not updating is insecure, period.

Whereas updating regularly is secure, period.

Both alternatives are not stable as compared to many other distributions (particularly Debian stable) because Gentoo is simply not meant for this kind of stability. Instead, Gentoo offers bleeding edge software which, I must stress, has no direct correlation with security.
Back to top
View user's profile Send private message
TrueDFX
Retired Dev
Retired Dev


Joined: 02 Jun 2004
Posts: 1348

PostPosted: Sat Mar 26, 2005 7:42 am    Post subject: Reply with quote

freeix wrote:
I think you meant...

Not updating is insecure, period.

Yes.
Quote:
Whereas updating regularly is secure, period.

If updates were only security updates, yes, but they're not. New updates/upgrades may introduce new security bugs.
Back to top
View user's profile Send private message
Shadow Skill
Veteran
Veteran


Joined: 04 Dec 2004
Posts: 1023

PostPosted: Sat Mar 26, 2005 10:20 am    Post subject: Reply with quote

What part of bleeding edge exscuses the QC department from doing their job, which I would think would be making sure 99% of the updates and other ebuilds work properly, and for those that are broken that they are promptly fixed once they become aware of the problem or problems. Someone please explain the logic behind this insane idea that a bleeding edge system MUST break, using Fedora Core three for some months I never experienced a single program totally posses X and all system resources requiring a hard shutdown/reboot with the exception of XMMS [I do not think the bug was ever isolated and it only seemed to affect a relatively small number of people using xmms.] however I have experienced mulitple hangups while emerging with Gentoo the most serious being pyqt which never even finishes building even after leaving it on more than six hours. [No I don't use stupid pipe flags or kdefinal.] I don't think I ever had a Fedora update totally annihilate some existing configuration file, or totally hose my system. While bugs will be more common it should not simply be a given that a "bleeding edge" system will require you to micromanage every single update, as other "bleeding edge" distros have shown that you can have a relatively stable environment and still recieve a near constant stream of updates to software.
_________________
Ware wa mutekinari.
Wa ga kage waza ni kanau mono nashi.
Wa ga ichigeki wa mutekinari.

"First there was nothing, so the lord gave us light. There was still nothing, but at least you could see it."
Back to top
View user's profile Send private message
Gherald
Veteran
Veteran


Joined: 23 Aug 2004
Posts: 1399
Location: CLUAConsole

PostPosted: Sat Mar 26, 2005 12:55 pm    Post subject: Reply with quote

TrueDFX wrote:
freeix wrote:
Whereas updating regularly is secure, period.

If updates were only security updates, yes, but they're not. New updates/upgrades may introduce new security bugs.

"s/updating regularly is/regular GLSA sanctioned updates are/" if you want to be anal.
Back to top
View user's profile Send private message
TrueDFX
Retired Dev
Retired Dev


Joined: 02 Jun 2004
Posts: 1348

PostPosted: Sat Mar 26, 2005 1:35 pm    Post subject: Reply with quote

freeix wrote:
"s/updating regularly is/regular GLSA sanctioned updates are/" if you want to be anal.
That doesn't really invalidate the point, as these may still be major upgrades, especially if you haven't kept your system up-to-date for a while.
Back to top
View user's profile Send private message
Gherald
Veteran
Veteran


Joined: 23 Aug 2004
Posts: 1399
Location: CLUAConsole

PostPosted: Sat Mar 26, 2005 2:31 pm    Post subject: Reply with quote

TrueDFX wrote:
That doesn't really invalidate the point, as these may still be major upgrades, especially if you haven't kept your system up-to-date for a while.

Why on earth would anyone pick gentoo if they are unwilling to update to the latest major version to fix known security holes?
Back to top
View user's profile Send private message
TrueDFX
Retired Dev
Retired Dev


Joined: 02 Jun 2004
Posts: 1348

PostPosted: Sat Mar 26, 2005 2:34 pm    Post subject: Reply with quote

That's exactly the point: if you want to have just security holes fixed, and no new features with possible new holes, Gentoo's not the right distribution for you.
Back to top
View user's profile Send private message
loki99
Advocate
Advocate


Joined: 10 Oct 2003
Posts: 2056
Location: Vienna, €urope

PostPosted: Sun Mar 27, 2005 9:31 pm    Post subject: Reply with quote

isn't Glep 19 supposed to solve this prob?
Back to top
View user's profile Send private message
kimchi_sg
Advocate
Advocate


Joined: 26 Nov 2004
Posts: 2915
Location: Singapore

PostPosted: Sun Mar 27, 2005 11:34 pm    Post subject: Reply with quote

loki99 wrote:
isn't Glep 19 supposed to solve this prob?

Well, it is.

But it's been floating around for ages, it seems. :(
_________________
Murphy's Law of Gentoo installation: If a compile can fail, it will.

MacGillicuddy's Corollary: At the most inopportune time.

Please search and read the FAQs before posting.
Back to top
View user's profile Send private message
Omega21
l33t
l33t


Joined: 14 Feb 2004
Posts: 788
Location: Canada (brrr. Its cold up here)

PostPosted: Mon Mar 28, 2005 12:06 am    Post subject: Reply with quote

I myself am not crazy about security upgrades, so I have no issues with
Gentoo. The one point I would ask devs to focus on is better device detection.
(IMHO)
_________________
iMac G4 1GHz :: q6600 //2x 500GB//2GB RAM//8600GT//Gentoo :: MacBook Pro//2.53GHz
Back to top
View user's profile Send private message
Gherald
Veteran
Veteran


Joined: 23 Aug 2004
Posts: 1399
Location: CLUAConsole

PostPosted: Mon Mar 28, 2005 1:39 am    Post subject: Reply with quote

Omega21 wrote:
I myself am not crazy about security upgrades, so I have no issues with
Gentoo. The one point I would ask devs to focus on is better device detection.
(IMHO)

Beyond coldplug and hotplug ...?
Back to top
View user's profile Send private message
jsosic
Guru
Guru


Joined: 02 Aug 2004
Posts: 510
Location: Split (Croatia)

PostPosted: Mon Mar 28, 2005 9:24 am    Post subject: Reply with quote

Shadow Skill wrote:
Someone please explain the logic behind this insane idea that a bleeding edge system MUST break, using Fedora Core three for some months I never experienced a single program totally posses X and all system resources requiring a hard shutdown/reboot with the exception of XMMS [I do not think the bug was ever isolated and it only seemed to affect a relatively small number of people using xmms.] however I have experienced mulitple hangups while emerging with Gentoo the most serious being pyqt which never even finishes building even after leaving it on more than six hours.


Than use Fedora. PERIOD.

I'm sure everyone has a suggestion to make. That's why we have this many distro's, because it's imposible for people to agree. I think this should go this way, comunity doesn't, and I make my own distro. And that's ok. But some people around here are trying to change Gentoo into second Debian, or even much worse, I see mentioning of Fedora!!! Why to reinvent things? And if Gentoo doesn't fullfill your needs, why stuck with it? Just to be cool? I don't get it?

One more thing, If you need rock stable distro, then you won't choose Gentoo. Gentoo is stable, but is not for production servers. Neither is Crux, Fedora, Mandrake, Suse, Linspire, Xandros, Debian Sid. It's like complaining on mm or ck patches that they aren't secure enough nor stable for 150days uptime.
Back to top
View user's profile Send private message
marder7
n00b
n00b


Joined: 15 Nov 2002
Posts: 56

PostPosted: Mon Mar 28, 2005 1:04 pm    Post subject: Reply with quote

Quote:
Gentoo is stable, but is not for production servers. Neither is Crux, Fedora, Mandrake, Suse, Linspire, Xandros, Debian Sid.


Quote:

Than use Fedora. PERIOD


I am not sure how to follow that kind of logic.
Also, it seems like you want to say that no Linux distro can claim to be an OS.

I think that Labrador has well described and explained his points. I completely agree with Eldomir's post. It's a bit disappointig to see how people from the "defending Gentoo" side react on Labrador's criticism - basically, some of them are just sulking. "Go playing somewhere else" - isn't that cheap?

Ok, there are some arguments though, like "shit happens". That is true, of course, but it's missing Labrador's point. His point is that "shit happens" too often if Gentoo isn't supposed to be just a time consuming hobby. Above all, shit happens in the x86 branch claiming to be stable. And it happens almost every week. That's definitely, definitely far too often.

Ok you say if you like to get "bleeding edge" that's the price for it? Well, then I must say this price is much too high. But I don't think that the price must be so high.

I think Gentoo should start to distinguish between layers (not branches) with different needs of stability. Treating every package the same way is leading to what Gentoo is today.
Gentoo isn't an OS, neither other distros are. But a part of Gentoo is supposed to be an OS - that means, something reliable and stable -, you may call it "the base system", which includes not only the kernel, but also the build tool chain and similar system tools and apps, like the X system. I am convinced that no distro can afford to be "bleeding edge" here, not even Gentoo can. On the base system, QA has to do a much more serious job than it sometimes has done in the past. And the upgrade of a part of the base system has to be done in a very well controlled way. Commands like "emerge -uD world" should basically not affect the core system.
Apart from that, not only the core system (and its maintenance) is supposed to be highliy reliable, also the main desktop environments are, as well as those popular server applications which let people choose Linux as the OS.

There are many interesting and deep discussions about this aspects in this forum, pointing them out much more precisely than I can.

I used Gentoo for more than two years (on two laptops, three workstations, and two servers), I still find Gentoo very cool and I highly appreciate this forum as well as the great job of many developers and package maintainers. But I quit Gentoo for exactly the same reasons as Labrador's.
_________________
This ist just another signature.
Back to top
View user's profile Send private message
jsosic
Guru
Guru


Joined: 02 Aug 2004
Posts: 510
Location: Split (Croatia)

PostPosted: Mon Mar 28, 2005 4:53 pm    Post subject: Reply with quote

It would be great if Gentoo could afford a third Keyword, "_arch" or something, where would be hardened stuff with security patches. I agree on that. But what if Gentoo can't do that at the moment because of the lack of maintainer power?

To turn stable branch to hardened with lots of security patches, and in that way to convert bleeding edge distro to an outdated one? Also, it would then be nice to abandon ebuilds completely and provide precompiled packages. If you want that, then I must say, "go play elsewhere".

And I just don't know what problems are you experiencing with gentoo? Everyone speaks about tons of ebuild being broken in ~x86 and/or x86 branches. I could agree on ~x86, here and then something is broken, I may even say often. But I haven't noticed that in x86, and I sync and uD world every 7 days. Yet, more problems have my friends on Fedora, Mandrake, Suse, and especially Slackware, using "stable" rpm's and programs than I have on Gentoo with 20 ~x86 programs.
Back to top
View user's profile Send private message
Gherald
Veteran
Veteran


Joined: 23 Aug 2004
Posts: 1399
Location: CLUAConsole

PostPosted: Mon Mar 28, 2005 5:02 pm    Post subject: Reply with quote

But why reinvent the wheel, when others are already doing an excellent job in their respective niches? There are so many excellent choices available _now_, like debian stable and openbsd...

Moreover, I do not understand how an _arch or whatever you want to call it would come even close to being a good fit for gentoo and portage's particular strengths.
Back to top
View user's profile Send private message
hollywoodcole
n00b
n00b


Joined: 26 Oct 2004
Posts: 68
Location: Oxford, Mississippi

PostPosted: Mon Mar 28, 2005 5:53 pm    Post subject: Reply with quote

freeix wrote:
But why reinvent the wheel, when others are already doing an excellent job in their respective niches? There are so many excellent choices available _now_, like debian stable and openbsd...

Moreover, I do not understand how an _arch or whatever you want to call it would come even close to being a good fit for gentoo and portage's particular strengths.


Reinvent the wheel! Over 100 linux distro's are trying to reinvent the wheel then. Whats wrong with trying to make gentoo better instead of just saying "forget gentoo and go with somthing else".

You are really hardcore debian I'm guessing, and I understand that debain is very good by being stable. But don't you think gentoo can be the same way?
_________________
If the code and the comments disagree, then both are probably wrong.
---/usr/games/fortune

Hollywoodcole.com
Back to top
View user's profile Send private message
jsosic
Guru
Guru


Joined: 02 Aug 2004
Posts: 510
Location: Split (Croatia)

PostPosted: Mon Mar 28, 2005 7:15 pm    Post subject: Reply with quote

It can. But at what cost? And with what purpose?

Gains are small and loses high for such a turn. That's why we have such a variety of distributions, because one cannot fullfill the needs of every linux user. If Gentoo comunity continues to grow, and shows the need for a third, secure&stable layer in portage, than that would happen. But if we have about 300 ebuild maintainers now (wild guess, I have no clue about the true number), then for a secure&stable layer you need 100 new ones, and not newbies but very experienced people. This is security we're talking about!!! Look at the resources needed....and why? Other distro's already did the work.

My opinion is that Gentoo must concentrate on the things it's best in, like preformance, new stuff, package manager and system tools/utils (scripts, revdep, etc, etc). People building a particle accelerator in Cern project can't work in nuclear plants and give their 100% at both jobs. If they tried, they would end up beaten in both perspectives.
Back to top
View user's profile Send private message
Gherald
Veteran
Veteran


Joined: 23 Aug 2004
Posts: 1399
Location: CLUAConsole

PostPosted: Mon Mar 28, 2005 8:17 pm    Post subject: Reply with quote

hollywoodcole wrote:
freeix wrote:
But why reinvent the wheel, when others are already doing an excellent job in their respective niches? There are so many excellent choices available _now_, like debian stable and openbsd....
Reinvent the wheel! Over 100 linux distro's are trying to reinvent the wheel then. Whats wrong with trying to make gentoo better instead of just saying "forget gentoo and go with somthing else".

To be relevant, every distro must have some particular strengths. The path to mediocrity lies in spreading development efforts too thin.

hollywoodcole wrote:
You are really hardcore debian I'm guessing, and I understand that debain is very good by being stable. But don't you think gentoo can be the same way?

None of my systems run debian. But if I had a need for high security + stability, debian stable and openbsd would certainly be at the top of my short list. I mean, if _both_ these criteria are important, why settle for anything less than excellence?

I choose gentoo primarily for two reasons: the excellence of portage's build features and availability of the latest software. If gentoo were to devote more time and effort towards both stability + security (i.e. maintaining a stable + secure version of every package for a prolonged period of time), less would be dedicated to maintaining the things that continue making gentoo great.

There's just not enough demand. People who need both s+s should content themselves with Some Other Distro (such as debian), and continue using gentoo for less mission-critical applications like desktops and hobbyist machines. Those who only need security -OR- stability should be perfectly satisfied with gentoo as-is..... the first group should emerge -u regularly, the second should only update during scheduled downtime.

If you disagree with anything you find in this post, you are wrong. </maddox>
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Gentoo Chat All times are GMT
Goto page Previous  1, 2, 3, ... 25, 26, 27  Next
Page 2 of 27

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum