79 comments

[ 5.0 ms ] story [ 166 ms ] thread
I'm happy they decided to backport the fix for cyrus ! Some mails could become hidden on update from cyrus 2.5 to 3

I didn't want to use backports for a mail server and after the maintainers decided to not patch the SSL bug in the previous release (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863520) I was afraid they would do the same.

One of Debian's draw backs is that simply finding the download page on its website is an arduous process.
This is not really the case and especially not a drawback of the distro. The net-installer is pretty in-your-face and the other images are rather easy to find.
I love Debian, and their push for Free software - but to mis-quote The Matrix: "What good is a network Iso, if you have no (wireless) network card (driver)?".

The faq doesn't really answer this in a way that'd let your average user be certain they can install via wifi:

https://www.debian.org/CD/faq/#nonfree

Literally there's a green download box on the front page, up and to the right. It will give you the most commonly used installer.

You could also press / and type "download" and it's the first hit.

> Literally there's a green download box on the front page, up and to the right.

In fact, there is literally a small white rectangle with light green text that is difficult to read. The rectangle is only filled green if the user happens to mouse over it. Also the box floats well outside the center view of the page-- i.e., the user has to use time and energy to move their eye outside the main text flow to that area. Compare to the Ubuntu front page where the download link is in the flow of the main block of text.

Again, to be literal:

default: unobtrusive box with small text and an icon that has an arrow outlined in a gray-on-a-white-bg so light I can barely see it on my wide LCD screen.

mouseover: box becomes more prominent and text becomes readable

That's the opposite of the style you described.

> You could also press / and type "download" and it's the first hit.

It's funny because the design you are defending is one of the few that breaks the discoverability of Firefox's wonderful realtime search.

FF search is so helpful because a) the text gets highlighted in realtime as the user types and b) FF will jump to a scroll position that brings the current highlighted text into view. Because Debian's unobtrusive download box is outside the main text flow and at the top of the page, the user is unlikely to notice the realtime selection and they don't get the benefit of a scroll jump.

So yes, FF "/" is awesome, but Debian's website somehow finds the way to make it the least effective at revealing that download link to the user.

I have downloaded Debian multiple times the last few and I have never seen that green box. In fact I did not see it when I visited their page earlier today to check if 10.2 had been released yet.

So, even if it is there it was invisible to me.

The top of the page has a link to "Getting Debian" which puts you on a guided process to ensuring you can select the correct download for your needs.

I wouldn't consider reading to be an arduous process.

What is the difference between a small CD or a tiny CD? What is it in size, and what is it in features? (I happen to know the answer to that question, but random people getting on their site most likely don't.)

All the destinations from that page will lead you to images that do not work over wifi on nearly any laptop.

The actual links for the images are small, without weight, in a place that nobody looks for.

What from that soup of letters is your computer's architecture?

These days I use https://fiendish.github.io/The-Debian-Gotham-Needs/

Because despite the rapid dismissal from these other yahoos, finding an image with WiFi firmware from the front page is a nightmare maze of wrong links and secret knowledge.

> cp iso_file_name_here /dev/sd<your_usb_key_dev_id> ; sync

Didn't know you could do that.

Yeah. Apparently cp got a lot smarter about isos at some point? Like basically everything else GNU/Linux, I'd never have guessed if some random website didn't say to try it.

(I can't respond to you person responding to me, but I meant that I think cp being able to write a working image directly to a dev was not always true, and people always used dd for that before)

It has nothing to do with cp being smart. You can do the same thing with dd, or simply with shell redirection (cat >/…)

It works only for hybrid ISOs. Not every ISO supports this, although many do.

I guess pretty much any tool that copies files will do that too. I like that!
Wifi firmwares are non-free and are not included in the official iso for a reason.

Search for "debian non-free iso" and you probably will find what you are looking for.

> ...nightmare maze of wrong links and secret knowledge.

Please, don't exaggerate.

I think it's actually important to understand how much the computer manufacturers don't really appear to want the free state to become the default. (Not from a "look at these jerks" perspective, but from a benchmarking perspective.)

The project is explicitly about free software, so you should not be able to walk in the door and casually/accidentally walk out with non-free software. But more importantly, it should be a fairly straightforward process to identify "how many non-free sources did I need to incorporate in order to make my piece of 2004 hardware boot and run acceptably?" vs "how many ... in 2019?"

One of the ideals of the Debian distro is also reproducibility, for reasons I won't go into since it's not particularly relevant, but for anyone who hasn't seen it before already: https://isdebianreproducibleyet.com/

The non-free parts will (potentially, depending on what kind of non-free I guess...) always keep this number under 100%

I love the Debian that Gotham Needs, I've never seen this, and the big red asterisk on "should" handles this concern neatly ;)

> Wifi firmwares are non-free and are not included in the official iso for a reason.

And the result is that 99.99% of people can't get 99.99% freedom because of 0.01% of people doubling down on the 0.01% of freedom. I love Debian, but I consider that gatekeeping a great crime against regular people who could be empowered and informed from minimal freedom to nearly total freedom instead of kept out by arcanity and hardlining.

That's why I like the link I posted. Because it says "this will actually work on your computer" AND also informs you about user freedom and the harm of proprietary device drivers.

> Please, don't exaggerate.

Let's perform an exercise, shall we? Starting from www.debian.org, reading from top left to bottom right as the English language is read, how many words must you pass over, how many links must you pass over, which links do you have to click, and how do you know to click those links and not the other ones in order to find an iso that installs on a market standard laptop over WiFi? The decision tree is much deeper than you acknowledge.

> Starting from www.debian.org, reading from top left to bottom right as the English language is read...

I guess you should start with the first link, the one that says "About Debian". There you can know what Debian is about and align your expectations.

If you think it works for you, then go back to www.debian.org and do a ctrl+f and type "download", there is a big button in the top right corner. It is probably what you need (amd64, netinstall).

All I hear you saying is that you think regular people with regular lives and regular products and regular concerns don't deserve to get almost total freedom from Debian because of that missing last little bit, and, too bad so sad, they should just go somewhere else. I disagree with that stance.
She didn't said that and you are being too dramatic.

Certainly if you install Debian for a regular user, install the wifi firmware (available in non-free repo), everything will work and they will enjoy.

It's not what most people probably need, though. A standard market laptop requires non-free firmware for the wifi to function and thus let the netinstaller proceed.
As a long time, on and off Debian user, I've actually never had debian-installer install firmware properly. For the longest time, using the minimal install image, putting the firmware debs (or loose files) in the correct directory just plain didn't work. I think at some point, it started working and I could use wifi instead of ethernet to install, but even now the installer still doesn't install AMD firmware, so some kernel modesetting funny business doesn't work and I just get a black screen on first boot (but the system is otherwise functional). The same applies to the firmware-included non-free image.

I mean, I can (and do) manually apt-get the right firmware packages at some point, either popping a shell during install or after first boot, but it is definitely a maze of some kind, especially if you don't know what package contains the firmware you need.

> Please, don't exaggerate.

I am a software developer who uses Linux exclusively since about 2000 and has contributed indirectly to Debian.

Last week I wanted to setup Debian on my new work laptop. Naively and without thinking much I downloaded the default image, so the wifi card didn't work.

I was on holiday, abroad with friends. Even with both the buster and testing non-free images the wifi card didn't work.

After three hours (downloading, installing a cd creator on a mac of a friend etc) I got frustrated, downloaded an Ubuntu image and it just worked.

I think of Ubuntu as Debian + the yucky driver bits.
In recent history, though, it was also + the yucky terminal advertising, secret Amazon searching, and Unity interface bits. Thankfully at least they gave up on Unity so that Gnome can progress faster.
Yeah, the Unity interface really messed up the recent releases of Ubuntu.
(comment deleted)
Agreed. In rare cases when WiFi doesn't work right at first boot for me, I just attach a mobile phone or connect via ethernet, download one package and... connect via WiFi. It's just a very minor inconvenience - I prefer to know that official Debian iso is 100% free and having to manually opt-in for anything else.
What's actually the point in those point releases?

Don't understand me wrong, I'm running Debian on all my servers, but on the desktop I'm in love wit the rolling release model.

Is it just to overcome the initial upgrade inertia?

It's just a cumulative update to their stable release. Debian usually releases one every few months.
Rolling upgrades are nice on the desktop, where you are computing more and more in the Mobile paradigm, where all software disappears behind an app store gateway.

Fine for the laptop, poor for the server farm.

There are some good points I can see:

* Knowing which version of the installer you are using, so you know which versions of what are gonna be installed by default, sometimes the installer itself will contain bugfixes (but not always).

* Knowing what is the minimum patchset applied to a system. You can check the etc release files and get a summary of the updates applied, eg.: if you see release 10.2 you will know that at least all of the patches up until 10.2 were applied. This one is very useful if you are debugging a system and want to get an overall idea of how up-to-date it is, if you are debugging a system that it's behind the latest updates, you should always consider that as a possible cause, knowing which is the point release allows you to reduce the diff/bugs you will be looking at.

There are places in the world where internet is not accessible, maybe for you it's a commodity but for some people is easy to burn a CD and send it to those who needs it.
Oh, yeah, this makes totally sense, I did not think about that. Thanks!
> I'm running Debian on all my servers, but on the desktop I'm in love wit the rolling release model.

If you run it on you servers then you know that Debian supports many rolling releases. Experimental, unstable, testing, stable + backports, stable + updates, stable. The difference is how fast they change, ranging from "in front of the bleeding edge" for Experimental to "for the very patient" for stable (and beyond).

This seems to be how Debian does things. There aren't separate projects like kubuntu, lubuntu and whatever. There is just Debian, plus what seems like every Window manager under the sun packaged as "task-kde-desktop" or whatever. And so there isn't the a Debian rolling project. There is just "Debian testing" or whatever, which is well, Debian, but the snapshot is taken at difference times and frequencies of Debian's life cycle.

Please note: Starting with Debian 7, the minor number is not part of the Debian release number, and numbers with a minor component like 9.4 or 9.7 now indicate a point release. Basically, only security updates and major bug fixes, with new updated installation media images. This, 10.2, is not a new major release of Debian.
Does anyone know of a distribution other than debian with a social contract[1]? To me this is the reason why I never really considered another distribution.

[1] https://www.debian.org/social_contract

Parabola, based on Arch, has one: https://wiki.parabola.nu/Parabola_Social_Contract
Thanks. There is a spelling mistake here:

"...and adhocratic it its form,..."

I think it should be:

"...and adhocratic in its form,..."

Can't find a way to edit the wiki. Anybody know how to contact the people behind the project?

From clicking on the header I can see two emails in the bottom of the page and the right column has `People` and `Hackers` section which both lead to pages full of email.
That's the great thing about Debian. A great community with a clear purpose.

But I think their tooling and policies have become outdated, which prevents faster progress.

I wish they would switch to some Nix-like alternative, which was discussed in their developer list long ago. The genius of Nix is that packages do not need to depend on the same dependencies. Hence, the whole package tree does not need to be kept in sync.

Another great advantage are declarative package specifications. I maintain several packages for NixOS, and a bot does auto-updates for me. I just check upstream hasn't introduced any malicious code.

Lastly, shipping many "distributions" becomes trivial with Nix. A distribution is just a package channel plus a declarative setup written in a small half-a-page expression. So you can easily create a minimal Debian, a Debian with a GNOME desktop, a Debian with a Xface desktop, a Debian with a KDE desktop, etc.

> packages do not need to depend on the same dependencies

It's a blessing, and a curse. In order to ensure the quality for all packages, now you have to keep all versions anything depends on in check. A bug fix applied to the most recent version doesn't automatically affect packages depending on it, so all of them need to be updated too now.

This is similar to the reason that Debian doesn't accept packages which vendor any dependencies (similar to Fedora).

> declarative package specifications

I tried making RPM, .deb, and Nix packages, and I found Nix to be by far the nicest to work with.

While I agree with what you say, the dependency tree becomes more complex, I’ve found the alternative much, much worse. You can also “mimic” the old behavior by just forcing all the libraries to compile against a specific version of a library, thereby simplifying your dependency free again.

In other words, Nix’ approach gives you the choice, while the current approach forces you into a certain direction.

> A bug fix applied to the most recent version doesn't automatically affect packages depending on it, so all of them need to be updated too now.

This is untrue. Everytime that a package is updated, thanks to NixOS declarative build system, all packages that depend on it are also rebuild/updated. Unless you're pinning your derivations, it works even on custom packages created by you.

That makes sense, but every pinned package contributes to the packaging burden. In order to reduce the burden to what traditional distributions have to deal with, pinning would have to be disallowed, which now resembles the traditional approach a lot, with one version per package.
Well, most packages does not pin dependencies. From the top of my head, proprietary packages generally pin dependencies, however in this case it is because proprietary packages are known to broke when a random library updates.

When I was referring to pinning, it is mostly done locally. I do sometimes, for example, pinning a specific package to a specific commit of Nixpkgs, so I can either backport a new version or avoid some change that I don't want to deal at the moment.

> In order to ensure the quality for all packages, now you have to keep all versions anything depends on in check

Spot on. This creates a burden of work impossible to handle for any distribution.

What really happens with the "everything goes" packaging (like throwing stuff in docker) is that nobody does security updates for most libraries.

What actually happens is that Nixpkgs usually bundles one version of $THING at a time, but as a user you can use, say, 19.09 as your primary system, but get your compiler from unstable because you need some cutting-edge feature, without worrying about dependency conflicts or unintentionally upgrading something else.

Or maybe your FPGA programming software depends on some ancient version of QT from 2016, so you pull that Nixpkgs in for that package only.

> So you can easily create a minimal Debian, a Debian with a GNOME desktop, a Debian with a Xface desktop, a Debian with a KDE desktop, etc.

Um, you do know that Debian does this already, right? man tasksel

They do, but it is not easy to do.
> I wish they would switch to some Nix-like alternative, which was discussed in their developer list long ago.

Ubuntu Snap does this. You may even be able to install Snap on Debian. Whats worse is the 'snap' package is unrelated so you may want to look it up before installing something unrelated.

I'm glad this exists. However what I'd look for in a social contract is something about the level of technical support the users should expect.

When the issue of free software support comes up, too often I see the usual "OUR COMMUNITY IS NOT YOUR FREE TECHNICAL SUPPORT WE OWE YOU NOTHING"... o..okay, fair enough. I can't waltz into your community and demand your time for free... But you _do_ want me to use your system, right? You _do_ think that Free Software is a viable alternative to proprietary software, where the creators literally _owe me_ support for their software because I paid them for it?

That's why it would be nice if they laid out exactly what it is that they are committing themselves to. Not just writing code and putting the thing together, but a certain (of course not unlimited) amount of assistance, so I know I won't be totally left hanging. Maybe some OSes are too much of a hobby or experiment and they don't want to offer that level of support. Totally fine. We should expect that sort of thing in the social contract, so users know what they're getting themselves into, and so that we can all step back and evaluate whether Free Software is a viable alternative to propriety yet.

Whats worse is they could you know.... Just charge for support. I believe Ubuntu and RedHat do this? May as well just use Ubuntu instead I guess? I used to be big on Ubuntu / Debian but after trying openSUSE I dont know if I can stick to either anymore.
I never thought to get paid Ubuntu support for some reason. I really should consider it. I'm moving onto Qubes now. I understand if they don't want to organize such a thing. It would be nice if there were indeed a 3rd party paid support option, and they could just link to it.
No, I like it this way. I feel like I'm not a client of the community but a participant. It's my favourite part about open-source.
It's my favorite part about Free Software.
> where the creators literally _owe me_ support for their software because I paid them for it?

Have you ever tried asking for this. At best you'll get "you're holding it wrong, get bent", and even that's usually only if you have the expensive enterprise support package.

I suppose this is a fair point, it's pretty bad often times. But at least they don't turn you away off the bat.

FWIW I just contacted Google support with help with an issue with their Play Movies on a smart TV. Turns out what I needed to do was in the Smart TV general settings, not even the app per se, and they still helped me with that. The phone support person wasn't able to help but the chat support was.

People voting me down, I want to try to bolster my case. I'm going to use QubesOS just as an example because it's fresh in my memory. By no means do I want to pick on them in particular.

I go to qubes-os.org. I don't see "A community of hobbyists who put together an operating system. Join in if you'd like, but you're responsible for what happens. Good luck and have fun!". I see "A Reasonably Secure Operating System". I see articles in the press, all the powerful components under the hood. For God's sake I see Edward Snowden endorsing it. It looks like they're selling it.

I go to qubes-os.org/support. I see "They are not your personal, paid support service. No one owes you a reply. No one here is responsible for solving your problems for you.". This sends a mixed message.

Maybe it makes perfect sense to you because you're deep in this world yourself, and it's just "how it works". But then I would argue you're not thinking about the whole goal of Free Software, which is to ultimately replace proprietary software. Free Software was supposed to give you a reasonably replacement of proprietary software. Maybe without all the bells and whistles, but nobody says "and we'll leave you out to dry if nobody feels like helping you".

Imagine, somebody trusted this great, secure operating system. Suddenly something goes wrong. They post on this high volume community support list. Nobody answers. "But I'm in a total jam now. I trusted your operating system." "NOBODY OWES YOU HELP". You're leaving people out to dry with no recourse. I think people are not thinking of this edge case.

Of course you can get paid support, at worst from a third party. That covers my point entirely from a practical standpoint. However this leaves two problems in my mind. 1) Where _is_ the paid technical support option for (for instance) QubesOS? I don't know if it exists. When and if it does, it would be nice for Qubes to at least link to a few options from their support page. 2) The mixed messaging I described above is still a problem in my view. It really sounds like you're telling people "if we find you annoying we will leave you out to dry". You could at least mention the _prospect_ of 3rd party assistance. I think it sends a different message about how this whole ecosystem works.

EDIT: I guess Debian does exactly what I mean: https://www.debian.org/consultants/

Everyone could just use Arch Linux, who needs these archaic distros anymore. Trivial to make Arch "stable," also, without living on two year old updates and releases, like Debian and Ubuntu both does. Choose Arch, choose life. Arch is the only distribution. <3
Thank god for Arch Linux. Who would ever use Debian, Ubuntu, CentOS, and all that trash. Let's Arch it up. You have to be illiterate to not use Arch every day. No reason, whatsoever, to not use Arch Linux. Fucking pagans.
I absolutely love Archlinux and still downvoted you. The rich ecosystem of Linux distributions is not something I'd like to get rid of. There's also nothing archaic about Debian.
You then can skip playing the lottery too, at each update you will get possible fixes for bugs that don't affect you and new bugs that will affect you, plus some designer with a giant ego would change years old workflows and you will be forced to change to match the software and not configure the software to match you.

There are many people that run both stable and rolling and the reason is the best tool for the job, you are making a big disservice to the community at the same time contributing to the horible image of the Arch community. Btw Arch people, you need to learn from Rust and publicly shame this fanboys if is not already too late.

What does that mean?

Will my daily "apt update && apt upgrade" get me this?

Yup. Sometimes you might actually need "apt full-upgrade" to get everything right, but not today.
What do you mean by getting everything right by full-upgrade?
Don't you mean "apt dist-upgrade"? Or are they the same thing