>From: michael hast <evylrobot19@cox.net>
>Reply-To: slug@nks.net
>To: slug@nks.net
>Subject: Re: [SLUG] Ubuntu questions
>Date: Sat, 28 Jan 2006 12:19:08 -0600
>
>
>>
>>Two seconds with Google yields:
>>http://www.ubuntu.com/ubuntu/relationship
>>
>>Logan
>>
>>
> Okay. Ubuntu is NOT Debian. I was exaggerating. Ubuntu is
>PRACTICALLY Debian. Why would it be "dangerous" to use the Debian
>repositories on his Ubuntu system? No one has even hinted at the rational
>here. Hypothetically, if I switched to Kubuntu and added Debian
>repositories to my sources so that when I used apt it may access Ubuntu and
>Debian repositories, what is the danger? What is the worst-case-scenario?
>I'm not trying to ridicule. I would really like to know.
> If something is inherintly dangerous and I don't think anything of it,
>my ignorance is putting me in harm's way. If I understand the mechanics of
>the danger on some level, I can avoid it on many levels.
> If you tell a kid not to run in a street because it's dangerous, he'll
>probably get run over in a parking lot. If you tell a kid not to run in
>the street because he might get run over by a car, he will avoid more than
>just the street.
> Throw a bone here, guys.
>
>--
>--Michael Hast (the evyl robot)
The problem occurs when dealing with packages that others depend on like
libraries, the kernel, etc. I'll give you a hypothetical synopsis:
Ben is running Ubuntu Breezy Badger. However, he wants to stay on the
bleeding edge so he adds Debian Sid repositories to his
/etc/apt/source.list. Every day the Ubuntu update manager runs automatically
and alerts Ben when packages exist in his list of repositories that are
newer than those he has installed. If Debian has uploaded a new version of
glibc that is compilied with the latest gcc and Ben installs this package,
the newer glibc may not be binary compatible with the Ubuntu version of
glibc. The result is that all of Ben's programs that rely on the Ubuntu
version of glibc will not work.
This is a worst case scenario but you get the idea. It could be some suble
that breaks or something major. If one is running Ubuntu, the safest bet is
to use repositories specifically for your particular version of Ubuntu. The
Ubuntu backports project exists to fufill the needs of those who prefer not
to wait 6 months for upgrades. However, one of the policies of backports is
not to upgrade any libraries. Unfortunately, the Firefox package functions
as a library because the HTML renderer, Gecko, is embedded in Firefox.
Therefore, Firefox will not be upgraded until Dapper Drake (due in April) to
avoid breaking programs that depend on it.
-Jonathon
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 17:16:52 EDT