:: Re: [DNG] Why Debian 8 Pinning is (…
Page principale
Supprimer ce message
Répondre à ce message
Auteur: Rick Moen
Date:  
À: dng
Sujet: Re: [DNG] Why Debian 8 Pinning is (or isn't) pointless
Quoting Simon Hobson (linux@???):

> libsystemd0] is "part" of systemd, and I assume systemd won't work without it.


Question: What does it do _without_ systemd?

I think you know the answer. Nothing at all. Rein du tout. But, as I
said on my Web page, if worried about that, just make a nightly cron job
to ensure that it has 000 permissions.

But, basically, facts matter, and unless you have some serious doubts
about the facts, the facts win, and ignoring expert data is a bad plan.
(***COUGH*** Brexit voters ***COUGH***) ;->

I do want libsystemd gone, too. Probably my near-term good-enough way
of making it go away is just to remove it and use equivs to make the
system lie and claim it's there. Done.

Guys, shouldn't this be FAQed? Seems to me in (intermittently) reading
Dng archives in the past, there's been a lot of wasted time discussing
libsystemd0-is-a-problem-and-no-it-isnt over and over.

> No way am I having a trojan like that running on my servers.


An unused, inert library is a trojan?
I'll have to update http://linuxmafia.com/~rick/faq/#virus5 ;->



> But on the subject of alternative repos, well that's a whole debate in
> itself. For many of us, if something goes wrong and the brown stuff
> is flying off the fan in all directions, one of the questions people
> will ask is "where did stuff come from". At present, my answer to
> that is : from the official Debian repositories except for X, Y, and Z
> which came from vendors repositories (eg, I have Ubiquiti's Unifi WiFi
> management system running on some systems). For most PHBs, that's an
> acceptable answer.


In my experience, if the PHBs are caught up in 'someone to sue' fallacy
(http://linuxmafia.com/~rick/lexicon.html#someone-to-sue), they aren't
going to accept Debian, much less Devuan. It's a toss-up about whether
they'll even accept CentOS. _Those_ lot are generally devout RHEL
customers.

> For many people, if you have to tell the PHB that some of your
> packages came from "some random site on the internet" then that causes
> some political issues internally.


So, you don't do that, of course. ;->

As an aside, one of the great comforts of being in charge of my own
infrastructure is that I'm refreshingly free to not have to follow
orders and work with Big Dumb Software. _But_ when I do have to work
with Big Dumb Software because the bloke with the chequebook says so,
it's inevitably on RHEL/CentOS.

> However, what Devuan are doing is keeping all those Debian packages
> that don't need fixing (yet) and publishing a repo of fixed packages
> for those that do.


PHBs stuck in someone-to-sue fallacy mode aren't going to go for that.
IMO, you're dreaming.


> PS - I've read the essay on forks. I vaguely recall having read it
> before, and it makes good reading.


Thanks!