On Monday 06 April 2009 11:22:07 am Vincenzo Ciancia wrote: > Mackenzie wrote: > > By the way, when was the last time an update (in a stable release) broke X? > > September 2006 is the last (and only!) one I remember. Ever since then, > > there's this horrible fear...come on, the lesson was learned, and kernels > > aren't being released until their accompanying modules are done building now. > > Shouldn't Jaunty's DKMS prevent issues with people who aren't using > > repository-sourced graphics drivers anyway? > > It happens from time to time, e.g. the post-installs of nvidia drivers > (ok I have an nvidia, but notice that they are auto-configured and > maintained by ubuntu itself) sometimes screw up. The very famous cases > are not the only one.
So you mean DKMS isn't working? > > > Notice that you first have to solve the problem of the dpkg database > > > breaking, which actually happens and breaks the upgrade system, > > > > How common is that? And isn't it something that only happens if you manually > > kill -9 an apt process or if your hard drive is failing (which is expected to > > cause everything to break anyway)? Do your parents know about kill -9? > > > > Dpkg database breaking is common, don't know why but had various friends > fall into that. Exhausting disk space is also common, and currently apt > or synaptic DO NOT recover gracefully as they should. What causes the database to break though? As I said, a manual "kill -9 apt- get" or the hard drive dying are the only causes I can think of. > Exactly because > that is going to break everything, we should avoid the risk of this > happening automatically. "Expected to break everything anyway" was in reference to a hard drive that is failing and writing random 1s and 0s instead of the actual data. If your hard drive is doing that, you're a lot more screwed than *just* an apt problem. > > Not if you use that wonderful little setting in Software Sources so that it > > doesn't hold onto old packages until the end of time (and then some). As long > > as you let it auto-delete old debs, / shouldn't be filling up. > > The "/" will fill-up as soon as you install new applications, and also > either that wonderful setting is not enabled by default or it doesn't > work, because I ran out of disk space during an upgrade yesterday :) No, it's not enabled by default, though it should be. But that's why I said "if". > > Also, if you > > use the default Ubuntu install mode, /var, /tmp, and / will not be separate > > partitions. You'd need to fill the entire drive, at which point I wonder how > > you're getting anything done at all. > > There is also /var/lib, and that partition may definitely fill in in a > number of curious ways. And /var/lib is ALSO not on a separate partition in Ubuntu by default. Seriously, if you keep everything in one partition like the default installer says to, it'd be *hard* to fill / because then your entire drive would have to fill, not just the 5gb allocated to / > A power loss may happen, but much simpler: a > deadlock in a post-install may happen too, constraining the user to > either kill or reboot. Not that I expect this for security upgrades. I > think all of us, (and I bet you included), experienced at least one case > in which the system consistency was lost during an upgrade. The only time I've ever had a problem was when I upgraded from Dapper to Edgy from a CD, because of course it couldn't upgrade the packages that weren't on the CD. Getting online and installing the remaining updates completed the dist upgrade. > It seems to me that you have never experienced a failure in a machine > which is miles away from you, and that your parents need absolutely to > work "today". Nope, never. My mother's computer has been installing updates at 4am, 250mi away from me, for the last 2 years thanks to cron. She's had 2 problems: 1. The printer died 2. Her video card's been on the fritz for 4 years (note: 2 years longer than she's had Ubuntu) I'm sure you can see how neither of those are related to Ubuntu or its updates. > It's a huge problem then, because your ordinary PC > technician will either laugh in your face, or promise you to re-install > linux and not do it. My mother had both the experiences and both times > agreed with the technician that I was crazy in insisting parents should > use linux. What a shame parents believe to technicians (perhaps with > moustaches?) more than their childrens :) And your mother took that sitting down? My mother would tell that technician he was crazy if he couldn't see how a faster, easier, more secure system was better than Windows. > What I advocate is that machines that can't be repaired by someone > should not be touched unless you are sure that your users are able to > rollback, and this is not our case. Because it's *better* that a script kiddie be controlling the machine than...I can't think of the last regression I saw from an update in the updates repository. Er...ok, I can think of one from the proposed repository (which is only meant to be used to test for broken updates). What you're saying is: It's better that a script kiddie control the machine than that a normal user (who has for some reason enabled the Proposed repository) has to type in their email account's password to send mail if they also happen to PGP sign their email. Yes, that bug from the Proposed repository last July is the most recent post- release regression I can think of. I'm leaving out things like "In Hardy ____, but in Intrepid ____" > Of course! Not joking. My mother uses an "user" account, and let me > insist, I don't see why I should call my mother an "administrator". She > is an ex-teacher of humanities, and she is 70. The last thing on earth I > want to see is her fiddling with system upgrades. My mother doesn't have an administrator account either, because she's afraid of breaking things (ex: deleting /lib). And even if she did, she wouldn't install updates because she doesn't think about those things. And that is why I love cron :) > If you would like, we can design a survey and try to gather historical > information on how many times our ordinary home users have faced > security problems due to missing upgrades, and how many times a system > upgrade broke an user's system. The only time I remember in my life to > have heard of a machine infected because of not having been properly > updated... it was a server of the _debian_ project. You should remember > the circumstances :) I have no idea what you're talking about for Debian (OpenSSL? but they weren't compromised, were they?), but I do remember 5 Ubuntu servers being compromised less than 2 years ago because they weren't getting their updates. https://lists.ubuntu.com/archives/loco-contacts/2007-August/001510.html -- Mackenzie Morgan http://ubuntulinuxtipstricks.blogspot.com apt-get moo
signature.asc
Description: This is a digitally signed message part.
-- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
