Debian 4.0 'Etch' Released

An anonymous reader writes "Earlier today we discussed the possibility that Debian Etch might be released soon. Well, according to debian.org, it has already happened. Etch has been released: 'The Debian Project is pleased to announce the official release of Debian GNU/Linux version 4.0, codenamed etch, after 21 months of constant development. Debian GNU/Linux is a free operating system which supports a total of eleven processor architectures and includes the KDE, GNOME and Xfce desktop environments. It also features cryptographic software and compatibility with the FHS v2.3 and software developed for version 3.1 of the LSB.'"

Multipath broken in debian etch!

[ljaguar]

etch ships with CONFIG_IP_ROUTE_MULTIPATH_CACHED (experimental) enabled in the kernel. This breaks the multipath route behavior in iproute. As the google search [google.com] shows, it is wreaking havoc with anyone using multipath and dual-wan systems. Those who upgraded this morning to the new stable may be in for a ride. This is a known [debian-adm...ration.org] and documented [launchpad.net] issue but cannot be found in debian's bug tracking system. This issue is not unique to Debian but it should not have passed through the release engineering for the new stable release.

Re:This release begs the question...

[Doctor Crumb]

Short answer: no. Long answer: not until those sites release their content in a format that can be legally distributed by debian. "Free Software" does not only refer to the price.

Too late?

[ezh]

Debian has turned into a political zoo of OSS dinosaurs, who are too big and too ancient. They spend lots of time arguing over political issues and raise barrier too high for hew developers.

During Debian Project Leader (DPL) election campaign candidates were almost in unison looking up to Ubuntu as an example on how to attract new users and developers. With Etch out and new DPL in Debian's goal can be summarized in one phrase: "Let's catch up with Ubuntu"

How Debian's brand new DPL wants to do this [debian.org]:

• rework website
• rework bugtracking system
• sex up the desktop, and
• encourage optional desktop releases every 6 months...

I wonder how they are going to do it... Especially the last bit :-)

Re:This release begs the question...

[MrDomino]

By default, no. You'll have to install some extra packages from the non-free repository to play non-free media. However, all your multimedia requirements are just an apt-get install away; flash 9 (which fixes lots of long-standing Linux flash issues), mp3, win32 codecs, etc... I've been using it on my laptop for a while, and it's been pretty solid; I've got no complaints yet.

Next testing is "Lenny"

[cyber_rigger]

Debian's next testing version will be code named "Lenny" (from the movie Toy Story).

http://times.debian.net/1034-Release-update:-Etch+ 1-=-Lenny,-Call-for-Testing,-Time-shift [debian.net]

Re:Should I upgrade my new server?

[fo0bar]

Does Etch have any showstopping bugs that would stop a 'apt-get dist-upgrade'? Will it fuck up my apache, proftpd, sshd, or smb servers? Anything I should really know before letting some 600 or so packages change?

Yes, read the release notes [debian.org] for the answers to those questions. (and much much more! act today!)

Might take some searching:

[Kadin2048]

Just to follow up, by "non free repository," you'll need something outside the normal Debian repo system -- probably Penguin Liberation Front, certainly nothing U.S.-based -- in order to get that software. (Although I think the Debian/Ubuntu PLF mirrors are down at the moment.)

In addition to Flash (patent issues) and the Win32 codecs (patents), you'll also need libdvdcss2 (DMCA) if you want to play DVDs, and you might as well get LAME if it's not in there by default (god knows -- probably patents).

Putting
deb http://www.debian-multimedia.org/ [debian-multimedia.org] stable main
into your sources.list ought to work, but I'm not sure how actively that repo is maintained (it still lists sarge as the stable tree). The VideoLAN people likewise just have instructions for Sarge but hopefully that'll change soon.

Re:Multipath broken in debian etch!

[Anonymous Coward]

If you think this should be fixed, please file an appropriate bug report at http://bugs.debian.org/ [debian.org]

Re:Too late?

[Anonymous Coward]

too late? it broadly had the same or newer revisions of software than the just released RHL5, a few older.

kernel same
apache same
gcc same
openoffice same
postgres same
icdeove same
iceweasel newer
php newer
kde newer
mysql newer
gnome older

if you want bleeding edges you know the alternatives

Upgrade

[Craig Ringer]

The upgrade seems smooth enough, though it's rougher than woody -> sarge was for me. Then again, I'm running much more complex systems now.

- squid may break if you use it for transparent proxying. It wants the "transparent" option after the listern directive(s) now to enable transproxying, but never used to.

- the xlibs upgrade does not go well if it can't remove everything in certain directories. In particular, having the jedit package installed screws this up badly. I had to do some manual fixing to get this working.

- Make really, really sure you have enough room in /var/backups when you upgrade slapd, or it'll require some hand fixing and a db4.2_recover.

- You'll probably want to use the maintainer's CUPS config, then re-configure it to your specs. The CUPS config has changed a lot and is not really compatible.

- cyrus delivery socket permissions may need resetting if you use cyrus & postfix.

Overall, though, for a system as complex as my servers, the process was largely fuss free.

Re:Multipath broken in debian etch!

[ljaguar]

you say that as if debian .0 releases are just any old .0 releases.

debian testing release is one of the most popular distribution in its own right.

this isn't exactly some hacked up job released after big push to meet deadline. this went through months of release engineering and countless beta-testers.

debian stable release (the snapshot of etch as of today) do not get updates or bugfixes. etch 4.0 will not see any updates to gnome or kernel or gaim or anything. debian stable only gets security bugfixes. (if the bug is just a bug without security implications, it does not get fixed.)

don't you think this puts on an extra burden of not enabling (once again, known to be nonfunctional) experimental kernel option?

yes, testing before live production is good practice. yes, patience before upgrading is a virtue. but only because debian fucks up sometimes. if debian doesn't fuck up ever, patience is not a virtue. and i'm saying that debian fucked up.

Re:Might take some searching:

[Novus]

I am not a lawyer, but I have read the applicable law reasonably carefully, and I'm familiar with the cases mentioned here.

Redistributing the Flash player is less a patent problem than side effects of a restrictive licence [adobe.com]. For example, openSUSE goes out of its way to install browsers compatible with its bundled Flash player; Novell apparently has a deal with Adobe to allow redistribution of acroread and flash-player. Debian seems to circumvent this problem by having the package installer download Flash straight from Adobe. Nice and legal either way (assuming Adobe isn't violating a patent somewhere or something like that, which I doubt).

libdvdcss2 is trickier. Using Finland as an example of an EU country (applicable law [finlex.fi]), the situation seems to be that you are allowed to circumvent CSS to watch a movie, but I'm not lawyer enough to tell whether CSS qualifies for legal protection (that depends on whether it's an effective copy protection mechanism, I think) and whether the law requiring the copyright holder/distributor to provide a circumvention device, if necessary, is applicable. You'd also be very hard pushed to argue substantial non-circumventing use, making redistribution quite risky. In conclusion, I think libdvdcss2 users in Finland are safe, but redistributors may have a harder time. Other EU countries should be similar, as most of this legislation originates with the EU.

The win32 binary codecs are, in part at least, straightforward copyright infringment (unlicensed derivative works), but haven't been subject to any legal action I've heard of. Some of the codecs developed from scratch (e.g. some MPEG variants) seem to need patent licences in some areas; this is the primary cause of problems with MP3 (openSUSE circumvents this by using Real's Helix engine for MP3 decoding, which is licensed).

In conclusion, the situation is a mess and if you want to be safe, stick to what the major corps tell you is OK. If it isn't, they take the heat.

Re:Missing package

[wouterke]

Just for clarity: Debian hasn't enabled register_globals in its default configuration since ages, either. The comment you refer to relates to security updates for PHP. Basically, it says "if you use register_globals anyway, you're on your own; we don't support that"

Re:And its not even the 1st...

[Anonymous Coward]

They did actually intend to release it on April 1st, but it got delayed ...

Re:This release begs the question...

[Professor_UNIX]

Will I be able to have Debian perfectly handle [all] my basic multimedia requirements well by default? I would like to play Yahoo, CNN, ABC, BBC andd FOX video and audio by default.

No, but it's not really the fault of the Debian (or any GNU/Linux distribution) maintainers. Many of these sites are defective by design and only work properly with Windows... sometimes only with a certain version of a Windows web browser: Internet Explorer 6. As a MacOS X user it's a *little* less painful to get a lot of these sites to work in Firefox or Safari in order ot get streaming video to work, but by no means does everything run smooth. The situation is even worse with Linux in regards to how poorly these sites choose to support that platform.

The only thing I'm happy about is that most of these sites are migrating to using streaming video using a Flash-based player like YouTube does so they just use normal HTTP for the transfer mechanism and are simple to get working through a firewall. In the bad old days I had to worry about shit like RealVideo proxies, Quicktime, RTSP, PNA, Windows MMS, etc. While they're probably more efficient, they require your firewall to have a specialized application proxy and it's just an extra pain in the ass if they break the protocol in a new version. The sites that aren't using a Flash player are just streaming Quicktime/Windows Media over HTTP as well so it has the same effect. The main pain-in-the-ass site I experience is with CNN and FoxNews.

Re:And its not even the 1st...

[koxkoxkox]

Parent should be modded informative and not funny, as it is true : see http://lists.debian.org/debian-devel-announce/2007 /03/msg00023.html [debian.org]

Our secret plan was to announce the release on April 1st
(that would have been fun, don't you think so :) ), but well - quality is
more important.

Re:Q: can I run it on my machine?

[Gleng]

Yeah, it should run fine on that machine. I've run Debian on a 120MHz Powermac 7200 and a 1.33GHz G4 Mac mini, and it was sweet on both.

Any PowerPC based computer should run Debian fine.

Re:Too late?

[swillden]

Actually, ''testing'' is usually reasonably current. If not, you can roll your own package or lock the package and install your own stuff over it. A bit of a pain, but that way I had X11 support for my 7600GT well before Debian had it.

And ''unstable'' is even more current than testing, and not unstable in the common sense of the word. The biggest annoyance I have with unstable is that my periodic upgrades are bigger than with testing, but I have a fast network connection, so I don't care that much. I've been using unstable as my primary work/play platform for about four years now, and the only time it's given me trouble was during a bit of XFree86 upgrade weirdness that lasted about a day.

Even better, if you're using unstable, it's really easy to pull packages in from experimental, which pretty much always has the latest and greatest releases of everything, so you almost never have to roll your own package or install from source.

In my experience, I have far less trouble running unstable than I do testing. The downside to unstable is that there is no security team addressing security fixes, but that's rarely an issue for long, since unstable tends to pick up upstream versions very frequently.

Re:Multipath broken in debian etch!

[strstrep]

Debian stable gets bugfixes for significant bugs in later -r1 -r2 releases. This is not limited to security bugfixes. Security bugfixes are the only ones that are pushed out using the security.debian.org repository, however.