
Debian turns 23 - fcambus
https://bits.debian.org/2016/08/debian-turns-23.html
======
maheart
Debian is my favourite OS[0]. I've been using it full time for years: I use it
on my desktop and laptop (Debian testing), and servers (Debian stable). I've
installed it with big success on parents and siblings computers, and the
extended family's computers.

Debian takes freedom seriously[1]

It's getting better with age:

\- Since Sarge (2005) there's been release every ~2 years

\- Debian LTS allows you to run Debian securely for 5 years (with caveats)

Things I agree with, that may be somewhat controversial:

\- Debian takes packaging software seriously (it splits the application and
development files)

\- Debian follows the FHS (e.g. config goes in /etc, data goes in /var/lib,
etc)

\- Debian stable is stable. Apart from security patches, it really doesn't
change.

Other great things:

\- Debian is a great base to build on (see the many derivatives[2])

Cool things to come:

\- Reproducible builds[3]

[1]
[https://www.debian.org/social_contract](https://www.debian.org/social_contract)

[2]
[https://en.wikipedia.org/wiki/Debian#Derivatives](https://en.wikipedia.org/wiki/Debian#Derivatives)

[3]
[https://wiki.debian.org/ReproducibleBuilds](https://wiki.debian.org/ReproducibleBuilds)

[0] I think Debian is one of the few Linux distros that can truly call itself
an OS, as opposed to just a "distro"

~~~
omginternets
I've recently taken an interest in NixOS after switching to Debian from Ubuntu
about 2 years ago.

Could someone kindly enlighten me as to point [3]? Is the term "reproducible
builds" used in the same context as NixOS? Otherwise stated, does this reflect
the same goals? On the surface this seems to be the case, but I'm struggling
to understand how Debian's approach compares/contrasts.

I quite like Debian, but the transactional approach to package management in
NixOS is ... titillating...

~~~
aseipp
Debian is currently leading the way on deterministic builds, I believe. I had
a fork at one point that integrated _most_ of the changes in NixOS to make the
system tarball (what comes on ISOs) etc deterministic, but it fell to the
wayside a few years ago as I lost time to work on NixOS (it works well enough
on the servers I've had it on for a few years, after I put some work in).

However, there is another axis to this question that NixOS does address, which
is "reproducibility". To clarify, for the purposes here, I define:

    
    
      - Reproducibility: I can always create a copy of a system state, in terms of the set of steps taken to build it, given some known description.
    
      - Deterministic: I can always exactly reproduce a copy of the system state, down to bit-for-bit replication.
    

To make this more explicit, by these definitions: NixOS is reproducible, but
not currently deterministic (except for a few things like the kernel). Debian
is becoming deterministic, but not reproducible. These do not imply each other
in any direction, IMO, from the POV of a user.

The reason for this is because, in short, when you run `apt install foobar` on
Debian, while you may _exactly_ be able to build a bit for bit copy of
`foobar-1.2.3`, exactly matching those results based on the Debian package,
the result of actually _performing_ `apt install foobar` is not deterministic.

Today I may run that command and install 1.2.3. Tomorrow it may install 1.2.4
if the maintainer updated `foobar`. In both cases, I could make a bit-for-bit
replica of 1.2.3 or 1.2.4, given the Debian package descriptions. But I
cannot, without pinning package mirrors explicitly, always ensure the act of
running those commands gives the same result.

This is kind of a problem with systems like Docker, for example. Two people
may run a Dockerfile running `apt install foobar` at two different times, and
get completely different copies of `foobar`! So you have to base determinism
on the Docker image, not on the _description_ of the image (the Dockerfile).
Because the image you built might not actually match whatever you deploy.

In NixOS, the entire 'system' is actually defined by a single Git repository
(called 'nixpkgs'). That means if you and I both have Git revision 0x12345678
of Nixpkgs, and we have the same configuration file for our NixOS systems,
`nix-env -i foobar` will _always_ install the same version of foobar, as it
was described in Nixpkgs, at that exact time.

In practice this means I can do awesome things, like configure my NixOS laptop
in VMWare at first, get my configuration.nix right, pin down the right Nixpkgs
version. Put new hard drive into laptop, start ISO, checkout right Nixpkgs git
version, copy configuration.nix, hit 'nixos-install' and reboot. My laptop is
now identical to what I had before. Obviously this is also great in production
environments because developers can get essentially-identical setups to
production environments.

Note the definition of 'reproducible' above: _you will take the same steps to
produce the output_. This does not imply fully bit-for-bit determinism. That
means if installing `foobar` requires running `gcc -O2 foobar.c -o foobar` and
running `copy ./foobar /usr/bin/foobar` (roughly), both you and I will always
take those exact steps to install it. But maybe `foobar.c` embedded the
`__DATE__` macro into its source, so it is not bitwise deterministic.

NixOS has the story for reproducible builds right, straight from the design --
so bitwise determinism is "only" a matter of some work and not any
philosophical hurdle. But it's naturally something that requires care and
tooling to do correctly and there are some unresolved bits that meant I never
got done with the original work. But it's nothing fundamental.

The Debian developers have really pushed a substantial amount of the work into
doing all this and making these tasks feasible, fixing many upstream packages
-- including helping get extensions to GCC (to make things like `__DATE__`
always a specified constant for packagers), and writing lots of
documentation[1]. They deserve much, much praise for this endeavor, IMO.

[1] [https://reproducible-builds.org/docs/](https://reproducible-
builds.org/docs/)

~~~
glandium
If you want `apt-get install foobar` to always do the same thing, just use
snapshot.debian.org in your apt sources.list:

deb
[http://snapshot.debian.org/archive/debian/20091004T111800Z/](http://snapshot.debian.org/archive/debian/20091004T111800Z/)
lenny main

------
ajdlinux
~13 years ago, I picked up a KNOPPIX 3.3 CD on the front cover of Australian
Personal Computer and experienced the wonders of a Debian-based distro for the
first time.

13 years later, and here I am, still using Debian on my home desktop, my
personal laptop, my work machine and my VPS, and working professionally as a
Free Software developer.

So thanks, Debian devs!

~~~
Athas
13 years ago, I downloaded Debian stable. The 'nv' driver for XFree86 didn't
work on my machine, so my first Unix experience was learning how to use vi to
edit the configuration file. Never did get it to work, but Knoppix did (in
those days it had famously good hardware detection - I think the key might
have been using the 'vesa' driver instead of 'nv').

The graphical environment provided by Knoppix gave me enough comfort to learn
how to use the command line and install the proprietary NVIDIA drivers, and I
was running pure Debian a few weeks later, and still am on my laptop (although
I now prefer OpenBSD on my server).

~~~
ajdlinux
All those, uuuuuh, positive and happy memories of editing modelines in
XF86Config...

~~~
krylon
Mandatory xkcd reference: [https://xkcd.com/963/](https://xkcd.com/963/)

I tend to agree with the graph, though - editing XF86config / xorg.conf was
not a lot of fun.

------
njloof
I understand the desire to keep corporate communication positive, but it's sad
to see the absence of Ian Murdock so soon after his passing.

~~~
interfixus
Strangely, Murdock's death is mentioned, but not a word about his founding
role.

------
corford
I'm old enough to remember all the "Debian is dying" posts on Slashdot back in
the day. As a very happy convert since the potato days, it's amazing how far
Debian has come and a testament to the power of free software. Go Debian!

~~~
dragonmum
> I'm old enough to remember all the "Debian is dying" posts

Sadly, the Ian (Ian Murdock) in Debian did pass away (death had something to
do with police). [http://arstechnica.com/information-technology/2015/12/ian-
mu...](http://arstechnica.com/information-technology/2015/12/ian-murdock-
father-of-debian-dead-at-42/)

------
2close4comfort
Debian you are my hero! And I cannot think of a more fitting tribute to all of
Ian's hard work. This is how he should be remembered.

------
overcast
I've been using various forms of Unix, Linux , and BSD since 1998. Early days
were a lot of Slackware, and eventually moved into FreeBSD, where I was happy
for years. In the end the usability, stability, and package management of the
Debian system has me using it for all of my server setups. I've found it the
easiest of the Linux environments to get up and running quickly. It's what I
would consider the "standard" for a Linux OS at this point.

------
chajath
After fighting RPM hell so much in the late 90s, Debian linux was such a
revelation. I've been using Debian and its derivatives ever since.

------
SFJulie
I used to use debian. But their bureaucratic self righteous organization have
-at my own personal- opinion created a drift between them and upstream
packages.

Countless decisions of debian maintainers (that are proficient at packaging
and NOT at coding) to think of themselves has «smarter» than upstream open
source software maintainers have resulted in countless teeth grinding:

\- the openSSL randomness «fix» that resulted in openSSH being shipped with
only 65535 potential keys

\- the complexity of building clean src vs bin packages (in opposition with
RPM or slackware packaging) and the numerous kombinat called debian helpers
makes packaging a hell,

\- latex packages being a tad broken

\- ruby/python packages requiring a tad of contorsion to have them work the
way they were inteded to work natively (the overzealous package slicing which
in python/ruby required you to install non trivial package to use gem/pip)

\- the multiplication of packages for «ease of use» that cluttered debian with
so many fixed dependencies hell that it makes stable often hard and slow to
upgrade vs testing that can break and the hell of version pinpointing

\- the bureaucratic approach of splitting configurations in so many
directories that it is mind blowing and as usual not always following upstream
simpler conventions

\- poor default config (like apache cgi-bin being global to help install 3rd
party modules)

\- and the debian community above all that has taken «the melon» and kind of
been evolving to be a tad overconfident leading to impose choices that are
more than disputable to the users (such of course as systemd) but let's say
that ubuntu having sucked most of their community of maintainer during the
split it is even more obvious that they have a «microsoft» syndrome of we know
better than you what is good for you (desktop choices...)

As a result, I have almost happily left debian as my main OS, but I still am
hating that «securing/hardening» an OS after default install has become the
norm in free/open source main distribution.

The more I have seen open source project take a turn of «sectarism» the less I
am convinced in the so called intrinsic values of openness in free software.

Yet, there are still enough valuable open source projects out there for my
comfort

------
davidw
For my birthday in 1996, I ordered a Debian CD and some game. I played the
game once or twice, but am still using Ubuntu, a Debian derivative. Debian has
its faults, but has done a lot of good work over the years.

------
optforfon
I've been using Debian for ever .. but honestly it's mostly b/c the critical
mass it has. If I have a problem it's pretty straightforward to find
solutions. I think there are distributions that are more advanced and
interesting (NixOS) and with quicker updates to their packages (Arch), but
since I don't want to fiddle with my computer all day I just use use Debian.

Maybe some day something a little more modern will take off but for the time
being I'll stick to what works - Debian

------
bechampion
around 17 years ago i remember flapping betwee slack and debian .... debian
package management was always superior so i stayed ... still using debian
today. Also remember that I've always liked gnome-panel but not the whole
desktop env , so i would use window maker + gnome-panel :) .

------
madengr
Never did get into Debian, only because the configure files were in different
locations than red hat, at least back in the day. Using fedora and Slackware.

------
znpy
I a week ago I upgraded an oldstable debian installation to stable and now it
hangs on shutdown and reboot due to systemd.

Thanks Debian.

------
nullcipher
Does anyone know what happened to the case of the debian founder?

------
_RPM
Don't use stable. Stable doesn't mean what you think it means. It means that,
among other things, it doesn't get any major updates to core software.

~~~
keithpeter
Some notes as to your use case would add to your comment I think. I have in
the past run Sid (aka Unstable) for non-critical use on a laptop without too
many issues.

~~~
wiz21
major problem with unstable is that you get completely addicted to upgrading
your system each time a package evolve. That's a huge time sink, thanks Debian
:-)

