25.10.2025, 14:45 UhrDeutsch | English
Hallo Gast [ Registrierung | Anmelden ]

Neues Thema eröffnen   Neue Antwort erstellen
Vorheriges Thema anzeigen Druckerfreundliche Version Einloggen, um private Nachrichten zu lesen Nächstes Thema anzeigen
Autor Nachricht
Mesnard
Titel: Does Kanotix maintain its own security updates?  BeitragVerfasst am: 03.09.2006, 17:45 Uhr



Anmeldung: 03. Sep 2006
Beiträge: 7

Having used Ubuntu and Etch for a couple of months I'm thinking of replacing them with Kanotix 2005-4. Could anyone confirm whether Kanotix provides ongoing security updates for its stable releases.

Regards,

Michael
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
Richard
Titel: RE: Does Kanotix maintain its own security updates?  BeitragVerfasst am: 03.09.2006, 18:01 Uhr



Anmeldung: 07. Nov 2005
Beiträge: 112
Wohnort: Venezuela
Kanotix is fundamentally Debian Sid.
There are no security updates for Debian Sid.
For security updates, use Debian Sarge.
And supposedly Debian Etch gets updates, I have read.

The security of Sid is felt to be its frequent changes.
A moving target, so to speak.

_________________
kanotix-2006-01, 2.6.18.5-slh-up-1, IceWM, Krusader; P4, 2.8GHz, 512MB
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
piper
Titel: RE: Does Kanotix maintain its own security updates?  BeitragVerfasst am: 03.09.2006, 18:24 Uhr
Team Member
Team Member


Anmeldung: 03. Mai 2005
Beiträge: 1544
Wohnort: out there somewhere
A little Info


slh hat folgendes geschrieben::

sid doesn't get official security support, it doesn't need it either as new upstream versions and maintainer fixes get fed into it mostly faster than into sarge, and yes, each security issue is a grave bug waiting to be fixed - to fix it, a new package has to enter testing through sid, so sid gets it first - just that the fix isn't backported by an overworked 2 man security team, but by upstream and the responsible maintainers. In 90% of all cases that happens faster than for stable, and yes, in case debian doesn't act in time, we do act as well with temporal overrides - already happenend with firefox and samba in recent past

_________________
h2's d-u script
h2's rdiff-backup script
 
 Benutzer-Profile anzeigen Private Nachricht senden Website dieses Benutzers besuchen  
Antworten mit Zitat Nach oben
Mesnard
Titel: Re: RE: Does Kanotix maintain its own security updates?  BeitragVerfasst am: 03.09.2006, 18:53 Uhr



Anmeldung: 03. Sep 2006
Beiträge: 7

piper hat folgendes geschrieben::
A little Info
slh hat folgendes geschrieben::

sid doesn't get official security support, it doesn't need it either as new upstream versions and maintainer fixes get fed into it mostly faster than into sarge, and yes, each security issue is a grave bug waiting to be fixed - to fix it, a new package has to enter testing through sid, so sid gets it first - just that the fix isn't backported ba an overworked 2 man security team, but by upstream and the responsible maintainers. In 90% of all cases that happens faster than for stable, and yes, in case debian doesn't act in time, we do act as well woth temporal overrides - already happenend with firefox and samba in recent past


I understand that. However, in order to benefit from the vaunted stability of Kano's official stable releases, it's my understanding that dist-upgrades aren't generally recommended, so it seems to follow that with Kanotix I can either have stability or security, but not both.
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
jackiebrown
Titel: RE: Re: RE: Does Kanotix maintain its own security updates?  BeitragVerfasst am: 03.09.2006, 18:57 Uhr



Anmeldung: 13. Mai 2005
Beiträge: 732
Wohnort: Texas
I dist-upgrade every day. Just check the warnings here first. The Kanotix team is very good at daily warning for upgrades if need be.,

_________________
Always acknowledge a fault. This will throw those in authority off their guard and give you an opportunity to commit more.
Mark Twain
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
piper
Titel: RE: Re: RE: Does Kanotix maintain its own security updates?  BeitragVerfasst am: 03.09.2006, 18:59 Uhr
Team Member
Team Member


Anmeldung: 03. Mai 2005
Beiträge: 1544
Wohnort: out there somewhere
I also d-u everyday Winken

_________________
h2's d-u script
h2's rdiff-backup script
 
 Benutzer-Profile anzeigen Private Nachricht senden Website dieses Benutzers besuchen  
Antworten mit Zitat Nach oben
Mesnard
Titel: Re: RE: Re: RE: Does Kanotix maintain its own security updat  BeitragVerfasst am: 03.09.2006, 19:09 Uhr



Anmeldung: 03. Sep 2006
Beiträge: 7

piper hat folgendes geschrieben::
I also d-u everyday Winken


It's a common complaint on debian-user that in Etch (and presumably also Sid) CUPS is intermittently broken -- how (if at all) do regular d-u'ers avoid this?
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
piper
Titel: RE: Re: RE: Re: RE: Does Kanotix maintain its own security u  BeitragVerfasst am: 03.09.2006, 19:35 Uhr
Team Member
Team Member


Anmeldung: 03. Mai 2005
Beiträge: 1544
Wohnort: out there somewhere
A couple fixes here

_________________
h2's d-u script
h2's rdiff-backup script
 
 Benutzer-Profile anzeigen Private Nachricht senden Website dieses Benutzers besuchen  
Antworten mit Zitat Nach oben
Mesnard
Titel: Re: RE: Re: RE: Re: RE: Does Kanotix maintain its own securi  BeitragVerfasst am: 03.09.2006, 20:22 Uhr



Anmeldung: 03. Sep 2006
Beiträge: 7

piper hat folgendes geschrieben::
A couple fixes here


Oh hell. I think I'd rather be r00ted.
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
devil
Titel: Re: RE: Re: RE: Re: RE: Does Kanotix maintain its own securi  BeitragVerfasst am: 03.09.2006, 20:42 Uhr
Team Member
Team Member


Anmeldung: 06. Mai 2005
Beiträge: 3087
Wohnort: berlin
mesnard, dont use 2005-04 please.
easter preview RC4 is very stable, and most of us use it for 6 months now.
its easier to maintain.
and: in debian, its not hell, its HAL Sehr böse

greetz
devil

_________________
<<We are Xorg - resistance is futile - you will be axximilated>>

Host/Kernel/OS "devilsbox" running[2.6.19-rc1-git5-kanotix-1KANOTIX-2006-01-RC4 ]
CPU Info AMD Athlon 64 3000+ clocked at [ 803.744 MHz ]
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
drb
Titel:   BeitragVerfasst am: 03.09.2006, 20:52 Uhr



Anmeldung: 03. Jul 2004
Beiträge: 525

I started with 2005-04, d-u every day but have never had the CUPS printer problems, so this isn't a universal problem. I have 2 USB printers.

drb

_________________
Kernel 2.6.21-slh-up-7
_____________________
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
mylo
Titel: Does Kanotix maintain its own securi  BeitragVerfasst am: 03.09.2006, 20:56 Uhr



Anmeldung: 30. Jan 2005
Beiträge: 259
Wohnort: Wiesbaden
devil hat folgendes geschrieben::
mesnard, dont use 2005-04 please.
easter preview RC4 is very stable, and most of us use it for 6 months now.
its easier to maintain.
greetz
devil


I can absolutely confirm that, and d-u works very good, just check warnings then you do not havve problems

mylo

_________________
Viele Grüße
mylo
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
h2
Titel: RE: Re: RE: Re: RE: Re: RE: Does Kanotix maintain its own se  BeitragVerfasst am: 03.09.2006, 20:56 Uhr



Anmeldung: 12. Mar 2005
Beiträge: 1005

mesnard, since you've used ubuntu and etch for a few months, hopefully you now realize why kanotix might be attractive. It is, unlike etch and ubuntu, running live off of debian sid. It is the cutting edge, fixes are here first. And so are bugs.

You have two options: install easter rc4, don't upgrade anything, don't install any significant software that might end up pulling in too much of sid as dependencies. Or upgrade at least once a week. Upgrading at least once per week is to me the better option, and it's what most of the team members here do, and most of the other users who stick with it. With the exception of client type desktop installs in workplaces, of course.

If you don't upgrade, you can use the really nice feature every new release: install-update, or update-install, can't remember which it is. That works very well on unmodified installs, and is a great option.

But keep in mind, etch does its thing well, which is to lead you into the next debian stable, which is a nice place to be, or will once etch turns into stable. And ubuntu does what it does, which is freeze sid to make it relatively, but not completely, safe for users. So if you want those features, frozen sid or debian stable to be, then use those distros. Kanotix is not that distro, but it is an amazing, cutting edge OS, that I really like, it's the only one I would consider running at the moment.

That's why I write the script you see in my sig, by the way, to make it a bit easier and safer long term to run kanotix. No guarantees, especially with printers, wireless that uses problematic proprietary or buggy drivers, but things are getting much better fix to fix from what I see, the difference between my first 2005-4 install and my currently fully upgraded, with recent kernels, 2005-4 is really amazing to see, constant fixes, improvements, etc. And rock solid, stable. I do backups just in case since this is debian sid, and there are no guarantees, but I've only had to use them 2 times. And one of those times I was just impatient and overreacted.

_________________
Read more on dist-upgrades using du-fixes-h2.sh script.
New: rdiff-backup script


Zuletzt bearbeitet von h2 am 03.09.2006, 20:58 Uhr, insgesamt ein Mal bearbeitet
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
piper
Titel:   BeitragVerfasst am: 03.09.2006, 20:57 Uhr
Team Member
Team Member


Anmeldung: 03. Mai 2005
Beiträge: 1544
Wohnort: out there somewhere
Open the pod bay doors, HAL

I'm sorry Dave, I'm afraid I can't do that

_________________
h2's d-u script
h2's rdiff-backup script
 
 Benutzer-Profile anzeigen Private Nachricht senden Website dieses Benutzers besuchen  
Antworten mit Zitat Nach oben
Mesnard
Titel: Re: RE: Re: RE: Re: RE: Does Kanotix maintain its own securi  BeitragVerfasst am: 03.09.2006, 20:58 Uhr



Anmeldung: 03. Sep 2006
Beiträge: 7

devil hat folgendes geschrieben::
mesnard, dont use 2005-04 please.
easter preview RC4 is very stable, and most of us use it for 6 months now.


You're right. After Ubuntu, running the Live-CD was like emerging from long-term Valium addiction.
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
h2
Titel: RE: Re: RE: Re: RE: Re: RE: Does Kanotix maintain its own se  BeitragVerfasst am: 03.09.2006, 21:01 Uhr



Anmeldung: 12. Mar 2005
Beiträge: 1005

mesnard: and running fully dist-upgraded kanotix is like having a nice cup of espresso to start your day...

keep in mind, the livecd easter is already requiring something like a 600 mB plus apt-get dist-upgrade + 30 mB kernel install to bring it up to date, and if you do, when 2006-1 is released as the next stable, there is almost no difference between the two. Just like there will be almost no differences between 2005-4 upgraded to today and 2006-1 when it comes out.

And one month or so after 2006-1 comes out, it will take 250 mB or so to dist-upgrade it, so it's really just a question of picking a place to start, and then going from there. Ever since the 2005-4 release, it's been like that, that was a true milestone I think for this distro. Before it was more problematic.

_________________
Read more on dist-upgrades using du-fixes-h2.sh script.
New: rdiff-backup script
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
Mesnard
Titel: Re: RE: Re: RE: Re: RE: Re: RE: Does Kanotix maintain its ow  BeitragVerfasst am: 03.09.2006, 21:09 Uhr



Anmeldung: 03. Sep 2006
Beiträge: 7

Thanks for the advice, h2. I'll certainly be giving Kanotix a try.
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
slam
Titel: Re: RE: Re: RE: Re: RE: Does Kanotix maintain its own securi  BeitragVerfasst am: 03.09.2006, 21:12 Uhr



Anmeldung: 05. Okt 2004
Beiträge: 2069
Wohnort: w3
Sorry to disturb the tea party ....
Why would anyone need security updates running cups on the same machine? What kind of "public print server" must that be?
Please educate me.
Greetings,
Chris

_________________
"An operating system must operate."
 
 Benutzer-Profile anzeigen Private Nachricht senden E-Mail senden Website dieses Benutzers besuchen AIM-Name Yahoo Messenger MSN Messenger ICQ-Nummer 
Antworten mit Zitat Nach oben
Mesnard
Titel: Re: RE: Re: RE: Re: RE: Does Kanotix maintain its own securi  BeitragVerfasst am: 03.09.2006, 21:32 Uhr



Anmeldung: 03. Sep 2006
Beiträge: 7

slam hat folgendes geschrieben::
Sorry to disturb the tea party ....
Why would anyone need security updates running cups on the same machine? What kind of "public print server" must that be?
Please educate me.
Greetings,
Chris


I cited CUPS only because it's one of the most notorious obstacles to running bleeding-edge Debian derivatives. Wouldn't dream of using it myself Winken
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
hubi
Titel: Re: RE: Re: RE: Re: RE: Does Kanotix maintain its own securi  BeitragVerfasst am: 03.09.2006, 21:38 Uhr



Anmeldung: 22. Jan 2006
Beiträge: 1296
Wohnort: Budapest
slam,

now I do not understand what you mean. All my boxes are alround desktops for everything from internet-banking to printing HQ-pics through cups. And doing internet-banking, I am interested in the latest software regarding security. Hence Sid is not a stable release meaning stable structures, it can happen that things break doing a dist-upgrade.

It is not: this box for printing, that for CAD and the third one for internet-banking.

Or did I terribly misunderstand your statement?

hubi

_________________
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
Swynndla
Titel: Re: RE: Re: RE: Re: RE: Re: RE: Does Kanotix maintain its ow  BeitragVerfasst am: 04.09.2006, 00:44 Uhr



Anmeldung: 05. Dez 2005
Beiträge: 414
Wohnort: Auckland, New Zealand
h2 hat folgendes geschrieben::
mesnard, since you've used ubuntu and etch for a few months, hopefully you now realize why kanotix might be attractive. It is, unlike etch and ubuntu, running live off of debian sid. It is the cutting edge, fixes are here first. And so are bugs.


... that brings a question to mind that I've been wanting to ask for a while ... you see I've never installed etch (in fact I've only properly installed knoppix and later kanotix). There are some other debian guys at my work who know debian a lot better than myself. They say that I should do like they do and install debian etch from a net-install cd (or something like that, a very easy installer) and then change the apt sources and preferences to unstable, and do a dist-upgrade, and then I'd have debian unstable.

Now since I haven't installed debian etch or unstable, I wasn't really sure what the differences would be between debian unstable and kanotix. I guess I should give it a go on my other pc and find out. But I'm interested in hear what you others think, about the advantages of kanotix over debian unstable with kanotix.

From what it seems to me, maybe these are the advantages:
1 - the kanotix (shl) kernels are out faster and therefore more up to date.
2 - when somethink new comes into the debian repos, the kanotix developers smooth the big waves with might otherwise have shipwrecked my install for a few days.
3 - easy install scripts that come with kanotix, eg graphics drivers.
4 - dectects and installs many different devices.
5 - the nice kanotix community that gives me heaps of support.

The last point about the support that I receive from the kanotix community is a very big factor to me, because I doubt that I'd get such personal, quick, intelligent support from other distros.

Now these debian guys at work would say (based on talks I've had with them, but I'm not really sure what they'd actually say):
1 - the kernel in the debian repos isn't that far behind, not so far behind that it'd make much difference.
2 - they've never had a problem they could sort out after dist-upgrading.
3 - they go to the nvidia site and follow the instuctions to install their nvidia drivers it they have to.
4 - hal/udev are at a stage where they do all the device auto detection.
5 - (well, they say that support is important, and they didn't really know what to say about that except RTFM and google).

They go on to say that if I keep my pc "pure" debian, ie without another other distro on top, then I'll have less problems in the long run when doing dist-upgrades, as debian packages wont be fighting against kanotix ones.

The thing is, I don't know enough about all this stuff to know if points 1-3 above (and the point about less problems in the long run) are as they say.

_________________
Linux is evolution, not intelligent design - Linus Torvalds
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
hubi
Titel: Re: RE: Re: RE: Re: RE: Re: RE: Does Kanotix maintain its ow  BeitragVerfasst am: 04.09.2006, 01:13 Uhr



Anmeldung: 22. Jan 2006
Beiträge: 1296
Wohnort: Budapest
Swynndla,

you just need to install a debian-kernel. I tried it once halfheartedly and was not able to boot into X, so I did not continue with my experiments. I also tried an etch-install at the time I tried Kanotix first, and it was far more difficult to configure hardware, X and the looks than with Kanotix, which was and still is Linux-on-desktop-heaven. But: give it a try and judge for yourself.

hubi

_________________
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
h2
Titel: RE: Re: RE: Re: RE: Re: RE: Re: RE: Does Kanotix maintain it  BeitragVerfasst am: 04.09.2006, 02:18 Uhr



Anmeldung: 12. Mar 2005
Beiträge: 1005

etch is nice, I've run it a few times, no major issues, but haven't done anything complicated, no nvidia installs, used stock kernel, etc

The debian guys are downplaying the sid breaking your system issue significantly in my opinion. and exagerating the ease of fixing those breaks. Or maybe guys who run debian just know a lot more about their systems than I would want to currently, making hard fixes easy.

If you had installed the broken xorg recently, where xorg 7.1 piece slipped into sid, that fix was done in kanotix in about 6 hours from when it hit sid I think. Same for many other fixes.

Personally, I'd install etch and let it upgrade to stable when the time comes, that would be my prefered debian platform, and I'd use kanotix for my working desktop, because... well, because it always works, all my kanotix installs work, and they have worked now since I switched full time.

Just the problem warning page alone is worth it to use kanotix in my opinion, then the speed that the fixes come out is simply amazing at times.

But etch is an easy install, I did the partial net install recently, where you get the startup iso, 150 mB or so, and do the full upgrade through the net, no problem, but no complicated hardware either.

_________________
Read more on dist-upgrades using du-fixes-h2.sh script.
New: rdiff-backup script
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
slam
Titel: Re: RE: Re: RE: Re: RE: Re: RE: Does Kanotix maintain its ow  BeitragVerfasst am: 04.09.2006, 07:35 Uhr



Anmeldung: 05. Okt 2004
Beiträge: 2069
Wohnort: w3
Swynndla hat folgendes geschrieben::
They go on to say that if I keep my pc "pure" debian, ie without another other distro on top, then I'll have less problems in the long run when doing dist-upgrades, as debian packages wont be fighting against kanotix ones.

Well, probably those "Debian guys" know something about parts of Debian, but they definitely don't know how Kanotix works today. Kanotix is 100% pure Debian Sid after you install it to your HD, and Debian packages never fight against Kanotix ones. Actually exactly those Kanotix packages are the reason why dist-upgrades have a much better success rate in Kanotix, compared with stock Debian Sid. Smilie

Kanotix does not change Sid, it enhances it with a huge load of helpful scripts, transitional packages, lot's of additional drivers, firmware-packages and carefully pre-patched kernels (which are always more recent than the Debian stock kernel). But the Kanotix Dev team also takes a lot of care keeping this work Debian compatible, and - despite other, probably more prominent Debian Sid based distributions - all Kanotix packages are directly usable on stock Debian, some move up their way into Debian offical repositories later on.

That's the secret why Kanotix recognizes and sets up much more hardware than any other operating system around, and becomes more stable (and more secure) than pure Debian Sid ever can be. Said that, keep in mind that the Kanotix Dev team only accepts packages in our repositories which are examined, tested and 100% Debian Sid compatible.

Actually Kanotix is the only serious way of installing and running Debian Sid on a Desktop or Laptop. All those experiments with Debian images, netinstall, debootstrap (from stable, testing or sid) and enhancing the installation afterwards is a lot of work (hours, and decent knowledge is needed), while the Kanotix installer has finished his work in 5-20 minutes.

Things might be different if you run a special duty server, but even there Kanotix is ok, or at least a handy starting base (we very happily run most recent Kanotix-64 on our own main web server here, just to give 1 example).

Now add the (free!) multilingual, competent and friendly support you have at your fingertips via Manual, FAQ, Wiki, Forum and Live-Chat Kanotix provides 24/365 with average response times below 2 hours - compare that with professional commercial support facilities other distributions offer ......

and don't forget to donate! Smilie

Greetings,
Chris

_________________
"An operating system must operate."
 
 Benutzer-Profile anzeigen Private Nachricht senden E-Mail senden Website dieses Benutzers besuchen AIM-Name Yahoo Messenger MSN Messenger ICQ-Nummer 
Antworten mit Zitat Nach oben
anticapitalista
Titel:   BeitragVerfasst am: 04.09.2006, 11:39 Uhr



Anmeldung: 23. Mai 2005
Beiträge: 174
Wohnort: Greece
A while back I installed debian through net-install, changed the repos to Sid and installed what I wanted. ie no kde, no thunderbird, gimp, openoffice etc as I wanted a fluxbox lean and mean install.
That I think is the big advantage of debian net-install over Kanotix - you choose what YOU want.

Now having said that, if you want kde, thunderbird etc and things to work out of the box, installed easily to hd in 15 minutes go for Kanotix as the devs have done a great job in their choice of apps, and Kanotix is very fast. (so is net-debian BTW)

This forum is also another plus. Knowledgeable, helpful and friendly. Before I dist-upgrade any of my distros (Kanotix 2005-04, Mepis 3.4.3, Debian Sid) I always pop in here to read the forums about possible problems and solutions. In that way I have fully upgraded Kanotix, Mepis 3.4.3 (the last debian one) and Debian Sid.

Kanotix really is an awesome distro. It offers so much.

_________________
Philosophers have interpreted the world in many ways; the point is to change it.
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
Beiträge vom vorherigen Thema anzeigen:     
Gehe zu:  
Alle Zeiten sind GMT + 1 Stunde
Neues Thema eröffnen   Neue Antwort erstellen
Vorheriges Thema anzeigen Druckerfreundliche Version Einloggen, um private Nachrichten zu lesen Nächstes Thema anzeigen
PNphpBB2 © 2003-2007 
 
Deutsch | English
Logos and trademarks are the property of their respective owners, comments are property of their posters, the rest is © 2004 - 2006 by Jörg Schirottke (Kano).
Consult Impressum and Legal Terms for details. Kanotix is Free Software released under the GNU/GPL license.
This CMS is powered by PostNuke, all themes used at this site are released under the GNU/GPL license. designed and hosted by w3you. Our web server is running on Kanotix64-2006.