Debian Archive
A crucial but often entirely transparent feature of a modern package management system like Debian’s APT is its solver – basically the set of rules and instruction on how to handle dependencies when installing a package. APT is currently in the process of radically changing its solver, the first bits of which can be found in APT 2.9.3, referred to as solver3. Many of the changes and improvements get a little into the weeds and will mostly be transparent to users, but there is one feature the new solver will enable that many of you will be incredibly excited about. One of the core new capabilities of solver3 is the implication graph. As part of the solving phase, we also construct an implication graph, albeit a partial one: The first package installing another package is marked as the reason (A -> B), the same thing for conflicts (not A -> not B). ↫ Julian Andres Klode Seems rather innocuous at first sight, but here’s what the implication graph will make possible: The implication graph building allows us to implement an apt why command, that while not as nicely detailed as aptitude, at least tells you the exact reason why a package is installed. It will only show the strongest dependency chain at first of course, since that is what we record. ↫ Julian Andres Klode If you’ve ever dealt with packaging issues – probably when running -testing or similar unstable distributions that use APT, a command that tells you exactly why a package is installed is an absolute godsend. Sure, aptitude exists, but aptitude takes you out of your current CLI workflow, whereas this will be much easier to quickly run. There’s more features solver3 will enable, but this one is definitely one of my favourite low-level additions to APT in a long, long time.
A number of you will have noticed already that the 64-bit time_t transition is now in progress in Debian experimental. The goal of this transition is to ensure that 32-bit architectures in trixie (whether they are currently release architectures, or out of archive, etc) will be capable of handling current and future timestamps referring to times beyond 2038. ↫ Steve Langasek on debian-devel-announce A crucial effort.
Debian’s MIPS64EL that is a 64-bit little endian port using the N64 ABI is at risk due to declining access for building the Debian 64-bit MIPS packages. MIPS64EL is now being treated as an “out of sync” architecture due to lacking sufficient build daemon resources for timely building new packages and if the situation doesn’t improve, it may not be suitable as a release architecture for Debian 13 “Trixie”. Not all architectures last forever, and as time goes on, more and more of these once promising architectures will simply no longer be part of the modern Linux world. It makes sense – but it’s still sad.
Debian 12 had aimed to have a merged “/usr” file-system layout similar to other Linux distributions, but The Debian Technical Committee earlier this year decided to impose a merged-/usr file movement moratorium. But now with Debian 12 having been out for a few months, that moratorium has been repealed. In hoping to have the merged /usr layout ready in time for Debian 13 “Trixie”, yesterday that moratorium was repealed. I love Debian’s bureaucratic processes and procedures. I imagine all the Debian people working in a giant nondescript grey building with very few windows, somewhere along a generic highway at the edge of a boring suburb of a forgetable town.
Debian is a large, complex operating system, and a huge open source project. It’s thirty years old now. To many people, some of its aspects are weird. Most such things have a good reason, but it can be hard to find out what it is. This is an attempt to answer some such questions, without being a detailed history of the project. The fact that Debian is a relatively slow-acting, complex democracy is probably why it has survived for so long, and why it’s become the bedrock for so many derivative distributions.
After many years of effort, I am happy to announce that Debian riscv64 is now an official architecture! This milestone is not the end of the journey but rather the beginning of a new one: the port will need to be rebootstrapped in the official archive, build daemons will have to be reinstalled and handed over to DSA, many bugs will need to be fixed. If everything goes well, the architecture will eventually be released with Trixie. Please note that this process will be long and will span several months. An important step in any architecture’s life cycle is becoming an officially supported Debian architecture.
It is with huge pleasure that the Debian GNU/Hurd team announces the release of Debian GNU/Hurd 2023. This is a snapshot of Debian “sid” at the time of the stable Debian “bookworm” release (June 2023), so it is mostly based on the same sources. It is not an official Debian release, but it is an official Debian GNU/Hurd port release. Debian GNU/Hurd is probably the easiest, most accessible way to try out Hurd.
After 1 year, 9 months, and 28 days of development, the Debian project is proud to present its new stable version 12 (code name bookworm). The biggest change conceptually is that Debian now includes a non-free-firmware package area, and the Debian project from here on out will allow non-free firmware to be included on installation media. For the rest, a new Debian release is exactly as you’d expect – all the latest versions of packages, and it will serve as the base for an immense number of popular Linux distributions, either directly (such as Ubuntu) or indirectly (such as Linux Mint).
Two weeks ago I upgraded chiark from Debian jessie i386 to bullseye amd64, after nearly 30 years running Debian i386. This went really quite well, in fact! This story gets more impressive the more you read of it.
Linux distributions like Debian fulfill an important function in the FOSS ecosystem – they are system integrators that take existing free and open source software projects and adapt them where necessary to work well together. They also make it possible for users to install more software in an easy and consistent way and with some degree of quality control and review. One of the consequences of this model is that the distribution package often lags behind upstream releases. This is especially true for distributions that have tighter integration and standardization (such as Debian), and often new upstream code is only imported irregularly because it is a manual process – both updating the package, but also making sure that it still works together well with the rest of the system. However, there have been developments over the last decade that make it easier to import new upstream releases into Debian packages. An interesting look at what the Debian project is doing to make it easier for upstream code to be packaged as proper .deb packages.
Speaking of Debian, there’s even bigger news than a new Debian GNU/Hurd release – Debian 11.0 is out and about! This release contains over 11,294 new packages for a total count of 59,551 packages, along with a significant reduction of over 9,519 packages which were marked as obsolete and removed. 42,821 packages were updated and 5,434 packages remained unchanged. As always, Debian release are big, and they are hugely important as they serve as the base for some of the most popular Linux distributions out there.
It is with huge pleasure that the Debian GNU/Hurd team announces the release of Debian GNU/Hurd 2021. This is a snapshot of Debian “sid” at the time of the stable Debian “bullseye” release (August 2021), so it is mostly based on the same sources. It is not an official Debian release, but it is an official Debian GNU/Hurd port release. In this release, the port of go has been completed, experimental support for APIC, SMP, and 64bit has been added, and more.
Rust/coreutils is now available in Debian, good enough to boot a Debian with GNOME, install the top 1000 packages, build Firefox, the Linux Kernel and LLVM/Clang. Even if I wrote more than 100 patches to achieve that, it will probably be a bumpy ride for many other use cases. Fascinating initiative, and a hell of a lot of work. Rust seems to be gaining ground left, right, and centre.
The Debian project is pleased to announce the second update of its stable distribution Debian 10 (codename buster). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available. Debian users probably already have this installed, because Debian package management is awesome and you can pry APT from my cold, dead hands and yes I’m totally biased when I say that APT is massively better than any of its alternatives. Sue me.
In this release, GNOME defaults to using the Wayland display server instead of Xorg. Wayland has a simpler and more modern design, which has advantages for security. However, the Xorg display server is still installed by default and the default display manager allows users to choose Xorg as the display server for their next session. Thanks to the Reproducible Builds project, over 91% of the source packages included in Debian 10 will build bit-for-bit identical binary packages. This is an important verification feature which protects users against malicious attempts to tamper with compilers and build networks. Future Debian releases will include tools and metadata so that end-users can validate the provenance of packages within the archive. Debian forms the bedrock under many popular distributions, so any new Debian release is a major milestone, and will eventually find its way, in one form or another, to many Linux users’ computers.
It’s been a while since last post, and sometimes things look very quiet from outside even if the people on the backstage never stop working. So this is an update on the status of this port before the release of buster, which should happen in a few weeks and which it will open the way for more changes that will benefit the port. An update on the status of Debian’s riscv64 port.
This blog post isn’t meant to be a definitive guide about Secure Boot in Debian. The idea is to give some context about the boot sequence on the PC architecture, about the Secure Boot technology, and about some implementation details in Debian. Exactly what it says on the tin – a detailed article about how Debian handles Secure Boot.
One of the traditional rites of the (northern hemisphere) spring is the election for the Debian project leader. Over a six-week period, interested candidates put their names forward, describe their vision for the project as a whole, answer questions from Debian developers, then wait and watch while the votes come in. But what would happen if Debian were to hold an election and no candidates stepped forward? The Debian project has just found itself in that situation and is trying to figure out what will happen next. Fascinating article about the minutiae of Debian governance.
There is always at least a small risk when installing a package for a distribution. By its very nature, package installation is an invasive process; some packages require the ability to make radical changes to the system - changes that users surely would not want other packages to take advantage of. Packages that are made available by distributions are vetted for problems of this sort, though, of course, mistakes can be made. Third-party packages are an even bigger potential problem because they lack this vetting, as was discussed in early October on the debian-devel mailing list. Solutions in this area are not particularly easy, however.
The Debian project is pleased to announce the fifth update of its stable distribution Debian 9 (codename stretch). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available.
Please note that the point release does not constitute a new version of Debian 9 but only updates some of the packages included. There is no need to throw away old stretch media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror.
I'm not a fan of publishing items for every single distribution release - other sites do that way better than I ever could - but there are a few distributions I do try to keep up with, and considering just how fundamental Debian is to many popular Linux distributions, it's always been an exception.