Suggestion: easier to find list of supported packages

First, welcome to the Mepis family. Since you used the Newbie terminology freely, I am going to make the assumption you are a newbie. First off, I suggest the upgrade to Mepis 6.0. I can state that I am very happy with it. I am using it on a laptop and on the kids computers. I will answer your questions/comments by your numbered order as best I can, short and simple:

Answers -

1). Mepis uses the Ubuntu base: First announcement: http://www.mepis.org/node/9454

Final Release: http://www.mepis.org/node/10606

Mepis uses the Ubuntu pool

2). Yes and no. The best way to look at this is that yes, some things can break with any change from the standard Mepis/Ubuntu pools, but no you may still have a functioning system that is just not the Mepis we all know and love. I know this is a somewhat abstract and nebulous answer, but it is all I have for you. Others may post and offer more specificity to my explanation.

3). Mepis and Ubuntu are Debian based distros, so no matter how you look at it, it is still Debian in some way. By reading the posts found in the link above you can find more information about what is going on. Better yet, read all of the announcements since the release of 6.0 here:

http://www.mepis.org/news/pr

This saves me a bunch of typing

4). I could be wrong, but I don't believe it has all of it on the default install, but it is easily setup through use of Synaptic (I have only used this release for desktop stuff).

5). I am deferring this question until tomorrow. I am on a Windows machine now, but I will check if it is in the repos for 6.0 tomorrow (I know Windows sucks, but I am a CS/IT student thus I am trapped in the Microsoft world for the time being).

6). I have never had a need to do anything, at least that I can remember at the moment, that requires me to install anything other than from the repos, so I can't answer this.

Reply to comments:

1). Yes, security books can be daunting, especially those that that use discrete mathmatical structures, and more specifically proofs. I believe that in general security concerns for Mepis packages are left up to the package vendors and left up to the user to upgrade as needed. I agree that it may be a good idea to have a page dedicated to security concerns here. I will address this to the Mepis core team directly. As far as upgrading Firefox, that should be easily done through Synaptic without any "breakage" occuring. I have yet to have a problem such as the one you have described, but I have seen other reports similar to yours.

As far as I know, Tripwire will run on anything Linux including Debian based stuff:

http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&version=all&exact=1&keywords=tripwire

If I am not mistaken Tripwire is on the Extra's CDs. I do not have them so if someone could please let us know we would greatly appreciate it.

2). Yeah, a list like this sounds great, but I have seen very few good comparison lists. Most of the time, they don't really capture what you are trying to present. For example, I am not found of this one:

http://upgrade.tafusion.com/

Yes, it does what they want, namely showing Windows short comings, but it could be done better.

As far as your questions not getting answered, have you stepped back and took a look at your post here? The questions and comments are all over the map. You will get best results with single question posts. Asa you can see here, I have wrote a book to reply to your post. Most people like things short and sweet, but tonight you were lucky. I felt like being long-winded. Also, many of the questions you have asked here have been answered before. I will check on some of your other questions to see if the same situation is occuring.

3). 100% agree, though you can normally just add things like this to the general discussion area at the lower part of the forums. We are in the process of preparing to clean up the forums.

4). Anything that is not beta. I believe Warren announced this a while back. I believe there was some confusion about version numbering and about what was a test release or stable. I will try to find the annoucement and post the link here.

I hope this helps. It is 1:00 AM here, and I have a long night of homework. I am sure others will post some answers. Good luck. Let us know if this has helped.

Joe Pearce

The student is not above the teacher
The servant is not above the master
The student shares the teacher's fate
The servant shares the master's

http://www.joepearce.com

paranoia is not easy to cure. pills rarely make a difference. building trust is very difficult.
Feheeszeno, as you asked 10 questions in one spot, some of which are well known repeats, i know why exactly 10% of your questions get answered.
apg, systat and tripwire are in the ubuntu repositories. they don't have any difficult looking dependencies - only exim4.
you will need to add universe to the ubuntu repository lists. this will generate a warning. do not panic, go and have a stiff drink of water and come back to earth.

I DO make some attempt to search for previous answers, but perhaps I don't know enough to use the best search terms. I was not aware that I was asking questions already asked and answered. I know how irritating that can be for those who have been helping out here for a long time, and I regret any annoyance my frustration might have caused.

About apt, sysstat (two s's), yes, I installed both without trouble. Tripwire definitely does not install on my test system, at least not without tweaking. I was never able to get Exim4 (or any MTA) to work under MEPIS 3.3-1. Thunderbird did work out of the box for me under MEPIS 3.4-3, but I had trouble setting up encryption properly so I disabled it again. Since I am about to pass on to testing Ubuntu and some other distros, there seems little point to messing with Exim4 again.

feheeszeno

You may want to look at this before passing by exim4 completely:
http://www.trekweb.com/~jasonb/articles/exim4_courier/exim4.html

An addendum to Joe's response to your #2:
If you are judicious about your selections, you can add pretty-much anything to your system. I have done so with very good results, but this is definitely "flying by the seat of one's pants" territory.

Modifying dependency information in a "qualified candidate" .deb is easy to do. http://www.mepis.org/node/10726 references the kinds of changes which can be made, should you run across something that you really need that isn't in the current repos.

Approach things like this with caution, though, and implement a test environment before comitting such things to a production machine.

Heap-Big Experimenter Mojo: Where the dependency of x|y|z.deb diverges from the libraries and objects you have installed, you can force x|y|z.deb to be dependent upon what you already have installed on your system. You will not, thereby, break your installation; and you may find that everything works as expected. Then again, the proggie may just crash on you--it's not like it's going to crash Linux, is it?

4:
LAMP: Pseudo-marketing buzz word, coined by Michael Kunze in the December, 1998 issue of c't (http://www.heise.de/ct/english/98/12/230/). It refers to the Open Source Software bundle of: Linux + Apache + MySQL + (PHP | Perl | Python).

Apache, Mysql and php (4 & 5) are all in the current repos. You may want to consult the following: http://www.mepis.org/docs/index.php/LAMP_with_MySQL5_and_PHP_5
while correlating the resources then used with the current contents of the repositories. I think you'll find the current process far quicker than that outlined in the write-up.

6:
??? I'm guessing that you were referring to a SM 3.4-3 installation. At any rate, I regularly install from tarballs, and have very few problems with the situation. They all go into a subdirectory of /opt. I can't recall much of a dependency issue with any of them--certainly nothing difficult to resolve, or even insurmountable, for that matter.

I get the impression that much of your perspective, relative to dependency-based issues, has been formed within an RPM-based paradigm--liberally spiced with the problems that have cropped-up as a result of some marked changes in the MEPIS pools, as well as some historical aberrations relevant to the etch pools.

I'm willing to advance the hypothesis that, if you do go-ahead and set-up a SM 6.0-Final environment, you'll discover that most of your trepidations are non-issues.

I will offer the additional suggestion that you consider KMail and GnuPG (http://www.gnupg.org/(en)/download/supported_systems.html). This combination has been fully functional for me since the days when SimplyMEPIS_2003.10.02 was the newest thing going.

My turn for a question:
Are you actually running a non-firewalled, Internet-connected, web/mail (or other production) server; or are you simply doing these things with a desktop machine?

"You have two labs?"
"Each has its place. At the university, I try to please the Federal Government. Here, I negotiate with God."

Hi, EnigmaOne, thanks for your interesting response.

In the Exim4 documented you cited, does the section "Configuring Exim4 for Maildir Delivery" refer to setting up INTERNAL SYSTEM MAIL so that a program like tripwire can report to my root user without venturing onto the Big Bad Net? If so, do you know where I could find out how to set up tripwire or AIDE config files so that these can figure out how to internally mail their reports to my root user? Unfortunately for me, ALL the documentation I have found is oriented toward large departmental systems with a dedicated mail server, which obviously is not the case at all for the average home user.

I have wanted to obtain this functionality for a long time! (For external email I am using webmail with no problem, and if I am not gravely mistaken, even though I have never been able to properly set up gpg or other crypto functions, this gives me protection against casual snooping since the transfer from my inbox to localhost should be encrypted using SSL since my mailhost uses https protocol. Also, ssh and sftp have always worked for me right out of the box, which is a very good thing.)

I had a huge amount of trouble understanding Exim 4 documentation last time around (MEPIS 3.3-1, about a year ago) and eventually gave up. For the past week I have been experimenting with a test of MEPIS 3.4-3 (not 4.whatever, that was a goof) and I am intend to shortly move on to a test install of Ubuntu and perhaps then a test of MEPIS 6.0 and some others. I only have one machine available for this right now and while I am considering purchasing another, in general I probably don't have enough machines to make it really easy for me to do things in a test environment.

(Aside to developers: the thing I'd most like to see in future MEPIS releases is support for Xen-- someone called it "Zen" in Warren's poll, which is wrong. Ideally, I'd like to see an installer as good as current MEPIS installers which sets up MEPIS 17.0 :-/ running under Xen with space for a virtual machine running under DSL. Ideally, for those of use with adequate RAM, I'd like to see support for adding another MEPIS precisely to serve as a virtual test machine. For those without, I suppose frequent back ups and reinstalling every time an experiment breaks the system would be good. In my ideal "production machine" I'd have some small virtual machines dedicated to special tasks running under a lightweight distro like DSL with apt, say, on the theory I've seen advanced in various Linux mags that the way of the future is virtual machines to run legacy software, to run an IDS securely, to run a small web server without gravely endangering other virtual machines, and of course to run your basic desktop.)

I am very suprised that you have had no trouble with tarballs. I have been utterly unable to install tripwire or aide either from debs (via kpackage or synaptic) or from tarballs, under either MEPIS 3.3-1 or 3.4-3. I HAVE been able to install a few small things with few if any dependencies from tarballs, or using the "Deb search" pane in Firefox and downloading the deb to the desktop and then clicking on the icon, which calls kpackage on my system.

I am cautiously encouraged by your optimist about MEPIS 6.0, however, since this is presumably much improved particularly regarding the past problems with the Debian sarge (etch? sid??) repos vice Ubuntu repos.

I take your point that if I can figure out how to change the depencies to "force" installation, the worst that can happen should be that the program crashes, in which case I guess I can use synaptic to try to remove it entirely? You didn't quite say whether or not you've ever had problems breaking package management by doing this kind of thing--- by which I mean, getting error messages every time you try to use synaptic complaining about partially installed failed experiments.

Question: has anyone installed MEPIS 6.0 from the DVD from Linux Magazine October 2006? I take this includes the "extra CDs"? What changes to the /etc/apt/sources.list would I make to try to install anything extra from this DVD? (Since I have a dialup connection and the repos often seem too busy to function for me, this could be important.)

advTHANKSance, feheeszeno

Let me read it over again, fiddle-around in front of the keyboard a bit, and I'll get back to you on that.

(grinning) My favorite shopping venue is yard sales, pawn shops, in and around commercial trash bins, and by the trash cans in the alleys of our city.
My last 'holy grail' set me back $10.00 (US).

I usually create a directory on my desktop and download the tarball (example.tar.gz) into it. I open a console local to that directory, and su to do:

tar -xzvf example.tar.gz

...then move the resultant application directory to /opt.

After that's done, I populate the filesystem with the requisite dependencies, and do whatever configuration is required.

One step at a time, and I don't let myself get in a hurry about it.

I suppose I'd be circumspect too but, take my word for it, the situation is vastly improved since the switch to the Ubuntu repos.

I managed an upgrade to KDE 3.5 in one of my old SM2003 or SM2004 installations, and it's working just fine; but some packages will not install, and I'm not in the mood to fool-around with my sources. I generally compile from source in those cases anyway. It works, and there's no need to do anything more than that, for those machines.

I did not like 3.4-3, as compared to earlier releases (2003-2004), and that might be because it hit right around the time the etch pools started acting PMSee. Messing with updates with 3.4-3 was a pain, and I didn't want very much to bother with it, so I dumped 3.4-3 and went back to an earlier installation for all my production work.

I found that I like 6.0-Final just about as much as my older installs, so I replaced 3.4-3 wholesale. IMHO, given the state of the repos (and the progression therefrom) 6.0 is a literal cakewalk.

OK. The link I gave you was pretty-much the wrap-up in a bit of a dialogue that popped-up during some discussion over kwifimanager. (I'll use that as an example, because everything is right here, and accessible without any problem.)

Here's where it got started:
http://www.mepis.org/node/10680

My initial solution was to grab kuickshow from the debian pools and install it this way:

dpkg -i --ignore-depends=kuickshow kuickshow_3.5.3-1_i386.deb

Predictably, it finished with the following:

dpkg: dependency problems prevent configuration of kuickshow:
 kuickshow depends on kdelibs4c2a (>= 4:3.5.3-1); however:
  Version of kdelibs4c2a on system is 4:3.5.3-0ubuntu0.1.
 kuickshow depends on libc6 (>= 2.3.6-6); however:
  Version of libc6 on system is 2.3.6-0ubuntu20.
 kuickshow depends on libgcc1 (>= 1:4.1.0); however:
  Version of libgcc1 on system is 1:4.0.3-1ubuntu5.
 kuickshow depends on libstdc++6 (>= 4.1.0); however:
  Version of libstdc++6 on system is 4.0.3-1ubuntu5.
dpkg: error processing kuickshow (--install):
 dependency problems - leaving unconfigured
Errors were encountered while processing:
 kuickshow

The version of kuickshow was the version that belongs with the version of KDE that was installed with SM 6.0-Final, however, there was a problem:

Submitted by GreyGeek on Wed, 07/26/2006 - 19:17.

EnigmaOne,

I tried the manual install and I used KPackage.

Both methods install Kuickshow, and Kuickshow works well.

But, both method creates a broken condition in the apt-get database which interfers with Synaptic. So, I had to uninstalled it.

I am going to dl the source and try to compile it.

--

GreyGeek

Back to the drawing board.

My approach to fixing his problem was outlined in

http://www.mepis.org/node/10680#comment-38246

and

http://www.mepis.org/node/10726 .

Submitted by GreyGeek on Sat, 07/29/2006 - 11:12.

and Synaptic didn't complain!!

:)

--

GreyGeek

...was all I needed to hear.

From what I can tell:

http://www.mepis.org/node/10868

&

http://www.mepislovers.com/forums/index.php?topic=672.0

nobody's having problems with it, and I've fiddled with quite a number of other '.deb' packages in the same way. The result is always a perfect installation when versioning is exact or so extremely close that the differences are inconsequential.

No system, synaptic, dpkg or kpackage breakage occurs.

With that said, I have pushed it a bit (always in the same way I did with the kuickshow debian) with certain other packages, and have had a couple of programs tank on me. No biggie. At the very least:

dpkg -r example.deb

returns the system to the state it was in before I got to monkeying around with that particular package. In most cases, I could anticipate the problem, and it wasn't really something I wanted anyway. Gotta have fun somehow, on those slow days.

Anyway, time for me to get the kids in bed.





"You have two labs?"

"Each has its place. At the university, I try to please the Federal Government. Here, I negotiate with God."

Hurrah, I always wanted to use /opt for something!

Any chance you could advise me on two fairly simple installs?

1. Installing a deb not included in the repos listed in my /etc/apt/sources.list file: suppose I wanted to install some version of xfig

http://packages.debian.org/cgi-bin/search_packages.pl?suite=all&subword=1&exact=&arch=any&section=all&case=insensitive&keywords=xfig&searchon=sourcenames

None of these seem to be included in the repos listed in my /etc/apt/sources.list file; I probably don't much care whether I get the latest possible version, if it would be substantially easier to include an older and more stable version.

2. Installing a package not available as a deb at all:
Suppose I wanted to install Dia

http://www.gnome.org/projects/dia/

Note that apparently using the package alien (which was included with my default MEPIS install), one can turn a tarball into a deb package and thereafter try to include it in package management? Not sure that is really a good idea, but it SOUNDS like it MIGHT be a good idea! It sounds like this might circumvent "manual make" entirely, but I'd certainly like to get more experience installing from tarballs.

Question: I think I live the idea of collecting downloaded source in /opt, but didn't someone tell me that the drill (after gunzip-ing, untar-ing and cd-ing to the appropriate directory) is usually this?:

./configure
make
su root
make install

I ask because you said you su to root before going into /opt. Is this one of those procedures which would be risky when installing on an enterprise server but is safe for most home users?

feheeszeno

LOL! You are not paranoid if they are actually out to get you, pills only make me forget the pain, there is no such thing as friends, only acquaintances and I don't have to come back to Earth if I don't want to. LOL!

Joe Pearce

The student is not above the teacher
The servant is not above the master
The student shares the teacher's fate
The servant shares the master's

http://www.joepearce.com