You have published Netrunner 19.01 Core now, which is based on Debian stable. I am doing many business transactions via my machines and so I must avoid security issues. My question is now, is Netrunner 19.01 Desktop secure enough for doing those or should I use your Netrunner 19.01 core system, which is based on Debian stable, instead and when I should do it, which multimedia codec I have to install to get the same rich multimedia experience like Netrunner 19.01 Desktop. Thank you.
Netrunner Core 19.01 is based on Debian Buster that is soon to become stable.
If you enable the buster repository on Netrunner Desktop aswell you will get the same security updates and system updates as on core.
Core is a bare minimum system so it does not ship with multimedia codecs or even a media player.
Thank you for your answer. I hope you will not be angry, but when Buster is the new Debian stable, is testing as used in Netrunner 19.01 Desktop now secure enough to do business transactions or not? I hope I will get an answer. Thank you. If I understand you right Netrunner 19.01 Desktop can be configured so, that the continuous update character can be retained and via Buster to receive the security updates of the Stable version. How this must be configured (the order of the repository and their names) to reach this “state”. Thank you.
From my point of view it is safe enough. But you have to decide for yourself if you trust it or not.
Business transactions is vague. If you mean online banking. It should be secure if you use the newest browser and don’t click on obscure stuff.
As for the Buster on Netrunner Desktop. A change in the codename of the debian testing list under /etc/apt/sources.list.d/ to buster will allow you to use it. For now as Buster isn’t Debian stable yet just activating testing should be enough as buster == testing for now.
Thank you. Does the order in the source.list.d plays an important role? How I have to configure it to get “for ever” the security updates of stable (Netrunner Desktop + stable security updates)in the future too like above mentioned.
I am unsure what you mean by order. It is a folder containing sources list files. As long as the line is not commented out(everything with # is a comment) it will be used.
Priorities are done in other files when it comes to prioritize packages of a specific repo. By default it should do everything correctly out of the box which means it grabs the package from Debian repos if we don’t provide a package in one of our repos.
Thank you. What should I write into the config file for Netrunner desktop continuous update + security updates from stable “forever” (to avoid editing the config file when the stable name is changed again). I guess I have to add a new line, because stable is not contained. I am a newcomer in such matters, but I want to learn it.
Stable forever is not working atm. As Buster is not stable yet. However if you want to track Buster already you can do so with this sources.list
deb Index of /debian buster main non-free contrib
I have done it in that way: I created a new file in /etc/apt/sources.list.d/debian-buster.list and it contains this “deb https://deb.debian.org/debian/ buster main non-free contrib”. Is it right? I can see the new repository also in Synaptic package manager under “settings --> repositories”. Here you can reorder the sources with up and down buttons. Please look at the screenshot and please tell me if I did all right.
That looks almost perfect. Just deactivate the testing one (line 2 in your synaptic config). As it would be redundant as buster is testing still.
Thank you for your friendly help, I like Netrunner 19. In the future I must change only buster to the new name of the stable version and so I will get the “forever stable” security updates.
Currently, Stretch is the stable branch, and buster is the testing branch.
Buster will eventually become the stable branch, but there is no date set on that.
There will be no need to change anything once buster becomes stable, as long as your distribution tag is pointing at buster, and not testing. This is why Leazek said you should remove the second repo line that is pointing at testing directly. This line is currently redundant since buster is testing. However, once buster becomes the stable branch, the testing branch will become active again, receiving updates for the next testing, whatever they call it.
Here is the release schedule:
https://www.debian.org/releases/
Thank you AJSlye and Leszek. This is true, that buster and testing are redundant now. What happens when I am using “stable” instead of (now stretch) always editing the appropriate sources.list for the new stable release, when it will be released. Is “stable” not the same generic expression like “testing”? I want get only the security updates from “stable” and all other things should be unchanged. Thank you.
Yes. If Buster is out and you change its codename in sources.list to stable it will use stable for the rest of its life. Means when stable becomes buster+1 (the successor of buster) you will get automatically updated to this.
Thank you. When I do it now and change buster to generic “stable” , then I will get the updates from “stretch” now and later on from “buster” etc. . The rest of the repo’s remain the same, so I get the bleeding-edge software from netrunner and security-updates from the current stable. The expression “main non-free contrib” stays the same. Are my thoughts right?
When I do it now and change buster to generic “ stable ” , then I will get the updates from “stretch” now and later on from “buster” etc.
Yeah basically. But don’t do it now as you have a newer buster base already and that will conflict with stretch.
The expression “main non-free contrib” stays the same.
Yes.
The rest of the repo’s remain the same, so I get the bleeding-edge software from netrunner and security-updates from the current stable.
Again do not change it to stable as this is stretch and your system is based on buster/testing.
Okay, I understand the issue. When Buster is the new stable, then I can change it to generic “stable” and no more conflicts will be with testing? If I would recover my system back to the state before I added buster, would it work with the generic stable or will I always have the problem that testing is newer than stable?
Yes. No more conflicts with your current base then.
Netrunner is based on a testing snapshot so yeah there will be a conflict.
Okay. Now it seems, that I have not understand anything. The discussion goes around to get security updates from stable without loosing the “rolling character” from netrunner. My only chance is to use always explicit the name of the current stable version in the source-list to achieve that it works without any conflicts, otherwise I would get via generic stable always a conflict with your testing edition, am I right? Is it enough to deactivate now my new buster entry in the repo list until it gets stable and so I get the same updates before I added buster to the repo list? I read that mixing stable and testing in Debian is not recommended, so is your suggested way to get security updates from stable and the rest of the system remains “testing” still possible (it’s a mix too). Thank you.
Just let everything setup as is. Updates will come in via buster/testing repo.
If buster becomes stable you can switch the codename to stable and will get updates from stable always even after it switches to buster+1.
Activating stable now on Netrunner is not recommend as this repo is currently stretch and not compatible with our base.