Re: [fw-wiz] I cannot install Firestarter

From: Martin Peikert (Martin.Peikert@discon.de)
Date: 01/15/03


From: "Martin Peikert" <Martin.Peikert@discon.de>
To: Firewall Wizard <firewall-wizards@honor.icsalabs.com>
Date: Wed Jan 15 08:45:18 2003

Hello,

Chapman, Justin T wrote:
> Actually, if you sign up for RedHat's RHN service, then you can use the
             ^^^^^^^^^^^^^^
Right. You have to sign up if you want to use up2date, but that service
is not free - you have to pay for that what you can get free if you use
apt. Ok, that isn't really my problem...

Last december I needed to update a box where RH7.2 was installed and
tried to use up2date for that purpose. I already knew that the version
of openssl that was installed was buggy, but up2date didn't help to
update that package to a acceptable version - the newest available was
openssl-0.9.6b. As you know, that version was known as insecure long
before december. I took the sources and built my own rpm.

If you want to use a tool that provides security and doesn't fulfill the
minimum security requirements you need - what would you do? Use that
tool and get your box rooted or ask yourself what to do in the future?

> This really isn't the place to get in to a Debian/Red Hat debate, but
> comparing rpm to apt is an apples to oranges kind of thing. Rpm is the
> format of the packages themselves (as .deb's are in Debian). Up2date is the

Since he used rpm as tool to install packages, I cannot agree. I know
that rpm is the package format...

> package management tool Red Hat uses (as apt is in Debian). Just like
> rpm's, deb files by themselves don't resolve any dependencies, you need apt
> to do that.

...but as you probably know, rpm still _is_ a tool used in RH for
package management (as Manilo did). Ok, you should not use it because it
cannot resolve dependencies, but it is a package management tool. So, I
did _not_ compare apples to oranges - I compared package management tools.

I did not want to begin a debian/redhat debate, i just gave him a hint
how to avoid the problem he had (and, of course, the problem I had using
up2date) in the future.

GTi
P.S.: Would you please learn to quote?



Relevant Pages

  • Re: apt-get has hosed my rpm database
    ... Oh, everyone knows, that RH guys out there don't like apt. ... $ rpm -qV redhat-release ... $ rpm -qV up2date ... $ cat /etc/redhat-release ...
    (alt.os.linux.redhat)
  • Re: yum gripes (Was: Re: yum vs. apt)
    ... I suppose Fedora apt repos use ... Debian's dpkg is equivalent to rpm; it installs packages, ... Unlike up2date, it's not tied to any proprietary support system. ...
    (Fedora)
  • Re: Any experience with yumi yet?
    ... >> repos. ... Red Carpet is a very mature package, ... > the best package management tool I have ever used. ... and up2date doesn't use yum.conf. ...
    (Fedora)
  • Re: Which files are provided by this rpm ?
    ... so long for a package management tool then:D ... No - actually don't have to download the package...that was what Peter ... rpm -qpl \ ...
    (Fedora)