What the hell went wrong with Debian?

Rainmaker

Rainmaker

Rainmaker

Soldato
Joined
18 Aug 2007
Posts
9,816
Location
Liverpool
After being frustrated with Mint's laggy bloated feel, and enjoying Manjaro for a while, I decided to head back to pure Debian for longer term stability and ease of use.

Wheezy is heading towards oldstable now, but still works very nicely with MATE (backported) or XFCE4. Sure its packages are rather deprecated, but that's no huge concern as that particular machine is 5+ year old hardware anyway.

I decided to boot Jessie in a VM and have a play around, with a view to upgrading my Wheezy install to Jessie/testing after sussing out its changes and improvements. This is mostly because the machine has an SSD and Debian advise a later kernel than is available in Wheezy by default. Plus Jessie is supposedly almost at freeze before moving to stable, which means it's going to provide much more up to date packages over Wheezy while being basically solid by now anyway. In theory...

However, I found that every time I tried to import an .ovpn file via the MATE network manager it crashed (segfault) and the GUI disappeared. This is the same bug that was supposedly addressed in Ubuntu - and later Debian - during 2013/2014, but clearly is still present in Jessie's MATE environment. :o

Trying KDE instead, I find it imports the .ovpn connections OK and visually confirms it has connected to the VPN server, but actually the routing is unchanged! :eek: Although it says 'connected to VPN xyz' your ISP IP is the only one on show to the internet. Major, major security issue! Cinnamon does the exact same thing as MATE, i.e. segfault.

Only Gnome3 worked as expected out of all the DEs I tested. It imported the .ovpn and connected, and not only was the routing correct, but resolv.conf updated to the VPNs DNS and everything was perfect.

Upon digging around in synaptic to see what might be broken, I noticed the preferences dialog's updates tab asks whether you want to receive updates for just this Ubuntu distro, or also newer updates. Yes you read that right, Ubuntu. The package refers to itself as Ubuntu-synaptic in the titlebar too.

WTH? Jessie is approaching freeze and still has these types of issues? Since when did Debian (upstream) use Ubuntu packages? I'm confused and have a sour taste in my mouth from all these issues. Jessie will be stable soon, God what a mess that'll be.

I sourced the netinstall ISO from Debian directly, and tried a couple of different versions (and selected various different mirrors during the multiple installs) to rule out any errant package mirrors or ISOs. It really just is this way, broken and calling itself Ubuntu. I guess there's some irony there if nothing else. :p

Google shows nothing, and the only filed bugs are from 2013/14 when the issue first arose. Surely they're not still unfixed after all that time, with Jessie being green-lit for freezing?

Any Debian hardcore users here (or even casual ones) who can comment? I'll hit the main Debian resources tomorrow but just wanted to put out some feelers in the meantime in case I was missing something obvious. Yes, I realise it's called the 'testing' branch but after going through unstable and experimental things shouldn't be this bad, especially approaching a freeze. It's literally unusable, and I still can't work out the Ubuntu references.

Thanks in advance. :)
 
This thread has had a lot of views, but no replies. I'm presuming either nobody else has seen this issue in Jessie, or perhaps more likely nobody had cause to replicate them. For anyone who might have been interested I gave up and built Arch from scratch instead. Now everything is fast *and* works. :D
 
I haven't touched Jessie yet as I wait for stable (official) release. But at the start of the year I switched to Fedora and haven't looked back.
 
Debain seems to be far to reserved in doing updates its become like a loyal old dog...

Its their and will work but try teach it new tricks.don't expect to have its brain always ticking

Seems it becoming like windows xp - good 5 years ago
 
I've been running Jessie on one machine for some time with no issues at all. Your issue importing ovpn configs is quite specific though and, since I've never attempted it, I can't really comment. I don't use Synaptic either.

Probably a bit harsh trashing the whole distribution based on your particular issues, especially since it is still not classed as stable. I'm abroad now but, if I have time, I will have a go at replicating your issues when I return to UK later in the week.
 
Buffalo2102 said:
I've been running Jessie on one machine for some time with no issues at all. Your issue importing ovpn configs is quite specific though and, since I've never attempted it, I can't really comment. I don't use Synaptic either.

Probably a bit harsh trashing the whole distribution based on your particular issues, especially since it is still not classed as stable. I'm abroad now but, if I have time, I will have a go at replicating your issues when I return to UK later in the week.
Click to expand...

I didn't trash a whole distribution, I said Jessie shouldn't be anything like this buggy or insecure when approaching a freeze. I also specifically said Wheezy was a fine OS and that it works perfectly!

Packages being labelled as Ubuntu on a Debian (i.e. upstream) OS is puzzling. Importing .ovpn configs and reporting a secure connection when actually nothing happened (unless you count a padlocked icon change) could be extremely dangerous for a user in a volatile or oppressive territory. Since millions of people around the world use VPNs, something as straightforward and simple as importing an .ovpn config into the network manager is definitely not 'quite specific'. :p

The fact that only one DE can import a VPN connection without segfaulting is a pretty serious issue, especially when this same bug was supposedly fixed almost two years ago.

If you'd like a config file to check (don't use Gnome3, that's already confirmed working fine) you can get some here. I'd be grateful if you could reproduce the bug, and please report back. I'll file a bug directly with Debian if you can confirm it's not just my end.

Luckily Arch has proven much tighter, leaner and ironically more user friendly thus far, but I'd still like to help Debian iron out a potentially serious issue if I can. Thanks. :)
 
Well, you do say it's "literally unusable" and the thread title is also a bit dramatic IMO, but OK. And your use case is specific, but not unique, as you say.

Hopefully I'll get around to it on Friday.
 
Buffalo2102 said:
Well, you do say it's "literally unusable" and the thread title is also a bit dramatic IMO, but OK. And your use case is specific, but not unique, as you say.

Hopefully I'll get around to it on Friday.
Click to expand...

For anyone with a modicum of security conscientiousness, a distro that dies when you try to use openvpn unless you drop to permanent shell is unusable. When it doesn't crash and reports everything is secured, without actually doing anything, it becomes downright dangerous. But as you say it does rather depend on one's priorities. For some it's a huge security problem. For others it won't even be noticed. Given that Debian tends to pride itself on security and stability, I'd say it's the former. As for the title, you have your opinion and I have mine. If you think that's dramatic you should read some of Linus' rants on the kernel mailing list haha. :) Seeing a once venerable distro crashing under two year old 'resolved' bugs and calling itself Ubuntu was enough to warrant a reaction. I'll look forward to your contribution (hopefully) on Friday.
 
Is your issue with the OS or with the GUI? I agree Debian is a very conservative OS, but from a non-GUI perspective ive always found it OK to be honest.

I steer well clear of all GUI's on Linux nowadays, aside from MATE (Gnome 2) it seems that the UI's have been designed by ****less halfwits obsessed with mobile-first design.
 
SMN said:
Is your issue with the OS or with the GUI? I agree Debian is a very conservative OS, but from a non-GUI perspective ive always found it OK to be honest.

I steer well clear of all GUI's on Linux nowadays, aside from MATE (Gnome 2) it seems that the UI's have been designed by ****less halfwits obsessed with mobile-first design.
Click to expand...

As per the second half of the OP, it's because Jessie segfaults when importing .ovpn files (GUI), except on KDE where it accepts them but doesn't perform any actual routing, giving the illusion of security (OS). As we have both said, Wheezy is conservative but solid beyond reproach.
 
Sorry for the delay, didn't get around to it yesterday, and today I found that Windows 10 managed to mess up my boot sequences. Rather than mess around with grub, I've done a fresh install of Jessie. Using Mate, I can confirm that I get the same behaviour as you when importing an openvpn config - Network Manager disappears and a segfault is recorded in syslog.

I haven't tried gnome or KDE yet but will do later. Let me know if you need any more information.

Buff
 
Buffalo2102 said:
Sorry for the delay, didn't get around to it yesterday, and today I found that Windows 10 managed to mess up my boot sequences. Rather than mess around with grub, I've done a fresh install of Jessie. Using Mate, I can confirm that I get the same behaviour as you when importing an openvpn config - Network Manager disappears and a segfault is recorded in syslog.

I haven't tried gnome or KDE yet but will do later. Let me know if you need any more information.

Buff
Click to expand...

Thanks for that. :) You'll find that on KDE you can import fine and 'connect' to the server, but if you check ipleak.net you'll see that actually there's no VPN connection and your ISP IP is on display. You don't need to actually do this unless it's for your own curiosity, however.

It'd be handy if you could confirm the Ubuntu labelling though. If you open Synaptic and go to the updates tab (iirc, I'm on Arch atm and my Debian server is headless) it should say something along the lines of 'Updates: For this Ubuntu release only' or similar.

Thanks for taking the time to confirm. :)
 
Rainmaker said:
It'd be handy if you could confirm the Ubuntu labelling though. If you open Synaptic and go to the updates tab (iirc, I'm on Arch atm and my Debian server is headless) it should say something along the lines of 'Updates: For this Ubuntu release only' or similar.

Thanks for taking the time to confirm. :)
Click to expand...

Sorry, I can't find any reference to Ubuntu in Synaptic. I have poked about quite a bit but it is still eluding me.

If I follow your original post and go into Synaptic, -->Preferences, there is no Updates tab. But there is a Distribution tab. There, I can specify package update preferences but no mention of Ubuntu that I can find. Using Synaptic 0.81.2.
 
Don't get me started on Debian. I'm a user of debian for more than 15 years now, I have installs that have been running for more than 10 years (I have a 'stable' VM installed in 2002!! Up to date to the minute, but the /base/ system was installed then) and debian is synonymous with *rock solid*
Forget ubugtu (<- my own spelling) or anything else, debian has their wierd, annoying policies on many things, BUT they deliver.

Now, I know debian, I know debian VERY well, I'm also a professional linux developer. I'm kernel side mostly, but I have my own distro builder for embedded system (https://github.com/buserror/minifs/) and I can be considered an expert on linux in general, I've had /nearly/ 30 years experience in unix systems, and been a developer on many variants all that time.
Long story short, it's /really/ hard to get me stuck....

A few months back, I rebooted my workstation (the 2600k one, before it was converted to hackintosh) and the machine would boot /fully/ and then immediately shutdown. No log, /nothing/. The machine was /fine/ -- I could boot single user, check /everything/ and all was just fine. Turn out 'systemd' had decided my machine needed to be turned off, and despite all my experience, I couldn't fix it. I had to hack the system to install a sysvinit, and eventually, remove linux from that board. I never figured out what the problem was. Everything is a binary so you can't trace it. #debian was useless (I never rely on it), #systemd was EVEN more useless (arogant *****), and the only guys who helped me get sorted were the 'anythingbutsystemd' channel who lead me to hack sysvinit back in.

I mean, I had /countless/ problems with linux before, from self-inflicted to hardware failure of MANY sorts, and I never felt like I couldn't actually solve this particular problem, and NO, I didn't feel like debugging that piece of beep systemd.

thats the future, apparently

Second strike tho... I never liked lilo, I never liked grub, or grub2. I think it's just bloatware, completely useless and is just the right tool to make your system unbootable, and very hard to recover from. I know that because I had to rescue /countless/ systems that were borken by grub -- sometime because you just image the disk to boot a backup and hell starts...

So, my 'safe' alternative for a few years has been to use 'syslinux'. 'syslinux' is simple, only requires a 5 line config file, and is pretty amazingly stable... ie, the /first/ thing after installing debian was to wipe grub and install syslinux, with a DOS /boot partition...

Recently a machine stopped booting too, and it turned out 'apt' has stopped updating the syslinux config file for new kernels... diving into the arrogant and pompous bug report replies, a guy had just decided that it wasn't 'nice' to support syslinux, and that therefore, it woun't be. Forget about all the system that use syslinux, SCREW them, I'm a debian developer and I'll decide to stop supporting this. So there.

I mean, I never even tried to become an official debian developer because I think some of their policies are just raving lunatic grade, but sometime, you have to wonder, WTF is wrong with these guys??
 
It seems you feel my pain BusError. I reported the bug to Linux Mint (their LMDE2 based on Jessie also has the bug) and that was painless. I then asked for advice about reporting the bug on the Debian user forums. First arrogant reply telling me to do a 'simple google search' to find the Debian bug page (I'd already stated in the OP I'd read it and come up empty). I made a further reply reiterating my OP saying I'd read that but with no active Jessie install I couldn't use reportbug from shell, and their bug report format by email precluded me from using it so would someone help me report it?

Second reply from someone else? A link to the Debian bug report page and not a word besides. I gave up lol. I ended up emailing the Debian user list with a brief explanation, the segfault log and a request for help reporting the bug. I won't hold my breath. :p

My Arch install is broken after a clash with multilib updates in AUR, and I can't be bothered fixing it again. I'm gonna install Jessie with Cinnamon for now. The bug is part of network-manager and as such even though the nm applet segfaults you can circumvent it in Cinnamon by using Cinnamon's own networking settings dialogue to import ovpns (or just use a shell to connect directly).

I seem to be at an awkward-ass stage of my Linux use. After 12 years the people in Mint shout at me (kindly lol) because they tell me apt-get upgrade breaks their system and one should use only their update GUI. Conversely I feel if using the shell breaks the distro then... the distro is hobbled and broken. But Arch is just a little too much work for me, even if I do understand - mostly - how to fix it. I'm in a nether-world between the two. I think that means I just need to learn more and I'll finally be free lol. :)
 
You must log in or register to reply here.
Back
Top Bottom