<div dir="ltr">I run rocky9 mostly, and it's already out of date enough to require backporting packages. Luckily, mock is a pretty mature product for doing this. Download src.rpm from koji. Choosing which one depends on your needs. Them mock -r 'rocky-9+epel' <src.rpm> and give it time. Then you get an rpm you can install on rocky9+epel. You're now on the hook for checking in on updates and dealing with any issues of the build, but as far as backporting goes, that's as painless as any I've seen.</div><br><div class="gmail_quote gmail_quote_container"><div dir="ltr" class="gmail_attr">On Mon, Dec 9, 2024 at 1:05 PM Keith Smith via PLUG-discuss <<a href="mailto:plug-discuss@lists.phxlinux.org">plug-discuss@lists.phxlinux.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">As a PHP developer I ran into backporting sometime ago - back while <br>
CentOS was still around.<br>
<br>
I host with a friend that owns a hosting company. He has been extremely <br>
reluctant to install anything not in the repository. I think he was <br>
looking for stability.<br>
<br>
I only use what is in the repository.<br>
<br>
To use a package that is not in the repository is an opportunity to get <br>
things out of sync.<br>
<br>
I am running Ubuntu 24.04lts. It comes with PHP 8.3. I think PHP is <br>
not actually 8.3 at this point because the maintainers are constantly <br>
updating the PHP package with newly released bug fixes, security fixes, <br>
etc. The version number will always be 8.3 forever. This ensures all <br>
works as designed.<br>
<br>
I asked AI about RHEL and BackPorting :<br>
<br>
Yes, Red Hat Enterprise Linux (RHEL) does backporting of packages as <br>
part of its standard update and maintenance process.<br>
<br>
What is Backporting?<br>
<br>
Backporting refers to the practice of taking a newer version of <br>
software, typically a security fix or a feature enhancement, and <br>
adapting it for use on older versions of the software or operating <br>
system. This allows users to benefit from important updates without <br>
needing to upgrade to a newer version of the software or system.<br>
<br>
How Does Backporting Work in RHEL?<br>
<br>
In the context of RHEL, backporting typically involves the following:<br>
<br>
Security Fixes: If a critical security vulnerability is discovered <br>
in a newer version of a package, the fix is often backported to the <br>
version of the package in the RHEL version being used. This ensures that <br>
older, stable versions of RHEL remain secure without having to upgrade <br>
the entire package or system.<br>
<br>
Bug Fixes: Sometimes, issues in older versions of software may be <br>
addressed by backporting bug fixes from newer versions.<br>
<br>
Stability Considerations: RHEL prioritizes stability for its <br>
enterprise customers. While upstream software projects may introduce new <br>
features in their latest versions, RHEL's focus is on ensuring that <br>
software on a given RHEL release remains stable. Backporting ensures <br>
that security and stability are maintained without disrupting the <br>
enterprise environment with major changes.<br>
<br>
Example of Backporting:<br>
<br>
Let's say RHEL 8 uses version 3.6 of a package (for example, Apache HTTP <br>
Server), but a security vulnerability is discovered in version 3.6. The <br>
newer version of the package (say, version 3.8) includes a fix for this <br>
issue. Rather than requiring RHEL 8 users to upgrade to version 3.8 of <br>
Apache, Red Hat may take the relevant security fix from version 3.8 and <br>
apply it to version 3.6. This process of applying only the fix (without <br>
upgrading the entire package version) is called backporting.<br>
<br>
Benefits of Backporting:<br>
<br>
Security and Stability: Backporting allows Red Hat to maintain the <br>
security of older software without forcing users to upgrade to a newer <br>
version, which could potentially introduce compatibility issues or <br>
disrupt other services.<br>
<br>
Long-Term Support: RHEL releases typically have a long lifecycle (10 <br>
years or more), so backporting helps ensure that users continue to <br>
receive important updates for many years without having to upgrade to <br>
new major versions of RHEL.<br>
<br>
Avoiding Disruption: Backporting focuses on applying fixes without <br>
introducing breaking changes, helping maintain the integrity and <br>
compatibility of the system.<br>
<br>
In summary, backporting in RHEL is a critical feature that helps <br>
maintain security and stability in older versions of software while <br>
minimizing the impact on users' systems.<br>
<br>
Keith<br>
<br>
<br>
<br>
<br>
<br>
On 2024-12-09 12:08, Snyder, Alexander J via PLUG-discuss wrote:<br>
> Thank you! Following that guide I was able to get the packages I<br>
> needed for Python3.12 installed.<br>
> <br>
> Really appreciate the help!<br>
> <br>
> --<br>
> Thanks,<br>
> Alex.<br>
> <br>
> On Mon, Dec 9, 2024 at 9:24 AM Stephen Partington via PLUG-discuss<br>
> <<a href="mailto:plug-discuss@lists.phxlinux.org" target="_blank">plug-discuss@lists.phxlinux.org</a>> wrote:<br>
> <br>
>> So installing a PPA under Debian has a few more jumps to it.<br>
>> <br>
>> <br>
> <a href="https://linuxconfig.org/install-packages-from-an-ubuntu-ppa-on-debian-linux" rel="noreferrer" target="_blank">https://linuxconfig.org/install-packages-from-an-ubuntu-ppa-on-debian-linux</a><br>
>> And they appear to have the keys you need listed in that Blog post.<br>
>> <br>
>> On Sun, Dec 8, 2024 at 4:05 PM Snyder, Alexander J via<br>
>> PLUG-discuss <<a href="mailto:plug-discuss@lists.phxlinux.org" target="_blank">plug-discuss@lists.phxlinux.org</a>> wrote:<br>
>> <br>
>>> Have I mentioned how much I vastly dislike Debian?!<br>
>>> <br>
>>> I think so .... but anyhoo ...<br>
>>> <br>
>>> I can't seem to install this PPA repository.<br>
>>> <br>
>>> I'm using a Raspberry Pi 4 with "Raspberry Pi OS" (formerly<br>
>>> Raspian) -- which is secretly Debian Bookwork (Ubuntu 22.04 LTS)<br>
>>> under the covers.<br>
>>> <br>
>>> I'm trying to install Python3.12 and (apparently) it's not<br>
>>> included in the main OS repositories by default, so after a bunch<br>
>>> of Googling, I found I need a 3rd party repo called "Dead Snakes"<br>
>>> (_because that sounds trustworthy_) ... and while the command<br>
>>> "apt-add-repository" failed on a python error, I was able to add<br>
>>> the line manually in "/etc/apt/sources.list.d/deadsnakes.list" ---<br>
>>> but then I get an error about the key missing ...<br>
>>> <br>
>>> =====================<br>
>>> --> apt update<br>
>>> Hit:1 <a href="http://deb.debian.org/debian" rel="noreferrer" target="_blank">http://deb.debian.org/debian</a> bookworm InRelease<br>
>>> Hit:2 <a href="http://deb.debian.org/debian-security" rel="noreferrer" target="_blank">http://deb.debian.org/debian-security</a> bookworm-security<br>
>>> InRelease<br>
>>> Hit:3 <a href="http://deb.debian.org/debian" rel="noreferrer" target="_blank">http://deb.debian.org/debian</a> bookworm-updates InRelease<br>
>>> Hit:4 <a href="http://archive.raspberrypi.com/debian" rel="noreferrer" target="_blank">http://archive.raspberrypi.com/debian</a> bookworm InRelease<br>
>>> Get:5 <a href="https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu" rel="noreferrer" target="_blank">https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu</a> jammy<br>
>>> InRelease [18.1 kB]<br>
>>> Err:5 <a href="https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu" rel="noreferrer" target="_blank">https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu</a> jammy<br>
>>> InRelease<br>
>>> The following signatures couldn't be verified because the public<br>
>>> key is not available: NO_PUBKEY BA6932366A755776<br>
>>> Reading package lists... Done<br>
>>> W: GPG error:<br>
>>> <a href="https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu" rel="noreferrer" target="_blank">https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu</a> jammy<br>
>>> InRelease: The following signatures couldn't be verified because<br>
>>> the public key is not available: NO_PUBKEY BA6932366A755776<br>
>>> E: The repository<br>
>>> '<a href="https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu" rel="noreferrer" target="_blank">https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu</a> jammy<br>
>>> InRelease' is not signed.<br>
>>> N: Updating from such a repository can't be done securely, and is<br>
>>> therefore disabled by default.<br>
>>> N: See apt-secure(8) manpage for repository creation and user<br>
>>> configuration details.<br>
>>> ===========================<br>
>>> <br>
>>> This is the repo URL:<br>
>>> <br>
>> <a href="https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu/dists/jammy/" rel="noreferrer" target="_blank">https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu/dists/jammy/</a><br>
>>> <br>
>>> and on that page, I see a GPG file, which I tried (_probably<br>
>>> incorrectly_) to install:<br>
>>> <br>
>>> curl -fsSL<br>
>>> <br>
>> <br>
> <a href="https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu/dists/jammy/Release.gpg" rel="noreferrer" target="_blank">https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu/dists/jammy/Release.gpg</a><br>
>>> | gpg --dearmor -o /usr/share/keyrings/deadsnakes.gpg<br>
>>> <br>
>>> but then when I do "apt update" I get the error shown above.<br>
>>> <br>
>>> This is infinitely easier on RedHat ... just sayin'<br>
>>> <br>
>>> Anyhoo -- I appreciate the help on this. I would prefer to not<br>
>>> compile Python from source on a Raspberry Pi, as that takes over<br>
>>> an hour to do.<br>
>>> <br>
>>> --<br>
>>> Thanks,<br>
>>> Alex.<br>
>>> <br>
>>> ---------------------------------------------------<br>
>>> PLUG-discuss mailing list: <a href="mailto:PLUG-discuss@lists.phxlinux.org" target="_blank">PLUG-discuss@lists.phxlinux.org</a><br>
>>> To subscribe, unsubscribe, or to change your mail settings:<br>
>>> <a href="https://lists.phxlinux.org/mailman/listinfo/plug-discuss" rel="noreferrer" target="_blank">https://lists.phxlinux.org/mailman/listinfo/plug-discuss</a><br>
>> <br>
>> --<br>
>> A mouse trap, placed on top of your alarm clock, will prevent you<br>
>> from rolling over and going back to sleep after you hit the snooze<br>
>> button.<br>
>> <br>
>> Stephen<br>
>> <br>
>> ---------------------------------------------------<br>
>> PLUG-discuss mailing list: <a href="mailto:PLUG-discuss@lists.phxlinux.org" target="_blank">PLUG-discuss@lists.phxlinux.org</a><br>
>> To subscribe, unsubscribe, or to change your mail settings:<br>
>> <a href="https://lists.phxlinux.org/mailman/listinfo/plug-discuss" rel="noreferrer" target="_blank">https://lists.phxlinux.org/mailman/listinfo/plug-discuss</a><br>
> ---------------------------------------------------<br>
> PLUG-discuss mailing list: <a href="mailto:PLUG-discuss@lists.phxlinux.org" target="_blank">PLUG-discuss@lists.phxlinux.org</a><br>
> To subscribe, unsubscribe, or to change your mail settings:<br>
> <a href="https://lists.phxlinux.org/mailman/listinfo/plug-discuss" rel="noreferrer" target="_blank">https://lists.phxlinux.org/mailman/listinfo/plug-discuss</a><br>
---------------------------------------------------<br>
PLUG-discuss mailing list: <a href="mailto:PLUG-discuss@lists.phxlinux.org" target="_blank">PLUG-discuss@lists.phxlinux.org</a><br>
To subscribe, unsubscribe, or to change your mail settings:<br>
<a href="https://lists.phxlinux.org/mailman/listinfo/plug-discuss" rel="noreferrer" target="_blank">https://lists.phxlinux.org/mailman/listinfo/plug-discuss</a><br>
</blockquote></div><div><br clear="all"></div><div><br></div><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature">James McPhee<br><a href="mailto:jmcphe@gmail.com" target="_blank">jmcphe@gmail.com</a></div>