On Sat, Jul 22, 2017 at 04:18:31PM -0500, Jeff Epler wrote:
>On Sat, Jul 22, 2017 at 09:43:40PM +0100, Phil Wyett wrote:
>> Images created without pulling in from 'updates' and 'security' repos.
>>
>> This leaves images very out of date. Images should have all the latest
>> packages.
>
>In linuxcnc's stretch image, I compensate for this in customise.sh by adding an
>additional list within sources.list.d before the first packages:
>
> cat > ${rootdir}/etc/apt/sources.list.d/updates.list <<EOF
> deb http://ftp.debian.org/debian stretch-updates main contrib non-free
> deb http://security.debian.org/debian-security stretch/updates main
> EOF
>
>and also I add a step where I
>
> chroot ${rootdir} apt-get -y dist-upgrade
>
>to upgrade any packages that had been installed previously by
>vmdebootstrap.
Yes, it's the obvious workaround. As discussed with Phil in IRC, on a
system installed from the live images updates and security are enabled
appropriately so they're fine. I'm not sure of the best approach for
*live* live images - will people be massively annoyed by the system
stopping and demanding security updates as it boots?
--
Steve McIntyre, Cambridge, UK. st...@einval.com
"...In the UNIX world, people tend to interpret `non-technical user'
as meaning someone who's only ever written one device driver." -- Daniel Pead
