[CentOS] Kickstart with all the latest updates?

Steve Huff shuff at vecna.org
Wed Feb 28 15:11:06 UTC 2007


On Feb 28, 2007, at 9:48 AM, Alfred von Campe wrote:

>> The reasons why, your guess is as good as mine. If the machine's part
>> of an automated provisioning system and is, at least in a network
>> sense, exposed to untrusted users from the instant it's available
>> perhaps he's like the box patched up ASAP?
>
> No, it's not really for security reasons.  It's for performance (or  
> efficiency).  Doing the "yum -y update" in the %post adds  
> considerable time to the total install.  I'm working on creating a  
> CentOS VM to be used here at work, and while I'm still in the  
> testing phase, I'd like to reduce the turnaround time.  Also, I  
> think I can reduce the VM footprint if I install the final version  
> of all the RPMS initially, instead of installing 4.4 first and then  
> all the updates.

this document may be of assistance:

http://tldp.org/HOWTO/RedHat-CD-HOWTO/index.html

in particular, section 5, "Including the updates", tells you about  
the comps.xml file, which defines the packages that make up a  
distribution.  you'll need to move the updated packages into place,  
then edit comps.xml so that it knows about the updated packages, then  
run genhdlist to create base/hdlist and base/hdlist2.

more useful links can be found in this thread from the archives:

http://lists.centos.org/pipermail/centos/2005-July/049047.html

good luck,
-steve

p.s. since you're doing this on a VM, why not save a snapshot of a  
pristine build and just revert to that, instead of rebuilding and  
rebuilding new VMs?

--
If this were played upon a stage now, I could condemn it as an  
improbable fiction. - Fabian, Twelfth Night, III,v






More information about the CentOS mailing list