[CentOS] Kickstart with all the latest updates?
Steve Huff
shuff at vecna.org
Wed Feb 28 15:11:06 UTC 2007
On Feb 28, 2007, at 9:48 AM, Alfred von Campe wrote:
>> The reasons why, your guess is as good as mine. If the machine's part
>> of an automated provisioning system and is, at least in a network
>> sense, exposed to untrusted users from the instant it's available
>> perhaps he's like the box patched up ASAP?
>
> No, it's not really for security reasons. It's for performance (or
> efficiency). Doing the "yum -y update" in the %post adds
> considerable time to the total install. I'm working on creating a
> CentOS VM to be used here at work, and while I'm still in the
> testing phase, I'd like to reduce the turnaround time. Also, I
> think I can reduce the VM footprint if I install the final version
> of all the RPMS initially, instead of installing 4.4 first and then
> all the updates.
this document may be of assistance:
http://tldp.org/HOWTO/RedHat-CD-HOWTO/index.html
in particular, section 5, "Including the updates", tells you about
the comps.xml file, which defines the packages that make up a
distribution. you'll need to move the updated packages into place,
then edit comps.xml so that it knows about the updated packages, then
run genhdlist to create base/hdlist and base/hdlist2.
more useful links can be found in this thread from the archives:
http://lists.centos.org/pipermail/centos/2005-July/049047.html
good luck,
-steve
p.s. since you're doing this on a VM, why not save a snapshot of a
pristine build and just revert to that, instead of rebuilding and
rebuilding new VMs?
--
If this were played upon a stage now, I could condemn it as an
improbable fiction. - Fabian, Twelfth Night, III,v
More information about the CentOS
mailing list