On 28/02/07, Drew Weaver drew.weaver@thenap.com wrote:
So why not just put yum -y update in the %post section of the kickstart?
Because that's explicitly what he didn't want to do in the initial question.
Yes, exactly.
The reasons why, your guess is as good as mine. If the machine's part of an automated provisioning system and is, at least in a network sense, exposed to untrusted users from the instant it's available perhaps he's like the box patched up ASAP?
No, it's not really for security reasons. It's for performance (or efficiency). Doing the "yum -y update" in the %post adds considerable time to the total install. I'm working on creating a CentOS VM to be used here at work, and while I'm still in the testing phase, I'd like to reduce the turnaround time. Also, I think I can reduce the VM footprint if I install the final version of all the RPMS initially, instead of installing 4.4 first and then all the updates.
Alfred