> On 28/02/07, Drew Weaver <drew.weaver at thenap.com> wrote: >> So why not just put yum -y update in the %post section of the >> kickstart? > > Because that's explicitly what he didn't want to do in the initial > question. Yes, exactly. > The reasons why, your guess is as good as mine. If the machine's part > of an automated provisioning system and is, at least in a network > sense, exposed to untrusted users from the instant it's available > perhaps he's like the box patched up ASAP? No, it's not really for security reasons. It's for performance (or efficiency). Doing the "yum -y update" in the %post adds considerable time to the total install. I'm working on creating a CentOS VM to be used here at work, and while I'm still in the testing phase, I'd like to reduce the turnaround time. Also, I think I can reduce the VM footprint if I install the final version of all the RPMS initially, instead of installing 4.4 first and then all the updates. Alfred