First, some background... Installation methods utilizing a remote tree enjoy the task of verifying that the remote tree matches the boot media used. This prevents a user from trying, for example, to perform an installation using RHEL4 boot media and a RHEL3 tree. This verification is achieved through the use of a stamp file that exists in both the initrd image and the stage2 image. A successful comparison of the stamps is required for a remote tree to be deemed acceptable. There is an old shortcut in loader that tries to use a stage2.img from cdrom when setting up an HTTP install (to save time). This leads to a short-circuit of the above verification process, since we are only verifying that the stage2 on the cdrom matches the boot media. The remote HTTP tree is not verified at all. We have committed to fixing this bug, starting with RHEL4. The simplest fix that I have come up with would be to require that all exploded remote trees contain the .discinfo from the ISO. Since this only comes into play when the user has booted with a disc1 (not boot.iso as it doesn't contain stage2.img) we can assume/require that the cdrom already contains a .discinfo file. The thing is, to make it consistent we'd pretty much have to start requiring the presence of .discinfo in all exploded remote trees, which we don't currently do. This is bound to incur some amount of belly-aching. Thoughts, comments?
