On Feb 28, 2007, at 9:48 AM, Alfred von Campe wrote:
The reasons why, your guess is as good as mine. If the machine's part
of an automated provisioning system and is, at least in a network
sense, exposed to untrusted users from the instant it's available
perhaps he's like the box patched up ASAP?
No, it's not really for security reasons. It's for performance (or
efficiency). Doing the "yum -y update" in the %post adds
considerable time to the total install. I'm working on creating a
CentOS VM to be used here at work, and while I'm still in the
testing phase, I'd like to reduce the turnaround time. Also, I
think I can reduce the VM footprint if I install the final version
of all the RPMS initially, instead of installing 4.4 first and then
all the updates.
this document may be of assistance:
http://tldp.org/HOWTO/RedHat-CD-HOWTO/index.html
in particular, section 5, "Including the updates", tells you about
the comps.xml file, which defines the packages that make up a
distribution. you'll need to move the updated packages into place,
then edit comps.xml so that it knows about the updated packages, then
run genhdlist to create base/hdlist and base/hdlist2.
more useful links can be found in this thread from the archives:
http://lists.centos.org/pipermail/centos/2005-July/049047.html
good luck,
-steve
p.s. since you're doing this on a VM, why not save a snapshot of a
pristine build and just revert to that, instead of rebuilding and
rebuilding new VMs?
--
If this were played upon a stage now, I could condemn it as an
improbable fiction. - Fabian, Twelfth Night, III,v
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
