On Mon, Jul 18, 2016 at 10:20:39AM -0400, David Magda wrote: > We have a segment of our network that is firewalled off from the Internet > at large. We have a local Debian mirror that we use for these subnets > (as well as the organization at large). > > When we run an installation by hand, off the netinstal image, we chooose a > "Manual" mirror configuration and point it to (e.g.) "mirror.hpc.example.com" > because that area of the network can't get online. > > The base installation works just fine from the mirror. However, the installer > then tries to contact "security.debian.org" (s.d.org) for some reason--even > though we told it use our internal mirror. This causes delays while the > timeout occurs in two parts of the installation process: > > * the initial package installation > * towards the end, when an 'apt-get update' is run in a chroot(8) > > It really slows things down and is annoying--especially since we have > s.d.org in our "mirror.list" file and we pull from it nightly. > > The installer should do one of the following: > > * not check s.d.org if a 'manual' mirror has been chosen > * have a check-box (default enabled? disabled?) asking if s.d.org > should be looked at > * assume that the manually-configured mirror has "${release}/updates" > and try pulling files from there > ** perhaps with toggleable s.d.org check, per above > * have a (radio button?) selection where the manually-configured mirror is > checked for "${release}/updates", s.d.org is checked, or nothing is checked > > The above action would also then affect the final sources.list file of the > installed system. From the fine documentation[1]: # Select which update services to use; define the mirrors to be used. # Values shown below are the normal defaults. #d-i apt-setup/services-select multiselect security, updates #d-i apt-setup/security_host string security.debian.org Kind regards Philipp Kern [1] https://www.debian.org/releases/stable/amd64/apbs04.html.en
Attachment:
signature.asc
Description: Digital signature