On Mon, Jul 18, 2016 at 10:20:39AM -0400, David Magda wrote:
> We have a segment of our network that is firewalled off from the Internet
> at large. We have a local Debian mirror that we use for these subnets
> (as well as the organization at large).
>
> When we run an installation by hand, off the netinstal image, we chooose a
> "Manual" mirror configuration and point it to (e.g.) "mirror.hpc.example.com"
> because that area of the network can't get online.
>
> The base installation works just fine from the mirror. However, the installer
> then tries to contact "security.debian.org" (s.d.org) for some reason--even
> though we told it use our internal mirror. This causes delays while the
> timeout occurs in two parts of the installation process:
>
> * the initial package installation
> * towards the end, when an 'apt-get update' is run in a chroot(8)
>
> It really slows things down and is annoying--especially since we have
> s.d.org in our "mirror.list" file and we pull from it nightly.
>
> The installer should do one of the following:
>
> * not check s.d.org if a 'manual' mirror has been chosen
> * have a check-box (default enabled? disabled?) asking if s.d.org
> should be looked at
> * assume that the manually-configured mirror has "${release}/updates"
> and try pulling files from there
> ** perhaps with toggleable s.d.org check, per above
> * have a (radio button?) selection where the manually-configured mirror is
> checked for "${release}/updates", s.d.org is checked, or nothing is checked
>
> The above action would also then affect the final sources.list file of the
> installed system.
From the fine documentation[1]:
# Select which update services to use; define the mirrors to be used.
# Values shown below are the normal defaults.
#d-i apt-setup/services-select multiselect security, updates
#d-i apt-setup/security_host string security.debian.org
Kind regards
Philipp Kern
[1] https://www.debian.org/releases/stable/amd64/apbs04.html.en
Attachment:
signature.asc
Description: Digital signature