Hi all, Philipp Kern <pkern@debian.org> (2016-10-26): > Which I guess boils down to adding wget-udeb to the installer's > pkg-lists/base because I think all flavors and all architectures > should have the same feature set. That would seem fair to me. > I'm not sure how you got this number (from a d-i rebuild?), but I end > up with 22580517B (~same) to 23106785B (2.3% increase) when rebuilding > amd64 netboot from d-i git. Of course it's way less percentage-wise > for the default amd64 netboot-gtk (which has a 44696935B initrd right > now). I think Marga mentioned on IRC she was unpacking/repacking the initrd manually. > So at least size-wise this shouldn't be very controversial. Adding > wget-udeb to pkg-lists/base ends up with this: > > $ lsinitrd dest/netboot/debian-installer/amd64/initrd.gz | grep wget > -rwxr-xr-x 1 root root 409016 Sep 26 15:11 usr/bin/wget > > So that seems to have the desired result. I did not try out the > resulting installer, though. Well, I think this is a crucial issue: what use case(s) are you trying to fix? “We want https” isn't clear to me. Besides wget supporting https, is there any work needed on the retriever side? What about trust chains, do you have any bundled list of trusted CAs? Do you want to be able to rebuild d-i with a specific trusted CA, and trust none by default? KiBi.
Attachment:
signature.asc
Description: Digital signature