Re: how to setup a small local Debian mirror to install a VM without an internet access
On Friday, 4 October 2019 13:34:21 BST Fred Boiteux wrote:
> Le 04/10/2019 à 10:19, Michael Kesper a écrit :
> > Hi Fred,
> >
> > …
> > I think it would be better to sign your archive instead.
> > With your modification you would completely disable checking GPG
> > signatures for every repository (who checks warnings?) Sadly, the Debian
> > wiki is full of outdated setups but I cannot find a stringent howto for
> > setting up a trusted repo.
> >
> > Reprepro seem like a possible way to go.
> > It overcomes another misfeature of these minimal repositories: You cannot
> > pin packages to versions of this repository but have to set them on hold,
> > else you always risk getting packages from Debian proper.
> >
> > My 2 cents
> > Michael
>
> Hi Michael,
>
> I thought about that, but I'm not sure it's possible to do it that way :
> indeed, I think the Debian installer keep internally the Debian GPG
> keys, and will check the repository with these keys only : If I sign my
> repository (which is a strict copy of install DVD-1's repository) with
> my own key, I don't know how to give my key to the Debian-Installer…
>
> This first repository is mainly used to install base packages, I would
> disable it when installation is done.
>
>
> Fred.
I have previously created a local mirror /www/html/mirrors/debian on an
external hard drive using ftpsync which I then sym-linked to /var/www on a
laptop running apache. I have not tried this recently, but suspect that the
mirror must be updated very close to the time it is needed.
--
Chris Bell
Website http://chrisbell.org.uk
Reply to: