[ Dominik George, 2021-09-07 ] > > Most probably forgotten to exclude. There's a list of excludes > > (/etc/ltsp/image-local.excludes) prepended by a FIXME. > > This file is empty, both on the upgraded and on the freshly installed > combined server. Yes, after building the related image for the use case, this file is removed (and touched for possible further usage). > > > I installed a fresh Debian Edu 11 combined server in a test > > > environment and can reproduce that issue, meaning that in my opinion, > > > Debian Edu 11 **must not be used with LTSP in a production > > > environment** without taking very much care to mitigate this issue. > > > > ATM I don't have a test environment. Feel free to fix the script after > > testing with an extended exclude list for the main server. > > > > That said, it would be best (for setups managed by professionals) to use > > separate LTSP servers anyway - like recommended in the manual: > > https://wiki.debian.org/DebianEdu/Documentation/Bullseye/Architecture#Services_running_on_the_main_server > > Yes, that would be the desirable case. Nonetheless, using a combined > server should not expose security-relevant data and keys to the > public. > > I will try my best to find out how to fix that. Very good. > In any case, should we warn users? There won't be many, I guess; but yes. Wolfgang
Attachment:
signature.asc
Description: PGP signature