Bug#869379: Images created without pulling in from 'updates' and 'security' repos

[Steve McIntyre <steve@einval.com>]

On Sat, Jul 22, 2017 at 04:18:31PM -0500, Jeff Epler wrote:
>On Sat, Jul 22, 2017 at 09:43:40PM +0100, Phil Wyett wrote:
>> Images created without pulling in from 'updates' and 'security' repos.
>> 
>> This leaves images very out of date. Images should have all the latest
>> packages.
>
>In linuxcnc's stretch image, I compensate for this in customise.sh by adding an
>additional list within sources.list.d before the first packages:
>
>    cat > ${rootdir}/etc/apt/sources.list.d/updates.list <<EOF
>    deb http://ftp.debian.org/debian stretch-updates main contrib non-free
>    deb http://security.debian.org/debian-security stretch/updates main
>    EOF
>
>and also I add a step where I
>
>    chroot ${rootdir} apt-get -y dist-upgrade
>
>to upgrade any packages that had been installed previously by
>vmdebootstrap.

Yes, it's the obvious workaround. As discussed with Phil in IRC, on a
system installed from the live images updates and security are enabled
appropriately so they're fine. I'm not sure of the best approach for
*live* live images - will people be massively annoyed by the system
stopping and demanding security updates as it boots?

-- 
Steve McIntyre, Cambridge, UK.                                steve@einval.com
"...In the UNIX world, people tend to interpret `non-technical user'
 as meaning someone who's only ever written one device driver." -- Daniel Pead