What is best practice for managing sources.list for security and stability?
Hi all,
Perhaps this is a "it depends..." kind of question but here it goes:
I manage several Debian boxes running Etch and Lenny. I installed
Debian because I want long term stability and support for the
applications
running on the servers. After I build a box and get my applications
tweaked I usually comment out everything except the security entries
like so:
cat /etc/apt/sources.list
#deb http://ftp.us.debian.org/debian/ etch main
#deb-src http://ftp.us.debian.org/debian/ etch main
deb http://security.debian.org/ etch/updates main contrib
deb-src http://security.debian.org/ etch/updates main contrib
The recent key-change forced me to use the main stable repos to get
the new keys (e.g apt-get install debian-archive-keyring )
. and got me thinking...
Is the approach I outlined the "best" way to maintain the security and
stability of these box's or should I really be using the main
repositories as well?
Thanks!
John
Reply to: