Giter VIP home page Giter VIP logo

Comments (2)

deubert-it avatar deubert-it commented on June 26, 2024

I can confirm this behavior through all of my systems, mainly debian 9 stretch, as well.

I quickly checked that this will work on stretch as expected, the suggested switch to package filtering by codename sounds like a good idea:

origin=Debian,codename=stretch,label=Debian-Security

If we don't do this, it will break again in the future.
What I can't check if this will work on all other supported systems though. We should get someone with other/older debian and ubuntu versions to also check if the codename filter works there as well.

After we have all confirmations, we can adjust the already existing structure in params.pp to set codename where possible, and leave everything else in the old style.

Also if you want to find out about the naming of an apt source, information can be found in /var/lib/apt/lists.

Example:

# head /var/lib/apt/lists/security.debian.org_dists_stretch_updates_InRelease

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Origin: Debian
Label: Debian-Security
Suite: oldstable
Version: 9
Codename: stretch
Date: Wed, 14 Aug 2019 06:21:29 UTC
Valid-Until: Sat, 24 Aug 2019 06:21:29 UTC

Edit:

Jessie seems to carry the codename too:
http://security-cdn.debian.org/dists/jessie/updates/Release

Origin: Debian
Label: Debian-Security
Suite: oldoldstable
Version: 8
Codename: jessie
Date: Wed, 14 Aug 2019 06:21:29 UTC
Valid-Until: Sat, 24 Aug 2019 06:21:29 UTC
Architectures: amd64 armel armhf i386
Components: updates/main updates/contrib updates/non-free
Description: Debian 8 Security Updates

Buster should also be safe:
http://security-cdn.debian.org/dists/buster/updates/Release

Origin: Debian
Label: Debian-Security
Suite: stable
Version: 10
Codename: buster
Date: Wed, 14 Aug 2019 06:21:29 UTC
Valid-Until: Wed, 21 Aug 2019 06:21:29 UTC
Acquire-By-Hash: yes
Architectures: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x
Components: updates/main updates/contrib updates/non-free
Description: Debian 10 - Security Updates

from puppet-unattended_upgrades.

deubert-it avatar deubert-it commented on June 26, 2024

The attached PR should fully cover this issue and also move to codename based filtering where possible (jessie, stretch, buster), tests have been adapted, and some validation for codename based filtering provided in my comment above.

Not sure if there is any process for me to follow now for the PR to get reviewed/merged?

from puppet-unattended_upgrades.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.