On Tue, Dec 26, 2023 at 10:19:26PM +0900, 이강우(KangWoo Lee) wrote: > The reason I'm asking for this feature is that > > For example, I want to install the most recent packages when installing an > OS in a specific closed network environment. > > Of course, I could use a recently created DVD iso file, but I would need to > have an internet connection to apply files that have been updated since > this ISO was created, so I only want to copy and apply the most recent > packages. > > Is there any way to do this? > >
OK - this is a little harder to explain :) Living offline is not really feasible anymore - there are too many security updates needed. . If you really want to live in a closed network environment - you can't really do that with DNF either. If you're using Red Hat proper, then Red Hat will normally expect you to run an Internet connected Satellite server. Linux distributions do update and you should ideally be running the latest most up to date security patches. Debian produces updates pretty well every day for one package or another. The default settings for apt in Debian include a line for debian-security for just this reason. Approximately once every two months, we produce a point release for Debian stable which will pull together package fixes and security updates up to that point from the state of the previous point release. We do produce media that will give you just those updates to apply to a running system - almost nobody does this, and the update media itself is rarely, if ever, tested - it is used by very few people, if any. If you were installing a system today - 26th December - you could install from the base media released as part of Debian 12.4 - but there were almost immediate updates provided in stable-updates to deal with kernel issues, for example. Those wouldn't be on the media until 12.5 which is currently being discussed to take place in February 2025. At that point, we will have new media - and the smaller update media to allow you to update from 12.4. The canonical way to do disconnected mirroring is to have a Debian mirror connected to the Internet somewhere and to allow that to do daily updates. You can then take the daily updates and gateway them into your closed network (or disconnect the mirror from the Internet and allow it to connect to an "internal" copy of the mirror before disconnecting the "external-allowed" copy and reconnecting it to the Internet.) The Debian suggested mirroring scripts use rsync and produce logs so it is not difficult to extract daily updates. Setting up a full Debian mirror is not particularly hard - all architectures with a mirror of Debian CD images will fit within 6TB or so. I wrote up some outline instructions on a blog syndicated to Planet Debian, for example: http://flosslinuxblog.blogspot.com/2020/02/rebuilding-mirror-software-mirroring-of.html Note, I have rearranged the addresses on this reply so that it goes first to the debian-user mailing list. Follow up to the list, please. With every good wish, as ever, Andy Cater [amaca...@debian.org] > > > 2023년 12월 25일 (월) 오후 11:05, Andrew M.A. Cater <amaca...@einval.com>님이 작성: > > > On Mon, Dec 25, 2023 at 12:21:29PM +0000, �� ���� wrote: > > [Copied to the poster because they may not be subscribed] > > > > > how to clone apt repository to newest only? > > > Fedora/Red Hat will organize the repository by copying only the most > > recent packages from that distribution if you give it the "reposync > > --newest-only" option, but Debian doesn't seem to be able to do that. > > > > > > What can I do? > > > > > > > > Hi > > > > By default, apt will check the dates on the package manifests and bring you > > up to date based on that. > > > > If you install from nothing then the installer will do the same assuming > > that you have an internet connection. > > > > reposync is really a Red Hat ecosystem specific command, I think. > > > > (already answered on the list: can I suggest that you subscribe to the > > list) > > > > Andy > > (amaca...@debian.org) > > > >
