Do you upgrade your chroot?
David Groos
djgroos at gmail.com
Wed Jan 6 02:56:47 GMT 2010
It seems I've seen in a few places that it isn't important to update the
chroot too often, only when doing certain sorts of upgrades (don't ask me
what the criteria are, I don't know :))
Steve, what tools/setting do you use when you go about locking down the
desktop?
David
On Tue, Jan 5, 2010 at 5:42 PM, Steve Rippl <rippls at woodlandschools.org>wrote:
> :-) I'm a little swamped here to respond to much of anything I'm afraid!
> We find currently we're updating our tc images every now and again as we
> tweak some settings, but we haven't done it for security reasons at all.
> We've put a lot of time into locking down the desktop as that's what the
> kids will mess around with and break if they can, but I'm not too concerned
> about more intricate security holes within our setup.
>
>
> john wrote:
>
> Thanks Andy,
>
> Apparently not a hot topic for anyone else! :-)
>
> John
>
> On Sun, Jan 3, 2010 at 5:36 PM, Andy Figueroa <figueroa at andyfigueroa.us> <figueroa at andyfigueroa.us> wrote:
>
>
> Good question. I've had a small seven client LTSP computer lab running for
> about 18 months now. It's running on Hardy (Ubuntu 8.04). I have upgraded
> the chroot several times just to keep up-to-date for the sake of security.
> (apt-get update then apt-get upgrade following the instructions in the
> Edubuntu handbook)
>
> Since you asked the question, I've just done it again a few minutes ago -
> good timing - since school starts back again tomorrow after the Christmas
> holiday.
>
> I was surprised to see that the last time I did this and rebuilt the image
> was in February 2009. The old i386.img was 291954688 and the new image is
> 350814208. No apparent issues. Tomorrow we'll see if the clients boot all
> right. :-)
>
> I'm using/booting kernel vmlinuz-2.6.24-23-generic although -26 has been
> installed during regular updates.
>
> Andy Figueroa
>
> john wrote:
>
>
> Hi all,
>
> Sometimes I see a patch come down the the pipeline that makes me
> wonder if I should be updating the file that lives in my chroot (the
> recent tzdata file patch, for example). My normal practice is never to
> update my chroot (on the "if it ain't broke..." principle), although I
> do sometimes add software (most recently ntp for cron powered
> shutodowns) to the chroot image.
>
> My understanding is that one of the big reasons for the move to LTSP5
> was to integrate the native package management features into the
> chroot environment under the theory that folks really wanted to keep
> those environments up to date.
>
> So my question is: do you upgrade your chroot? Why or why-not?
>
> Thanks!
>
> John
>
>
>
>
> --
> Steve Rippl
> Technology Director
> Woodland Public Schools
> 360 225 9451 x326
>
>
> --
> edubuntu-users mailing list
> edubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ubuntu.com/archives/edubuntu-users/attachments/20100105/d1f0ae2d/attachment.htm
More information about the edubuntu-users
mailing list