[Bug 1817049] Re: Subiquity should install security updates before first login

Fri Apr 5 02:19:20 UTC 2019

On Thu, Apr 4, 2019 at 9:06 PM Seth Arnold <1817049 at bugs.launchpad.net>
wrote:

> Two methods come to mind:
>
> - Writing an apt sources.list that omits the -updates pocket
> - Writing apt pinning rules that omits the -updates pocket.
>
> I would prefer we install all updates, unless the user has explicitly
> requested only the -security pocket:
>
> - Updates from -updates may be very important but not involve a security
> boundary.
>
> - Doing a simple apt update && apt upgrade with the configured sources
> would be easier than trying to modify the sources or add and remove
> pinning without disrupting any pinning the user may have selected.
>

This is something that is pretty easy to do with curtin config:

system_upgrade:
  enabled: true

However, on older releases, this does impact install time.

>
> Thanks
>
> --
> You received this bug notification because you are subscribed to
> subiquity.
> Matching subscriptions: subiquity-bugs
> https://bugs.launchpad.net/bugs/1817049
>
> Title:
>   Subiquity should install security updates before first login
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/subiquity/+bug/1817049/+subscriptions
>

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to subiquity in Ubuntu.
https://bugs.launchpad.net/bugs/1817049

Title:
  Subiquity should install security updates before first login

Status in subiquity:
  Triaged
Status in subiquity package in Ubuntu:
  New

Bug description:
  Subiquity should download and install any relevant security updates
  before allowing the user to login for the first time after the
  installation to prevent the user from entering credentials and using
  an insecure web browser and other components.

To manage notifications about this bug go to:
https://bugs.launchpad.net/subiquity/+bug/1817049/+subscriptions