On Sun 02 Feb 2025 at 12:14:08 (+0000), Andrew M.A. Cater wrote: > On Sat, Feb 01, 2025 at 10:31:02PM -0600, David Wright wrote: > > On Sat 01 Feb 2025 at 15:29:13 (+0000), Andrew M.A. Cater wrote: > > > I'm not sure this is a bug per se: if what you want is a fully offline > > > install, then you have to make sure that the machine is fully offline. > > > > What interests me is what the sources list was after run 2, particularly > > this line: > > #deb http://security.debian.org/debian-security bullseye-security main > > contrib > > If commented out, how did the installer manage (in the OP) to log: > > Jan 31 05:35:42 in-target: Get:1 > > http://security.debian.org/debian-security bullseye-security InRelease > > [27.2 kB] > > If not commented, then I would call that a bug: it allows the > > installer to use a mirror when told not to. > > At that point, you're network connected: it may be a connectivity check > The default is for debian-security to be enabled - the general assumption > is that you want security updates to be generally available quickly. > > > > If you want a networked install, then the assumptions made in the > > > installer are probably that you will want to install using the available > > > network for all appropriate updates. > > > > If you're connected to a network, but you tell a program not to use > > it, then going ahead and using it is as bad as other programs that > > "call home" without permission. And we all condemn that. > > There's a difference here between using a specific network (country) mirror - > ftp.uk.debian.org - which is your local mirror having the whole of Debian, > say, and the general security updates available to the world from a central > place. > > "Don't use a network mirror" == I don't want/don't have a mirror available > to pull the rest of the software from. > > Security updates coming from security.d.o are enabled by default. There are > two different use cases. > > > As I said, I can't replicate the problem on bookworm, but I've only > > tested the netinst. I'll leave the DVD for you. :) > > There's a distinct difference between the DVD and the netinst. The netinst > is predicated on there being a network. If you install using only the DVD > on Bookworm, then the sole entries you get reference the DVD (see below).
> /etc/apt/sources.list: > > deb cdrom:[Debian GNU/Linux 12.9.0 _Bookworm_ - Official amd64 DVD Binary-1 > with firmware - 20250111 - 1055]/ bookworm main contrib non-free-firmware > > And that's the case whether you install with a network connected or without. With the polar vortex (from highs of 62° to 13°), I switched to installing on one machine with a network-console, to save me from freezing. So it struck me that having that facility available undermines the argument in the first paragraph above, that if you want to install from only the DVD, then you mustn't configure the network. Cheers, David.
