Comment 3 for bug 34376

I'll try to describe this to be more easy.

I have a netboot setup in my LAN so that I can boot and install ubuntu from the a local server. To netboot and install, the main/debian-installer section needs to be available in my local mirror. I use preseeding to configure mirror information and packages so that souces.list points to my local server instead of archive.ubuntu.com (and installation requires almost no manual intervention). To that extent, my debmirror configuration automatically fetches the following:

DIST=feisty
SECTIONS=main,restricted,universe,multiverse,main/debian-installer

I run the debmirror script every night in a cronjob so that it stays updated with http://gb.archive.ubuntu.com. That means that updates that come to "feisty" repo will automatically hit my local mirror. This configuration allows me to install feisty with only the "feisty" repo available (updates, backports and security updates not available in local mirror and not available to clients).

But this means that the client has to use the internet and connect to archive.ubuntu.com to download other repos (fesity-updates, feisty-backports, feisty-security). I trust my LAN server and have no fear of it getting compromised, so I would like to host all the repos (including feisty-security) locally.

If I change the debmirror configuration to:

DIST=feisty,feisty-updates,feisty-backports,feisty-security
SECTIONS=main,restricted,universe,multiverse,main/debian-installer

It will try to download all updates but will fail when trying to get main/debian-installer from feisty-security (or backports, updates). Removing main/debian-installer will eliminate the problem, and all the repos will be downloaded. But I won't be able to netboot and install. (Note: debmirror automatically cleans the mirror, so anything that is not in the DIST and SECTIONS will be removed. This means that I cannot have 2 scripts; one to download main/debian-installer without all the other repos and another script to download the other repos without main/debian-installer)

FYI, in dapper, I am able to download all repos and the main/debian-installer section since dapper-security has a main/debian-installer section. But the section was added later, until which I had the same problem as I described above.

Summarizing the usecase problem is that I if feisty-security does not have a main/debian-installer section, local mirrors cannot serve feisty-security to their clients. If they do add feisty-security, then they will not be able to netboot and do automated installs.

Two possible solutions come to mind (and also suggested by Carlos Javier):
1. Modify debmirror to ignore repos that do not have main/debian-installer
2. Create main/debian-installer sections automatically for all repos

The second option sounds more simple and easy. (When feisty was released, there was feisty-security available, but no packages in it. This allowed the feisty ISO to enable the security repo without clients getting any 404 errors. Later, when packages were added to feisty-security, it trickled down to clients (through update-manager) without any additional sources.list modification.

Hope that helped.
--NetVenture

FYI, here is my debmirror wrapper script for dapper:

#/bin/bash
DEST=/home/Repository-ubuntu-dapper
HOST=gb.archive.ubuntu.com
ARCH=i386
DIST="dapper,dapper-security,dapper-updates,dapper-backports"
SECTION="main,universe,multiverse,restricted,main/debian-installer"

/usr/bin/debmirror --dist=${DIST} --section=${SECTION} ${DEST}
# End of script