Problem was that the commented variant only was a new, $dist-security
one, but is also written if the security repo is disabled with other
distributions than sid/unstable.
If the security repo will be enabled or not currently depends on the
host's sources.list. So the resulting files differ depending on the
host where the test is run. Add a TODO item to break with that
"feature".
Also mention in the TODO list that a repo on archive.debian.org should
be used instead security.debian.org if the release is EoL. Currently
the security mirror is hardcoded into the hook.
fix update-grub chroot silent failure
While it probably would be nicer to mount it at the beginning and umount it at the end, we have too many hooks already doing this and changing this seems a bigger task.
This reverts most code, but not the implemented functionality of
commit 2fba5cb90e30f2bfab07782c9fa3b99275e769da.
Requiring a config file change to still be able to install old
distributions would make a bump of the major version necessary
according to Semantic Versioning. Let's avoid that:
The list of distributions with the old path scheme is finite and will
never change again. Hence it's ok and especially backwards compatible
to hardcode this list in hooks/debian/20-setup-apt.
It's also less and more obvious (but not necessarily easier to read)
code. But it's all in one place and not scattered over three files.
And it's just one line instead like a dozen or two dozens.
Closes: #972749 (kinda again)
From Debian 11 Bullseye onwards, debian uses $dist-security instead of
$dist/updates as distribution part in /etc/apt/sources.list.
Mark those distributions with the old-style subdirectory path with
"security-subdir" in distributions.conf.
Thanks to Paul Wise for the bug report (and hence reminding me of
this) and for the suggestions on how to implement this (even if I
didn't follow them for the sake of simplicity and no additional
dependencies).
Closes: #972749
Reasoning:
Debian 8 Jessie has still (external) ELTS until 2022. But
debian-internal LTS has ended and it will likely vanish from the
normal mirrors soon. And it is already available in the archive. (And
some architectures are already only available in the archive.)
Also mention marking Debian 7 Wheezy as EoL in NEWS.markdown. (Was
already mentioned in debian/changelog.)
At least debootstrap 1.0.110 (Buster/Sid) or 1.0.110~bpo9+1
(Stretch-Backports) is required for:
* working bootstrapping of Ubuntu 6.06 Dapper and 6.10 Edgy (see
#659360).
* Support of Ubuntu 17.10 Artful, 18.04 LTS Bionic, 18.10 Cosmic, and
19.04 Disco.
Any tag ending in ".gpg" will be considered to be the according
keyring file in /usr/share/keyrings/. This is at least needed for some
Ubuntu releases which were eol'ed in the past few years, especially
because Ubuntu split up their keyrings much more finegrained than just
"archive" and "archive-removed-keys".
