I found this in the logs:
The following packages have been kept back:
linux-image-amd64
Not sure why apt is holding it back, probably some unclean base image.
Work around it for now to make sure we have the newest kernel.
Remove all apt package sources configuration files before setting up the
standard set of sources (trixie, trixie-updates, trixie-backports,
trixie-security) to make sure that only those are present by default.
Since trixie debian.sources is recommended instead of sources.list. See
https://wiki.debian.org/SourcesList
Fixes the following warning on apt-get update:
W: Target Packages (main/binary-amd64/Packages) is configured multiple times in /etc/apt/sources.list:1 and /etc/apt/sources.list.d/debian.sources:1
W: Target Packages (main/binary-all/Packages) is configured multiple times in /etc/apt/sources.list:1 and /etc/apt/sources.list.d/debian.sources:1
W: Target Packages (main/binary-amd64/Packages) is configured multiple times in /etc/apt/sources.list:3 and /etc/apt/sources.list.d/debian.sources:1
W: Target Packages (main/binary-all/Packages) is configured multiple times in /etc/apt/sources.list:3 and /etc/apt/sources.list.d/debian.sources:1
This configuration has been in use in .gitlab-ci.yml scripts for a while
now and has proven reliable. This is a "low hanging fruit" improvement.
It provides an extra layer of protection for when their are apt vulns. And
it makes it much harder to profile what a server/laptop is doing based on
the internet traffic. The network observer will no longer be able to see
which packages are being downloaded since apt uses HTTP pipelining so size
attacks are not really possible. And HTTPS hides the URLs, filenames,
download contents, etc.
This is not user-configurable, so it should not be setup to be. This
process is only tested on the one basebox, and devs can just edit
Vagrantfile directly to test other base boxes.
# Conflicts:
# makebuildserver
The official Debian Vagrant box seems to be a "batteries included" kind of
thing. The buildserver should be as small as possible, so this removes all
the extraneous packages I could find in the Vagrant basebox.
This script was overwriting the provisioning that `vagrant package` does
already, and breaking `vagrant ssh`. It should have been removed in !1099closes#990
fdroid-bootstrap-buildserver#12
!1012!1099c6f5956537
Adding /bullseye-backports confuses things apparently. Without it, apt
will look in bullseye-backports automatically, including for deps. But it
will not look for deps in bullseye-backports if /bullseye-backports is used.
!1205
