Previously, the backports repository was not enabled in Labs instances by default. I therefore wrote a patch (https://gerrit.wikimedia.org/r/#/c/238662/) to enable it for Toolforge instances, but when I tested it I found that new Ubuntu Trusty instances have the repository enabled in /etc/apt/sources.list:
[…] ## Uncomment the following two lines to add software from the 'backports' ## repository. ## N.B. software from this repository may not have been tested as ## extensively as that contained in the main release, although it includes ## newer versions of some applications which may provide useful features. ## Also, please note that software in backports WILL NOT receive any review ## or updates from the Ubuntu security team. deb http://nova.clouds.archive.ubuntu.com/ubuntu/ trusty-backports main restricted universe multiverse deb-src http://nova.clouds.archive.ubuntu.com/ubuntu/ trusty-backports main restricted universe multiverse […]
That's useful, because it removes the necessity for my patch :-), on the other hand it appears to be random because this configuration does not seem to be set in the labs_vmbuilder module (or elsewhere). The top of /etc/apt/sources.list reads:
## Note, this file is written by cloud-init on first boot of an instance ## modifications made here will not survive a re-bundle. ## if you wish to make changes you can: ## a.) add 'apt_preserve_sources_list: true' to /etc/cloud/cloud.cfg ## or do the same in user-data ## b.) add sources in /etc/apt/sources.list.d ## c.) make changes to template file /etc/cloud/templates/sources.list.tmpl #
but I don't see anything pertinent in modules/labs_vmbuilder/files/cloud.cfg et al.
So:
- Should the backports be enabled in default Labs (have not tested: Precise/)Trusty instances? (For Jessie instances, this is done in modules/apt/manifests/init.pp.)
- Depending on 1., that policy should be coded somewhere so that new images reliably conform to it.