Hello! I'm still fighting against Autoyast to get fresh installed SuSE 10.1 systems containing all recent patches. Before the libzypp update I was able to add an local copy of the update directory using "rug service-add" and "rug subscribe -a" - A "rug update" did then the job. Since the libzypp update [1] this approach is no longer possible as the update does not install. I need to use YaST in an unscripteable way. An approach like in 10.0 using the command line "online_update -u nfs://192.0.1.1/export/suse/updates -V -l en" is also not possible as this binarie does no longer exist. [1] http://lists.suse.com/archive/suse-security-announce/2006-Jun/0004.html My next try was to integrate the updates into the installsource. I found several more or less usable postings in this mailinglist - the only way it works is to get a local mirror of the current updates and integrate them into the installsource using create_update_source.sh [2] and create_package_descr [3]. I followed the instructions in the scripts and added a add_on_products in the install directory as described in the FAQ [4]. [2] http://www.suse.com/~ug/tools/create_update_source.sh [3] http://www.suse.com/~ug/tools/create_package_descr [4] http://www.suse.com/~ug/AutoYaST_FAQ.html#b9 To avoid the dialog about unsigned packages, I added the needed statements to my autoyast file: <general> <signature-handling> <accept_unsigned_file config:type="boolean">true</accept_unsigned_file> <accept_file_without_checksum config:type="boolean">true</accept_file_without_checksum> </signature-handling> </general> I even patched my installsource using the root image updater [5] - I followed the instruction that the utility must be run on a x86_64 system to provide an update for those architecture. The YaST logfile shows that the configuration entrys are parsed - but the dialog [6] still appears :-( [5] http://lists.suse.com/archive/suse-autoinstall/2006-Jun/0109.html [6] http://www.0x1b.ch/~beat/autoyast.png Any other solution? Delivering systems to a customer without patches is quite often a security problem and It does not make a good impression when the customer needs to run YaST twice with a reboot between it and download half a Gig of patches - on the other hand, we need a way to integrate those patches without user intervention. SLES10 - when finished - is only a solution for customers who are willing to pay the license... Beat Rubischon -- Beat Rubischon <beat.rubischon@dalco.ch> DALCO AG, Industriestrasse 28, 8604 Volketswil