Hello,
I tried to use the Linux Client of Desktop Central for some Debian (Jessie, stable) workstations in the network. There are several things which seem very strange to me:
1. When installing patches, DC suggests me Debian patches from Backports. Where can I disable that? In this case it was an update of libgcrypt20 1.6.3+deb8u2 to 1.7.6-1~bpo8+1.
2. Where is DC getting the Debian package updates from? It seems that it doesn't use the package sources as configured in the client. How can I use the sources configured in /etc/apt/sources.list? My main concern is, that DC is probably not verifying the GPG Keyring correctly and therefore make the system more vulnerable against Man in the Middle attacks. I know that in this case, every client collects the updates directly from the server (not very efficient). Or is there a possibility to enable the keyring check in Desktop Central?
3. Where can I enable full package listing? When I take a look at the inventory, the system says that 259 packages are installed. When running dpkg -l | wc -l, I get the info that 1314 packages are installed. Some very important packages like firefox-esr (former iceweasel) are not included in the inventory data in Desktop Central.
Thank you for any advice!
Lisa