Minimal Install Option

Bill Anderson bill at noreboots.com
Thu Aug 21 17:11:30 UTC 2003 

On Thu, 2003-08-21 at 10:33, Chris Ricker wrote:
> On Thu, 21 Aug 2003, Bill Anderson wrote:
> 
> > Here is a short, quick list of what I see needs to be removed from an
> > install "for creating small router/firewall boxes":
> 
> what your list is really pointing out is that the meaning of minimal is 
> subjective. Even for a router / firewall.

Actually, there are a lot of objective ones. Calculators, NFS,
automounting NFS shares, participating in NIS, creating and manipulating
dos filesystems, converting unix line endings to dos line endings. None
of these are part of a what a firewall or router do. Nor do they serve
as "talk" stations, or have a need for spell-checking things.


> Just for a few examples:
> 
> > krb5-workstation
> 
> might be good on a router -- give you secure in-band management capabilities

The package itself in it's description says it is for workstations. A
firewall/router is not a network management station. Looking at the list
of files it provides, I see kerberized versions of rcp, rlogin,
uuclient, telnet, rsh, ftp, etc. All not part of what a router/firewall
does.

X "might be good" on a router/firewall too as it provides nice graphical
tools for system management. But those selecting "minimal" that is "good
for small routers/firewalls" are not expecting to get "might be good"
packages.

Firewalls and routers route packets. They do not manage networks or
services, nor provide them.

> 
> > wget
> 
> I definitely want this on a router

Why? Why should a router/firewall be downloading web pages, etc.?


> > A minimal install should provide no external services beyond SSH,
> > especially when listed as a firewall/router install.
> 
> a firewall shouldn't provide any external services. manage them out-of-band

I'm not sure you are disagreeing with me here. Are you saying don't
remote log in to a firewall at all, or are you agreeing with me?


> What should be a default, or even a minimal, is highly subjective. Perhaps 
> what's needed is a better definition of who / what minimal is intended for, 
> b/c right now it doesn't really suit anyone.

Well, it does say what it is intended for, it just doesn't live up to
(or down to) that claim. :( 

Particularly during install, If you have something you want to add
because it "might be good" that is easier than removing a bunch of
things with dependency trees.

-- 
Bill Anderson
RHCE #807302597505773
bill at noreboots.com

More information about the fedora-test-list mailing list