Installing minimal number of packages

Shabazian, Chip Chip.Shabazian at bankofamerica.com
Tue Aug 21 15:33:14 UTC 2007 

 
Joe,

I feel (and have lived through) your pain.  Our objective was to create
a "core image" that fills 80% - 90% of all non application needs on
build, and we have been quite successful with it, Starting with RHEL
2.1.  With RHEL 5, I have seen more improvements (personally) with
kickstart than with any previous release, going back to RHL 7.0 which is
when I started doing significant work with kickstart.  Many of the
challenges that have existed for years, are now resolved either through
kickstart or other tools.

Some highlights:
You can now specify yum repo's in your command section so that systems
can be built with current releases from a tested stable build
All kickstart tools now use the same UI for package selection (it used
to be three different code bases to maintain)
Ability to have multiple %post sections (thus allowing you to do work in
--no-chroot, then work in a chrooted environment)
Tools such as Revisor make it almost TOO simple to create your own
"single install CD" or live CD with what you want

Anyway, there has been significant work on Red Hat's part to make
improvements to kickstart, and it really shows in RHEL 5.  I for one am
happy to see the progress and can't wait until we can move forward with
RHEL 5 deployments and get off 3 and 4.

I covered the above, and some others in my recent Linuxworld
presentation which you can download at
http://www.shabazian.com/lw2007.pdf


-----Original Message-----
From: kickstart-list-bounces at redhat.com
[mailto:kickstart-list-bounces at redhat.com] On Behalf Of Joe_Wulf
Sent: Monday, August 20, 2007 4:25 PM
To: 'Discussion list about Kickstart'
Subject: RE: Installing minimal number of packages

I REALLY like RedHat, as opposed to other distributions.  Works well for
me both at work and at home.  I hear you, Michael with regards to the
difficulties in getting to a truly "MINIMAL" installation.  I've got
quite a bit of experience working with RedHat Enterprise Linux, Advanced
Server v4.0.  The 'extra' stuff that gets installed is almost 150
packages that add no value and have to be weeded out.  I've found about
the same perspective with the Fedora line as well.

The method I've found to achieve a functional system that has minimal
packages installed is to install it by hand once, utilize the RPM
commands to get info on the packages, then build a list of what I want
to keep and what I want to remove.  I've then coded a script and
included with it a package disposition text file.  The script removes
all the excess while leaving a functional system in place.  My rule was
an objective evaluation of every package---if I could honestly see 70
percent of the systems actually use packageX, in any given enterprise,
then the package stayed in the baseline I was building.  That is a
pretty rigorous methodology, yet has achieve stable results.

I'm currently working on translating that to a kickstart process, as
well as apply these lessons learned to RHEL v5.  hooo boy, is THAT gonna
be fun!

<begin soapbox>
I've posted to some of the RedHat and fedora lists in the past about
providing significant fidelity to the package installation process.  So
far, there seems to be great interest in allowing the existing
frustrations and confusion to reign.  Puzzling and sad.

In these days of system exploitations, I would have thought RedHat would
desire to lead the charge for a system that is easy to install,
minimizes the attack surface miscreants have open to them, robustly
secures all facets of the OS from a holistic perspective.
<end soapbox>

I wish you luck.  But, realize too, that in the end, you'll know a hell
of a lot more about the RedHat OS than you knew before.

R,
-Joe Wulf, CISSP, USN(RET)
 Senior IA Engineer
 ProSync Technology Group, LLC
 www.prosync.com


-----Original Message-----
From: kickstart-list-bounces at redhat.com
[mailto:kickstart-list-bounces at redhat.com] On Behalf Of Michael
Sent: Monday, August 20, 2007 18:55
To: Discussion list about Kickstart
Subject: Re: Installing minimal number of packages

Shabazian, Chip wrote:
> You still get base.  A truly minimal install would be
>
> %packages --no-base
>
> But that would result in a largely unusable system, so you need to add

> packages back in from that point.
>
> NOTE: I have not tested this on FC6, but expect it to be the same. 
>
>   

Is there not a happy medium somewhere in betwen?  I definitely want a
stripped system that includes rpm, and basic functionality but I don't
want X, or lots of bulk. 

Doing --no-base and adding back all the packages just to make it
function correctly seems tedious to get correct.

If that is the best way, can someone give me an example of what they add
back?

Michael

Michael

_______________________________________________
Kickstart-list mailing list
Kickstart-list at redhat.com
https://www.redhat.com/mailman/listinfo/kickstart-list


_______________________________________________
Kickstart-list mailing list
Kickstart-list at redhat.com
https://www.redhat.com/mailman/listinfo/kickstart-list

More information about the Kickstart-list mailing list