Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 16 Oct 1999 07:53:39 -0700
From:      Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>
To:        "Patrick Bihan-Faou" <patrick@mindstep.com>
Cc:        "Pierre Beyssac" <beyssac@enst.fr>, "David G Andersen" <danderse@cs.utah.edu>, freebsd-current@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG
Subject:   Re: make.conf options (was Re: package-like feature for the base distrib (was Re: FreeSSH))
Message-ID:  <199910161454.HAA46310@cwsys.cwsent.com>
In-Reply-To: Your message of "Wed, 13 Oct 1999 13:04:10 EDT." <011801bf159c$f80630e0$190aa8c0@local.mindstep.com> 

next in thread | previous in thread | raw e-mail | index | archive | help
In message <011801bf159c$f80630e0$190aa8c0@local.mindstep.com>, "Patrick Bihan-
Faou" writes:
> Hi,
> 
> From: Pierre Beyssac <beyssac@enst.fr>
> 
> > There are a _lot_ of pitfalls to this kind of approach, as I have
> > discovered using Linux Debian. This would probably open a can of
> > worms you have no idea of. IMHO, the single biggest mistake in
> > Debian is the all-encompassing package system which can make your
> > life miserable in no time.
> 
> [...]
> 
> I was not talking about things that constitute the "real" core of the
> distribution (kernel, basic libraries etc.). I was more thinking about
> "userland" stuff that is included in the distribution but might not be
> required by everybody. Sendmail for example is something I don't want since
> I user qmail. However I have to remove it by hand... Other examples are bind
> or perl.

You don't need to install them.  Just put these in make.conf.

	NO_SENDMAIL=   true
	NOPERL=        true
	NOGAMES=       true

It might be a good idea to support NONAMED, NOUUCP, and NONFS, 
defines in make.conf.  Since some like to use Qmail, Postfix, SSH, and 
Kerberos V, like BUILD_PORTS='postfix ssh krb5 XFree86' in make.conf
would fetch new copies of distfiles (if you don't have them), de-install
old versions, build and install the listed ports each time a make world
is performed.

We could so far as having a INSTALL_SUID_root='su passwd ...', 
INSTALL_SUID_man='man', INSTALL_SUID_uucp='uuname uustat uux ...'
options, just to name three, which would list all of the setuid
binaries in FreeBSD.  You would remove the ones you don't need from
the list when you secure your system.


Regards,                       Phone:  (250)387-8437
Cy Schubert                      Fax:  (250)387-5766
Sun/DEC Team, UNIX Group    Internet:  Cy.Schubert@uumail.gov.bc.ca
ITSD                                   Cy.Schubert@gems8.gov.bc.ca
Province of BC
                      "e**(i*pi)+1=0"





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199910161454.HAA46310>