Date: Thu, 23 Jan 2003 13:10:01 -0800 From: Jens Haeusser <jens@zoology.ubc.ca> To: Paul Everlund <tdv94ped@cs.umu.se> Cc: freebsd-questions@freebsd.org Subject: Re: Installing Stripped System Message-ID: <BA559A29.6449%jens@zoology.ubc.ca> In-Reply-To: <Pine.GSO.4.44.0301231121560.10292-100000@kvist.cs.umu.se>
next in thread | previous in thread | raw e-mail | index | archive | help
On 1/23/03 2:30 AM, "Paul Everlund" <tdv94ped@cs.umu.se> wrote: > On Thu, 23 Jan 2003, Jens Haeusser wrote: > >> I'd like to install a system lacking some of the binaries you can >> specify as make.conf knobs, such as >> >> NO_I4B= true >> NO_IPFILTER= true >> NOGAMES= true >> NOUUCP= true >> NO_SENDMAIL= true > > I have been thinking that those "knobs" should have their own > pkg-plist which one could use for deleting the binaries. Also one > must take in concern dependencies of those "knobs"... I've always thought that the entire base system should have it's own package/port system. That way, you could easily remove the bits you don't want (remove UUCP from a fileserver, remove gcc from a firewall, etc). As well, this would make security/other upgrades much easier. Telnet has a remote hole? Simply upgrade the base-telnet port. OpenSSL has a problem? Upgrade the base-OpenSSL port, which will take care of rebuilding any other dependant base-ports. This should also make binary upgrades easier if it included proper packages. It could certainly simplify the whole track the security branch, spend hours making install/buildworld every few weeks issue. Ah well, I can always dream. Jens Haeusser Network Manager Zoology, UBC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BA559A29.6449%jens>