[Mageia-dev] installing minimal is not really that minimal

Maarten Vanraes alien at rmail.be
Fri Mar 23 18:10:43 CET 2012 

Op vrijdag 23 maart 2012 17:38:05 schreef Thierry Vignaud:
[...]
> we preselect it here so that it got installed early:
> http://svnweb.mageia.org/soft/drakx/trunk/perl-install/install/any.pm?revis
> ion=3532&view=markup
> 
> because else it'll be automatically pulled later, adding a one package (or
> more) wait later:
> http://svnweb.mageia.org/soft/drakx/trunk/perl-install/bootloader.pm?revisi
> on=3581&view=markup
> 
> just look mageia-gfxboot-theme
> 
> Of course, that's OK for 99% of our users but for those manually
> selecting text lilo.

text grub would still need this? hmm... i'll look into this more deeply...

> That's a trade off: enforcing waiting for packages installation after all
> the other package installation so that a couple users can not have
> the bootsplash installed and select lilo or having a couple users
> unhappy

yeah, i get that, and i agree with this, but there's no reason some advanced 
setting can be done to turn more stuff off, be it visible or even via kickstart 
or cmdline...

> BWe could not preselect

what is 'BWe' ?


well, i was thinking to disable the preselect and/or later part when CAT_X is 
disabled. that should be fairly easy to do...

> > about firewall, perhaps it's possible to just include iptables, but set
> > policy on DROP incoming? shorewall seems a bit over the top...
> 
> we configure shorewall, not iptables.
> 
> > but, if summary isn't completed, you can't boot into it, wrt bootloader?
> > so firewall seems useless for that...? what is the rationale behind
> > this?
> 
> In the old days we let poeple choose the security level early then we
> automatically install & set  up the firewall accordingly.
> Later the security choice was moved to the summary and security level
> number was reduced from to 3 (see msec or security::level)
> But since the default security level is 1 ("standard"), we automatically
> install the firewall anyway.
> For years.

sure, but i don't see the need to preselect it, again, it could be in rpmsrate 
and handled that way now that the security level is "unused"

otoh, i could just use defcfg (if i ever get it working) and set security to 0 
if i wanted to.

More information about the Mageia-dev mailing list