From: Eje Gustafsson (Macahan_at_fament.com)
Date: Mon 20 Jan 2003 - 08:19:44 GMT
AS> Sorry for being a bit annoying about this.
AS> First of all, I want to ask if the following packages are really of a
AS> base rh system requirements:
These are required unless you don't want ssh and initscript. I'm also
almost positive that you can NOT get a install WITHOUT initscript.
Both these are required by openldap.
This one has libs that are required by libuser.
libuser is required by passwd
So I guess if you do not need passwd then you can skip the above
packages. But to save the space not installing these packages (aprox
1MB rpm size) is in my opinion outweighted by the hassle not to have
AS> Next, I wonder if the following packages are useful in vserver enviroment, please comment:
I think these are required by initscript. Actually ip and arping in
perticular is required by initscript
"The initscripts package contains the basic system scripts used to boot
your Red Hat system, change runlevels, and shut the system down
cleanly. Initscripts also contains the scripts that activate and
deactivate most network interfaces."
These are also required by initscript
AS> Finally, can you also provide ls /dev from your vserver environment?
[root_at_vserver dev]# ls -l
prw------- 1 root root 0 Jul 18 2002 initctl
My guess is to really make a good working enviroment you need to add
null and random at a very minimum. Not sure what else is recommended
to have but from reading up in the archives and the faqs I understand
that many devices are not a good thing and can be a big security risk.
I can't recall right now if there is a minimum set of devices that are
suggested to have available to maintain a secure vserver if I missed
it please point it out to me if not then it probably be a good idea to
create such a list.
Eje Gustafsson mailto:MacAhan_at_fament.com
--- [This E-mail scanned for viruses by Declude Virus]