Re: Secure Kickstart Installation

Sorry, but that's not a good idea from a security standpoint. It goes
against basic security practises. This is a security list, right?
It means that if there are any vulnerabilities in any of the packages
(and that happens often enough) you should upgrade all the machines
(even though they may never use the software in question), not to
mention the bugs for which there is not fix available.
Now, when it comes to RHEL 3 (or most Linux distros for that matter),
there are far too many packages and services that are installed by
default, even with a minimal install. I still can't figure out why I
would need a minimum of 600MB of disk space to install a bare system
with vi... (especially when Slackware or DSL allows you to have a system
with a desktop under 50MB)

Antoine


On Wed, 2005-05-25 at 10:02 +0200, Mathieu KRETCHNER wrote:
> Hi,
>
> Me and my team have installed approximativly all the packages. But we 
> have choosen to configure only services that we need. So we can add 
> services withtout new installation !
> For my own it's a political choice.
>
> Regards.
>
>
> Jennifer Fountain a écrit :
>
> > Hi all:
> >
> > I am looking to create a secure standard kickstart configuration file
> > for my RHEL 3 servers.  Right now, I am currently looking into what
> > packages I need to install.  I want to ensure I install everything I
> > need but not install what isn't needed.  Could anyone share with me
> > their package list? Or a copy of their std secure ks?
> >
> > Thanks in advance!
> >
> > Kind Regards,
> >
> > Jennifer Fountain
> > Systems Administrator/Security
> > R&B Distribution
> > 3400 E Walnut Street
> > Colmar, PA  18915 
> >
> > .
> >
> >