From owner-freebsd-questions@FreeBSD.ORG Tue Sep 16 12:56:09 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BC21C31F for ; Tue, 16 Sep 2014 12:56:09 +0000 (UTC) Received: from mx02.qsc.de (mx02.qsc.de [213.148.130.14]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 55F3E9DE for ; Tue, 16 Sep 2014 12:56:08 +0000 (UTC) Received: from r56.edvax.de (port-92-195-162-184.dynamic.qsc.de [92.195.162.184]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx02.qsc.de (Postfix) with ESMTPS id C68B727653; Tue, 16 Sep 2014 14:55:59 +0200 (CEST) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id s8GCtwQ9001941; Tue, 16 Sep 2014 14:55:58 +0200 (CEST) (envelope-from freebsd@edvax.de) Date: Tue, 16 Sep 2014 14:55:58 +0200 From: Polytropon To: Gregory Orange Subject: Re: Remove distribution sets Message-Id: <20140916145558.b731c672.freebsd@edvax.de> In-Reply-To: <54179A2A.8090406@calorieking.com> References: <54169E42.5020108@calorieking.com> <20140915120948.569f5458.freebsd@edvax.de> <54179A2A.8090406@calorieking.com> Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Sep 2014 12:56:09 -0000 On Tue, 16 Sep 2014 10:02:18 +0800, Gregory Orange wrote: > On 15/09/14 18:09, Polytropon wrote: > > On Mon, 15 Sep 2014 16:07:30 +0800, Gregory Orange wrote: > >> Can one remove distribution sets from FreeBSD 8.x? > > > > The system doesn't provide a _dedicated_ means to do this. > > Thank you (despite it being less than ideal news) - I wondered, but > couldn't find anything stating it as such. I had thought of a "make deinstall" command for the particular parts in the /usr/src directory tree, but you can only do "make install" for most components. Removing them, it seems, has to be done manually. > Yes I neglected to mention this URL: > https://forums.freebsd.org/viewtopic.php?&t=1136 > > Noone responded to edogawaconan regarding a register of the components > installed. I'll have a play with it, and particularly with > feebsd-update.conf and see how I go. This involves doing an upgrade of the system, but if this is to be done anyway, it _might_ work and remove parts. > > The best way to tune an installation is at install time. > -snip- > > Agreed. I've just heard back from hosting provider: They only have one > 8.3 OS image to install, and it has this extra material in it. They're > not planning a 8.4 image, so I'll have to get us to 9.x or later at some > point. I'd suggest, if possible, to follow 10.0 / 10.1 as soon as possible. You could probably even do a "network install", preparing a customized 10.0 image with stuff left out, and then "copying" it to the server "over the present install". This of course has to be done with a backup and an emergency recovery plan in mind. ;-) > > It's also possible to "prepare" a stripped-down system > > elsewhere and then use it to replace the installation in > > question. > > I wonder if I'll need to pursue that. I'd rather not. But it seems to be the easiest thing, "easy" in comparison with the alternatives (like manually removing parts from the system). > > A comparable way is provided via freebsd-update where parts > > to be subject of an update can be selected using its configuration > > file; see "man freebsd-update.conf" for the "Components" > > keyword. > > This might be my best option. It _should_ remove the "outdated" components and _not_ install their new counterparts if the configuration file says so. I'm not sure how it handles "hidden" dependencies, but the distribution parts should be quite independent of each other, so for example removing manpages does not break anything, it's just that there are no manpages anymore; removing sendmail, on the other hand, will render the whole system unusable. > > Probably you won't save much disk space anyway... > > I don't care about the disk space. The aim is twofold: > > 1. Reduce any extra content that widens the risk profile on a machine. > If code is present, there is some chance for it to contain bugs, which > leads to some chance of a security risk. Yes, that is a very important aspect (which I'm scared of whenever I have to deal with stock Linux installations). Also for dedicated systems, I tend to strip down the OS and the kernel, as I'm doing source updates anyway from a different system, so for example it's no big deal if there is no C compiler on the target system, no troff, and no loadable kernel modules. > 2. Ease upgrades. Already the machine has a custom kernel which I need > to replace with generic. The upgrade process requires a lot of manual > intervention (see below), and I'll be dealing with a number of these > machines. This also sounds interesting. For binary updates, using a custom kernel makes things more complicated, but if you trim your freebsd-update.conf and rely on "preprocessed" parts, updates should be quick and easy. > Manual intervention: > lots of prompting with "these files don't match, what do I do?" and > frustratingly, an editor session opens up to compare - in the vast > majority (all but a handful) of cases the differences are just the > header line which doesn't matter to me. There is something comparable when doing source upgrades: You can configure mergemaster not to annoy you. The file to do this is /etc/mergemaster.rc, see "man mergemaster" for details. This part of the upgrade process can be adjusted to be less frustrating. :-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...