Fedora Server Spin

Rui Miguel Silva Seabra rms at 1407.org
Fri Jan 12 11:00:56 UTC 2007 

Sex, 2007-01-12 às 00:58 -0500, Warren Togami escreveu:
> Arthur Pemberton wrote:
> > 
> > Selfishly, I would like to see:
> > * freenx/nx
> > * xfce
> > 
> 
> I would think that a Server spin would have either "Necessary" or 
> "Typical" things.  The examples above are neither, for a server at least.
> 
> Perhaps it would be a good thing to come up with written guidelines to 
> what belongs in Server and what doesn't?
> 
> NOTE: Excluding something from Server because it is very atypical does 
> not mean it is unavailable.  If you want them, you can always install 
> via yum after you have the system online.

FSS should, by default and if nothing else specified, install the
minimal for:
	* remote access (aka ssh)
	* audit
	* be prepared for "yum install ..."
	* no "might be useful" services installed, only people who
	  should know "best" should install servers, specially if
	  connected to the internet :)

Questions about packages that FSS could ask on interactive install:
	What kind of server do you want?
		[ ] Web Server
		[ ] Email Server
		[ ] Database Server
		... (other choices, you get the gist I hope)

	Inside each of those maybe some questions like:
		[ ] password for X
		[ ] typical configuration { A or B or ... } for Y
		... (other choices, you get the gist I hope)

Configurations:
	Secure by default
		* no default passwords
		* no service shall start automatically unless it can
		  have a secure default configuration
		* root only by sudo, but without direct access to a
		  shell (for improved audit-ability)
		* selinux activated
		... (other choices, you get the gist I hope)

Think "OpenBSD but better" :)

Rui

-- 
+ No matter how much you do, you never do enough -- unknown
+ Whatever you do will be insignificant,
| but it is very important that you do it -- Gandhi
+ So let's do it...?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Esta ? uma parte de mensagem	assinada digitalmente
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20070112/b1c34827/attachment.sig>

More information about the fedora-devel-list mailing list