Which packages are critical?

Pann McCuaig pann at ourmanpann.com
Sat Mar 23 04:56:55 PST 2002

On Sat, Mar 23, 2002 at 01:02, Eric wrote:

> I'm trying to figure out which packages are critical to the system running.
> I'm trying to build a minimal configuration linux router which does not need
> make, gcc, vi, etc, etc, etc...  However, I'm not sure which packages I can
> avoid installing, and which ones I need.
> Does anyone know which are the minimal packages necessary to get an LFS 3.2
> system network functional?

I can understand why you want to this, build a router/firewall from
trusted source packages, but as nice as it is, LFS is probably the
wrong place to start unless you're willing to carry the weight (in
diskspace). I'd suggest you google and freshmeat for small and embedded
distributions and use what you've learned from building LFS to create
such a targeted beast from the ground up.

You're probably going to want to learn about such things as busybox,
tinylogin, and dietlibc, for starters.

FWIW, I've given this a fair amount of thought (noodling only, no real
work) and it seems to me there's a clear break: either you want a system
you can boot off of one or two floppies and run entirely in RAM, or you
want an ordinary distribution that will fit in a reasonable amount of
disk space, run on modest hardware, and that can be properly tailored
for the application and properly secured.

I run my firewalls (both personal and for paying clients) on Debian.
Why? Solid distribution, easy to maintain, good reputation for security
upgrades. Which brings up another point: on such a box you really want a
mechanism for straightforward upgrades of packages. That's why I ended
up with Debian rather than OpenBSD, which has much to recommend it for
this application. But keeping a non-development box current is not one
of its strengths.

Also on this subject, my interest in LFS was greatly heightened when I
came to the conclusion that woody is likely to be the last release of
Debian as we know it. Some drastic changes will be made or that project
and distribution will be crushed by its own weight. But if I end up
using LFS for my firewalls in the future, I'll use the whole beastie.
It already weighs in with about the same disk space requirement as a
woody firewall. So it's just a matter of sorting out cross-compiling
and tidying up packaging (I'm using checkinstall and Slackware style
packages) to keep the remote boxes current once they're in place.

Wow, this stream of consciousness lasted far longer than I intended. If
this is too much, or too far OT, mea culpa.

geek by nature, Linux by choice                     L I N U X       .~.
                                                    The Choice      /V\
http://www.ourmanpann.com/linux/                     of a GNU      /( )\
                                                    Generation     ^^-^^
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-support' in the subject header of the message

More information about the lfs-support mailing list