Re: Cut down Linux (Debian)

From: Roger Leigh <rleigh@xxxxxxxxxxxxxxxxxxxx>
Date: Sat, 8 Jul 2006 18:27:38 +0100

On 2006-07-07, markp <map.nospam@xxxxxxx> wrote:

I'm working on a firewall/NAT router project using Debian Sarge 3.1.
Currently I have a hard disk based system, but I'd like it to run with a
128Mbyte CF card in a mini-ITX box. The firewall is working, but the
standard installation system is a little on the large side.

Someone suggested I could replace the init process with a user script and
only load those things I need, but init enables quite a few facilities, like
gracefully shutting down/ booting up, gettys etc., so I'd like to keep it
but maybe reduce the number of scripts run in /etc/rcS.d, and /etc/rc2.d
directories, and then remove all the packages and files I don't want.

Is this a sensible approach and is there an easy way to do this cutting
down? Would another init replacement, like runit, be better? I don't really
know enough yet to build it up from scratch and I really need the firewall
installed soon!

It's not the init scripts that you need to worry about, but saving space
by removing unnecessary packages.

Get the full installed package list with

dpkg --get-selections

and then review each one. If you don't need it, purge it. This should
trim down the system quite a bit. You won't be able to remove
everything, because some "unnecessary" packages will be required by
other packages you do need.

You can also save more space by removing unwanted documentation and
locales; simply rm /usr/share/doc/$package and use localepurge to remove
locales you don't need.

--
Roger Leigh
Printing on GNU/Linux? http://gutenprint.sourceforge.net/
Debian GNU/Linux http://www.debian.org/
GPG Public Key: 0x25BFB848. Please sign and encrypt your mail.
.

Follow-Ups:
- Re: Cut down Linux (Debian)
  - From: markp

References:
- Cut down Linux (Debian)
  - From: markp

Prev by Date: Re: Newbie question on Linux.
Next by Date: Re: Cut down Linux (Debian)
Previous by thread: Cut down Linux (Debian)
Next by thread: Re: Cut down Linux (Debian)
Index(es):
- Date
- Thread

Relevant Pages

iptables DNAT --to-destination problem
... --dport xdmcp -j JUSTLOG ... May 6 16:30:37 fwhitnet kernel: eth1: Promiscuous mode enabled. ... The firewall mach the Broadcast and convert it tho one of the ... The sniffer on computer B on eth1 can log the generated packages ...
(comp.os.linux.security)
Re: [opensuse] Hardware req. for server?
... packages - is there an easy way to look it up? ... it really does just two things - firewall and NAT router. ... is an ancient 486DX2 with 24M running suse 7.1. ... but we want to upgrade to a more recent suse version. ...
(SuSE)
Re: Recommendations for firewall packages...
... > Norton product. ... I was wondering if there are other firewall packages ... How do you connect to the Internet, ...
(comp.security.firewalls)
Re: Good distro for firewall?
... > I am currently using Smoothwall for my firewall, but for various reasons, I ... > wish to use a full distro on which to base my firewall. ... I'd suggest compiling your own kernel, with all the stuff you want in, ... every few days to get any packages that have had security fixes. ...
(comp.os.linux.security)
Re: Good distro for firewall?
... > I am currently using Smoothwall for my firewall, but for various reasons, I ... > wish to use a full distro on which to base my firewall. ... I'd suggest compiling your own kernel, with all the stuff you want in, ... every few days to get any packages that have had security fixes. ...
(comp.os.linux.security)