Re: Why would I want an LFS system?

To: debian-curiosa@lists.debian.org
Subject: Re: Why would I want an LFS system?
From: Anton Graham <bladehawke@amaesing.com>
Date: Tue, 29 Jan 2002 11:01:39 -0800
Message-id: <[🔎] 20020129190139.GA22183@dagger.bladehawke.darktech.org>
In-reply-to: <[🔎] 1012231630.3c556dceb1777@mail.holanyi.hu>
References: <[🔎] 1012231630.3c556dceb1777@mail.holanyi.hu>

> How much is a minimal Debian distro (able to 'just run Apache webserver')?
> By 'minimalistic' I mean ending up with a running Apache by using standard
> Debian package management tools (dpkg, apt/?/)

The problem here is the overhead introduced by the package software
itself, and the portions of the system that are integral to doing things
"the Debian way".  I think I could probably get a minimal Debian box in
a "reasonable" ammount of disk space -- enough to easily fit on my old
386 with a 40M hd, with *some* room for content.
 
> "We installed a system that was just enough to run the Apache web server; total
> disk space usage was aproximately 8 MB. With further stripping, that can be
> brought down to 5 MB or less. Try that with a generic Debian or Redhat
> distribution."

This is where LFS really shines.  It is ideal for special-purpose (and
single task) boxes.  I have used it for network firewall/routers, build
machines, and FTP servers.  certainly, I could have used a single floppy
distro for the firewall box, but it was a learning experience.  The
build machine was when I used Mandrake, and I tired of the continual
bugs in gcc-2.96 (at one point, gcc segfaulted when encountering an
assignment to an int from an expression containing a float -- even with
explicit casting).  And the FTP servers were a matter of practicality.
I want as little system and as much data space as possible, and *no*
mission critical data on the machine.  The system had no knowledge of
anything on the connected network other than a gateway.

> You don't have to wait for somebody else to provide a new binary package that
> fixes a security hole. Besides, you have no guarantee that the new package
> actually fixes the problem (adequately)."

The point here is not that the distros don't fix the problem -- they do.
It is that, on occasion, there is a significant delay between the
discovery of the problem and fix and the time the fix reaches the user's
desktop.  If you are running a machine that is accessible to others,
that time can cost you dearly.  Yes, it requires a great deal more
work from the admin to stay on top of things, which is why I wouldn't
recommend it for a general use system.  But for a specialized system, in
which you have less than a dozen packages to track, it's not all that
difficult.
 
> PS: don't misunderstand: I find LFS a good project. They just shouldn't claim
> invalid stuff (e.g. about Debian) ;).

Please see the (relatively) recent thread on debianhelp.org regarding
security policies before making such statements.  Security fixes are not
always immediately integrated.  This is (primarily) because the fix
frequently does not reach the masses until it works on all affected
platforms.

-- 
Anton Graham                            GPG ID: 0x18F78541
<bladehawke@amaesing.com>
 
You have all eternity to be cautious in when you're dead.
  -- Lois Platford

Reply to:

References:
- Why would I want an LFS system?
  - From: "Csan \(Ja'nos Hola'nyi\)" <csani@lme.linux.hu>

Prev by Date: Unidentified subject!
Next by Date: Re: Unidentified subject!
Previous by thread: (same length) Re: (long) Re: Why would I want an LFS system?
Next by thread: Re: debian on distrowatch
Index(es):
- Date
- Thread