Re: red worm amusement
On Sun, Jul 22, 2001 at 02:50:14AM -0400, Steven Barker wrote:
> On Sat, Jul 21, 2001 at 08:51:23PM -0700, Jacob Meuser wrote:
>
> <snip>
>
> > No, I'm simply saying not to start services immediately.
>
> <snip>
...
>
> I think that there should be a way to install a debian server packages
> without having the installation scripts start the server. This need not be
> default, but it should be possible.
>
> I'm sure there are many ways this could work. Perhaps:
>
> root@foobar:/etc# apt-get install --no-run apache
>
> would download, install and configure apache, but not run it. When the
> sysadmin was satisfied with the configureation files, etc, then update-rc.d
> and such could be run by hand (or by another call to apt-get/dpkg with
> another flag).
>
> This would have to be both a policy change and a technical change in apt
> and/or dpkg. I think it would be a good compromise between security and the
> simplicity of apt-get install foo.
>
But that doesn't change the default. If you do something like this,
you should add an option "apt-get --run install foo"
Personally, I think there should either be a /etc/do-not-start/<package> dir that
packages' init scripts check for non-existance before starting, or a
commented entry in the config file that the init script checks for
non-existance before starting...
Mike
Reply to: