On Fri, Jul 11, 2008 at 09:21:46PM -0700, David Barrett <dbarrett@quinthar.com> was heard to say:
Mumia W.. wrote:
On 07/11/2008 07:26 PM, David Barrett wrote:
Is there any way to "apt-get install ssh" without having it
automatically start sshd? Same for "lighttpd".
Basically, I'm making great progress in my bootable QEMU image script:
I don't know of a way, but you can firewall-off the ssh port before you
install, and you can configure ssh to not start by running update-rc.d.
Ug. That's unfortunate. My primary reason for not wanting it to start
is actually for a different reason than security: I don't know a general
way to determine which packages start up processes that need stopping,
nor how to stop them.
Essentially, I'm writing a script to generate ready-to-deploy bootable
qemu images, One of the inputs of the script is a list of packages to
install. This works fantastic, with the key exception that some of
those packages (ssh and lighttpd, specifically) start up running
processes. These processes need to be stopped before I can dismount the
raw image and zip it up for instant future deployment.
I've never used it myself, but I believe that invoke-rc.d was supposed
to solve this sort of problem. (I don't know much more than that, but
it looks like the manpage might have pointers)