please deactivate services by default!
Dennis Gilmore
dennis at ausil.us
Wed Sep 24 20:34:24 UTC 2008
On Wednesday 24 September 2008 03:13:17 pm Christoph Höger wrote:
> Hi,
>
> I have some services found being activated by default that should be
> removed for the following reasons:
>
> 1. sendmail: starts way too slow, is not usefull for any normal desktop
> user I know. Making it usefull requires configuration so I assume
> wohever uses that service _can_ activate it.
sendmail is useful out of the box. maybe we should evaluate replacing it with
some other option out of the box. we could also maybe look at having firstboot
let you configure who gets roots email. which could be a local just created
user. or we could add to the user creating a checkbox to get roots email.
> 2. ip6tables: I do not know of any provider actually working with ipv6.
> So I assume the mass of all users do not need it.
I run ipv6 at home as do many other people. if ipv6 was disabled by default
maybe it would be ok to disable ip6tables but with ipv6 enabled by default it
should also be protected.
> 3. isdn: isdn requires configuration and thus should be set to start
> when that config is actually done.
probably should be disabled
> 4. setroubleshootd: That service also takes long to boot, but its quite
> usefull. I wonder if one could make auditd start setroubleshootd when
> required - having two daemons working on base of the same informations
> seems not very clever.
would need more input from the folks developing the tools.
> So, now go on and punsh me ;)
its too late for F-10 for these changes but they could be F-11 features. yes
we need to start thinking about them now.
Dennis
More information about the devel
mailing list