For the record, this works out pretty well if you have a number of box "types" that you use and can adapt. For instance, you could build a firewall box and capture the package list, one for a web server, wiki box, etc...And have a pool of package lists that you can call on or adapt for your building needs.
--b On Sat, Jan 14, 2012 at 8:29 PM, Brad Alexander <stor...@gmail.com> wrote: > In a previous life, I was the Linux Platform Engineer for a company. One > of my first jobs was to strip down CentOS 4 to create appliances. > > One thing I learned is that (as others have said in this thread) it is > much easier to not put it on than to try to remove interlocking > dependencies. Luckily, Debian is much easier to do this with than "install > everything but the kitchen sink" approaches like CentOS. > > Thus, my recommendation would be as follows: > > 1. Do a base install of Debian. During the install, at the Software > Selection screen where it asks what to install, *uncheck everything* -- > except for ssh server, if you want that. This will give you the absolute > minimal install possible. > > 2. After reboot, do an > > aptitude update ; aptitude install squid3 snort openvpn iptables > > This will give you your required packages and nothing else. > > 3. Once you have all the software installed that you need, you should > capture the list > of packages: > > dpkg --get-selections > UTM.pkglist > > 4. For subsequent builds of this particular platform, perform step 1 > above, then after reboot, copy the UTM.pkglist to the new machine and do > the following: > > dpkg --set-selections < UTM.pkglist > apt-get dselect-upgrade > > This should get you the required packages with no extra fat. Just remember > each time you need to add package(s) to update the UTM.pkglist... > > HTH, > --b > > > On Fri, Jan 13, 2012 at 6:26 AM, Bijoy Lobo <bijoy.l...@paladion.net>wrote: > >> Hello Everyone, >> >> I am currently Debian Squeeze for a UTM ( Squid3+Snort+OpenVPN+iptables). >> I would like to strip down the OS for better performance of the UTM. It >> would be acting as a gateway to my network so if there is any software >> within the OS which i can uninstall for better performance would certainly >> help me. >> >> -- >> Thanks and Regards >> Bijoy Lobo >> >> >
