How clean is a clean install?

emmanuel

Verified User
Joined
Mar 26, 2007
Messages
92
I'm setting a CentOS 5 server for directadmin install. The installation instructions is rather vague, perhaps only because I'm such a newbie, about clean install. My first attempt at browsing through the install tree and unselecting services did not turn out quite well. Somehow exim got installed despite my best effort at removing sendmail and such.

I'm concerned that if I deselect everything during CentOS install, apart from the stated xinetd, named/bind and gcc/gcc+, the DA folks might not even be able to get into the server :p

Is there a more comprehensive list of what exactly are essential for DA staff to do the installation before I go yank out everything I don't recognize during installation? i.e. telnet? rsh? ssh?

Would it be a problem if I install Xen and whatever is needed for virtualization in case I want to use it later?

Thanks.
 

nobaloney

NoBaloney Internet Svcs - In Memoriam †
Joined
Jun 16, 2003
Messages
26,119
Location
California
How clean is a clean install?
Very.

First we select a Server Install.

Then we install editors (we edit this to only install the joe editor because I liked WordStar, I liked Turbo Pascal, and I like joe.

We install the DNS nameserver but we edit it to only install BIND; we don't install the caching nameserver or the chrooted nameserver. Because DA works better without the latter, and the Internet works better without the former.

We also install the PostGreSQL package, so in case anyone asks for it, it's already there.

That's all we install.

We turn off SELinux; if you leave it on be sure to set it to warn only.

We turn on the firewall, but check to allow everything, and then later, after DA is installed, we install the KISS firewall (check these forums for more information).

And we have no trouble shelling in to our server or finishing the install.
Would it be a problem if I install Xen and whatever is needed for virtualization in case I want to use it later?
Nope, as long as you keep it up to date in case any vulnerabilities are ever discovered.

Jeff
 

emmanuel

Verified User
Joined
Mar 26, 2007
Messages
92
Very.

First we select a Server Install.

Then we install editors (we edit this to only install the joe editor because I liked WordStar, I liked Turbo Pascal, and I like joe.

We install the DNS nameserver but we edit it to only install BIND; we don't install the caching nameserver or the chrooted nameserver. Because DA works better without the latter, and the Internet works better without the former.

We also install the PostGreSQL package, so in case anyone asks for it, it's already there.

That's all we install.

We turn off SELinux; if you leave it on be sure to set it to warn only.

We turn on the firewall, but check to allow everything, and then later, after DA is installed, we install the KISS firewall (check these forums for more information).
Ok so I should just uncheck everything except the default "Server" selection in CentOS installation then add joe, named/bind, xinetd, gcc/gcc+ for DA staff to install DA?

Just trying to make sure that I won't get a message later that's the moral equivalent of "This idiot forgot to leave us a way to get into the server!" :eek:
 

nobaloney

NoBaloney Internet Svcs - In Memoriam †
Joined
Jun 16, 2003
Messages
26,119
Location
California
I forgot to write that we can safely delete all the included systems under server install. At least that's been my experience. All the really important stuff is included by RedHat/CentOS/Whitebox by default.

Jeff
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,308
I choose custom install and then customize the packages and choose only the base packages.
 

gate2vn

Verified User
Joined
Nov 9, 2004
Messages
298
we usually install with minimal setting, then install g++, gcc-c++. DA can be installed from that point
 
Top