To: debian-security@lists.debian.org
Subject: Re: [OT] secure, minimal Debian installation for linux-based thin clients?
Date: Sun, 20 Oct 2002 11:38:25 +0200
From: Karl Hammar (karl@kalle.csb.ki.se)

>> Towards the end of the Debian installation process, when you're asked
>> whether you want to run tasksel or dselect, you can choose dselect
>> and exit it before installing any packages. If you do that, you're
>> left with a really minimal install. You might be able to base your
>> work on this.
>
> since this is the way I usually work and I've tried to build a debian
> based thin client myself.....I can say that woody base contains a lot
> of packages which you really don't want/need on a thin client.
>
> Ivo van Dongen

One way to do it is to have:

# ls -l
total 56
...
drwxr-xr-x 19 root root 4096 Oct 20 11:08 deb
...
lrwxrwxrwx 1 root root 33 Nov 30 2001 e2fs_stage1_5 -> ../grub-0.90/stage2/e2fs_stage1_5
lrwxrwxrwx 1 root root 22 Nov 30 2001 grub -> ../grub-0.90/grub/grub
-rw-r--r-- 1 root root 502 Oct 20 11:32 mkdisk
...
drwxr-xr-x 6 root root 4096 Nov 28 2001 add
-rw-r--r-- 1 root root 2491 Oct 20 11:23 pkg.list
drwxr-xr-x 19 root root 4096 Dec 4 2001 slim
lrwxrwxrwx 1 root root 26 Nov 30 2001 stage1 -> ../grub
-0.90/stage1/stage1
lrwxrwxrwx 1 root root 26 Nov 30 2001 stage2 -> ../grub-0.90/stage2/stage2
-rwxr-xr-x 1 root root 573 Oct 20 11:11 trimming
...
-rwxr-xr-x 1 root root 800 Oct 20 11:17 updhostname

where "deb" is a minimal install of debian:

# chroot deb dpkg --get-selections > pkg.list

"add" is whatever custom things you want to add and "slim" is a generated trimmed down root of the thin clients.

# du -s deb add slim
99304 deb
4352 add
42092 slim

you generate slim with trimming, and customize it to a specific client with updhostname, and write to disk with mkdisk. Later you can update the clients with mirrordir (found with apt-get install
mirrordir).

Regards,
/Karl

-----------------------------------------------------------------------
Karl Hammar Asp? Data (karl@kalle.csb.ki.se)
Lilla Asp? 2340 +46 173 140 57 Networks
S-742 94 ?sthammar +46 18 26 09 00 Computers
Sweden +46 10 270 26 67 Consulting
-----------------------------------------------------------------------

[The four files originally attached to the above e-mail can be found in archive file thin-client-attachments.tar.gz .]