-3

After running rpm -qa | less there was a result of 234 installed packages. From my experiences with default installations, there are usually applications installed that are not required by the system. How do I install CentOS 6 with the minimum amount of packages so that I can install only what is needed by my system?

Aaron Copley
  • 12,525
  • 5
  • 47
  • 68
N0M3
  • 115
  • 1
  • 6

3 Answers3

1

Your question is a hot mess but keying in on this sentence;

I would like to start with a bare system and build from there.

It looks like you should start with the CentOS Minimal image.

Minimal Install Images

The absolute bare minimum no-frills install media for CentOS. For experienced users who don’t need or want anything extra for their install. More Information »

From: http://www.centos.org/download/

Aaron Copley
  • 12,525
  • 5
  • 47
  • 68
  • I'm on a `virtual server` with the above list installed by default. I should have mentioned that earlier. Is there a way to reinstall a minimal install on a virtual server? – N0M3 Apr 29 '14 at 14:01
  • If you do not have physical access to the host you'll need the provider to do this for you. Honestly though, 234 packages sounds like they started from minimal. – Aaron Copley Apr 29 '14 at 14:04
1

If you're worried about security there are more pressing matters than the packages you have installed.

If you've set up your server in a secure manner, not only should nobody have unauthorized access to your binaries, but even if they did, they shouldn't be able to use them to manipulate or read data in areas of the system that they aren't allowed.

If you want to have a good crack at securing your server and learn a bit about ways that your system could possibly be broken into or exploited, I recommend reading the below guides.

Even though these guides are intended for RHEL, and are somewhat outdated, they are still quite good and the instructions are still valid.

Vasili Syrakis
  • 4,558
  • 3
  • 22
  • 30
  • 1
    The [CIS Benchmarks](https://benchmarks.cisecurity.org/downloads/browse/index.cfm?category=benchmarks.os.linux.centos) are a great resource and are much more current. – Aaron Copley Apr 29 '14 at 14:07
  • `Guide to the Secure Configuration of Red Hat Enterprise Linux 5` - "1.1.2 Minimize Software to Minimize Vulnerability", this is exactly what I am trying to achieve! It says it right in the `Introduction` seems to me it is more pressing than not! – N0M3 Apr 29 '14 at 14:12
  • It really depends. You are using your server as a webhost with Apache and PHP. As long as packages related to Apache are secure, and firewall access is appropriately restricted, there is not a lot more to worry about when it comes to packages themselves. – Vasili Syrakis Apr 29 '14 at 14:16
  • I understand, If I was using it in an office environment than I would be able to install the `Minimal Install Images`. Since it is just being used as a hosting environment controlling access with the iptables is adequate. Thanks for the insight. – N0M3 Apr 29 '14 at 14:27
  • Minimize software, yes. But what you are looking at in RHEL/CentOS world is the `@core` package set vs. `@base`. And it's important to know that `@base` is the minimal supported configuration, and `@core` is the minimally functional configuration. The reason for it is the number of commands that are universally expected to work on a host. Do you want to try to function without `nslookup` for example? – Aaron Copley Apr 29 '14 at 21:45
0

Don´t worry about unnecessary packages. CentOS installs only the required packages that it needs. It may seem that 234 packages are a lot but indeed they are not.

The only thing that you could remove are the language packages you won´t be using but I think that CentOS only installs one language (English) by default.

So don´t worry about that, just keep learning and enjoy ;)

Trinue
  • 116
  • 3