I installed RHEL3 (update 2) per the attached procedure, and the
following unwanted packages were installed:
- wvdial (that's "w v dial" without the spaces)
They're unwanted because the HOSTS automated security test verifies
that the package is not installed. During the RHL8 and 9 installation
I can select and deselect individual packages. I see that RHEL3
doesn't have that option; the Package Group Selection window has a
good number of individual packages listed, but not all of them.
Is there a way to de-select these during OS install?
I realize I can use the following, but was hoping for a solution
during OS install:
- run "rpm -e" to erase the package, or
- setup a ks.cfg file with "-" and package name listed
("redhat-config-packages" doesn't list these packages, so I can't
remove them using the "Add or Remove Packages" GUI.
I also wonder if the following packages are a bit of a security risk,
and should be removed:
elfutils, elfutils-libelf, gettext, jpackage-utils, jwhois, netdump
This is overcome in two ways:
1. Its documented in the install guide that these packages must not be
installed, along with instructions on how to.
2. We ship a kickstart file with those packages removed as a convince
for the end user. By using that kickstart all the necessary packages
will be installed and the ones not needed won't be.
This was the accepted procedure that DISA agreed to on RHEL 2.1
I'm using this as tracking bug, for a reminder to generate a "proper"
kickstart file. I'll run the removed packages by JPL for a sanity
check prior to shipping in RHN.