|
FreeBSD General Other questions regarding FreeBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
XFCE on a production Web-Server?
Hello again!
I got another problem .. I'm HOOK. I learned so many BSD commands that I like command-line mode and fear that I might mess things up by installing X-Windows because this is my "MAIN" "practice install" that will go into production someday with the claim of being a very secure system running some great web services, namely Apache, MySql and other needed light-weight web applications. It may be only one of the millions of lonely servers out there but it would make me feel sooooooo good inside that my claim is true. I realize that it's not hard to make FreeBSD un-secure by running or even having the wrong applications on it. My question is, is it common place to install XFCE on a production web-server but never use it while in production because all services will be jailed tight anyway? Are there others? Are there any security issues by installing these applications? Will it slow the machine down while in production even if XFCE is turn-off? I think by including a small Windows-Manager I can get to things quicker and test things at any time than shut it off, put it back in production like nothing never happen. Is this the way it is done? Or does it still have an effect on speed and security even while off? Also, what are the most recommended programs to be installed based on running as a production web-server? I don't mean to burn up the FORUM by posting every other day but things are about to get hot and I don't want to screw up my most important image of FreeBSD-64. I hope some people will address a few of these question if not all. Thanks again in advance This is what got me going. http://freebsd-custom.wikidot.com/start |
|
||||
Full disclosure: my first thought at seeing this thread title was, "Are you kidding?".
If X/Xfce are not running they will waste nothing but disk space; +/- resources used to keep them up to date. You can tell better than anyone on the forum, whether or not that waste is an issue for you. If an attacker is able to gain sufficient access that they can start the X server and gain an Xfce session, you've already lost part of the battle. Similar arguments hold for having development tools installed (gcc, autotools, perl, python, ruby, ...) You sound like you don't need Xfce to manage your system, so I'm not sure what your interest is in it, based on what you've written anyway. You can always remove Xfce later if needed; such as using it as a temporary workstation during testing and later moving it out as a dedicated server. I would not recommend running Xfce while the machine is deployed and under a serious load. To the rest (e.g. apps), all I can say without quoting Frodo Baggins, is specifics matter.
__________________
My Journal Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''. |
|
||||
Thanks TerryP, The great thing about googling and a forum is n00b's hear it from people of experence. For the average, we only pick-up/get the bits and pieces in the class room. After 3:00PM the teacher beat us out the door. It take years to finally experience what we learn by being on the job that require you to have 20 years experience with 12 years of school (programming in 20 lang). Do a INTERNET job search these days and you see what I mean. It's insane and all for less than 6-figures in the U.S. since 1989! I read here that you was raise or "LIVE" around computers for most of your life. It might be second nature to you but your words are pure gold to me and others like me. Thanks putting up with this n00b of n00b's.
Quote:
Quote:
Quote:
Quote:
I never thought of this until now: All I got to do it hit the switch to run a script that will swap rc.conf and loader.conf and/or loader.rc . It be like having two FreeBSD's build into one .. WoW Behind some serious set-up I think this is the way to do it with ease .. |
|
|||
Quote:
Last edited by sharris; 21st August 2010 at 06:44 PM. |
|
||||
For coding, (n)vi is the best editor in the FreeBSD base system IMHO, but it isn't for everyone. I use vim.
I would suggest taking a look at 'mg', it's a very simple (and small) emacs style editor. OpenBSD wrote it, and includes it along side nvi in much the same way FreeBSD has ee - you can install editors/mg from FreeBSD ports. Others to look at include nano, pico, uemacs, and jove. All can be found in ports and are easy to use. Jove is the most complex, as it's closer to GNU Emacs and XEmacs. Which are also usable from a terminal.
__________________
My Journal Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''. |
|
|||
Almost.
The OpenBSD project now maintains mg(1), but it did not originate there. From the README: Code:
Mg (mg) is a Public Domain EMACS style editor. It is "broadly" compatible with GNU Emacs, the latest creation of Richard M. Stallman, Chief GNUisance and inventor of Emacs. GNU Emacs (and other portions of GNU as they are released) are essentially free, (there are handling charges for obtaining it) and so is Mg. You may never have to learn another editor. (But probably will, at least long enough to port Mg...) Mg was formerly named MicroGnuEmacs, the name change was done at the request of Richard Stallman.
|
|
||||
Quote:
Wow. |
|
|||
Everyone has their own editor preference, there is a reason why OpenBSD includes both a vi implementation and a minimal emacs clone.
Some of the other developers started the theo.c file just because of some of the funny & clever things he says sometimes, on the lists and in private. |
|
||||
Ahh, sorry; thoguht it was a from-scratcher. Guess it is possible to shrink something down to size after all, hehehe.
__________________
My Journal Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''. |
|
|||
I decided to go ahead and install XFCE4 to use Mousepad so i can write scripts and programs quicker. I ran into something kind of strange. Since reading nearly everywhere I go, they say "you can remove the entire local folder if nothing is in it but X11 and XFCE4 and you would actually be removed everything system related for it except what you wrote in rc.conf". I just found out it's only a roomer.
This is what I did: I copied the /usr/local to a flash drive yesterday. This morning I made 5 shortcuts on the desktop,(Application Finder, Mousepad, Thunbar etc). Just a few hours ago I deleted the entire /usr/local than rebooted "for clean memory" since I knew I had a back-up. After rebooting, I typed "pkg_add" on the command-line and it showed all the files that I installed in the /usr/local and the files are not even on the machine. So, I pop in my flash drive and I put the /usr/local directory back on the machine. I typed startxfce4 on the command-line. Would you believe all 5 shortcut were in place with the same font setting that I had changed far difference that what I saved yesterday. This proves that all files was not installed in /usr/local and I used "pkg_add -L a", which gives you the FullPathName of all files, so all needed information was not given by the system it seems. Glad I did this. I like knowing where everything is. Do anyone know where is FreeBSD keeping these setting? The FreeBSD documentation says nothing about this, including X11 and XFCE4. I think I'm going to try Emacs. I always wanted to try it but didn't know how to install anything that seem too technical. Now that I installed XFCE ... the third INSTALL gave me the minimize button in the title-bar ALL because of the order of INSTALL, now I'm ready to try them ALL http://freebsd-custom.wikidot.com/start The trick was to install one set at a time .. X11 than XFCE instead of checking everything at one time during pkg_add. I got the clue from here but I lost the original page that said "Order is Important". http://www.xfce.org/documentation/4.2/manuals/xfdesktop |
|
|||
I guest you live and you learn... I change the name of a file with the word terminal in /var/log and when I went back to XFCE the terminal was white and had no menu but it still worked. But I still can't find what holds the pkg_add entries. Here's a few other files I found. Now I see ... Programs use var and tmp so there no reason to document it.
Code:
/tmp/fam-root empty folder /var/log/ConsoleKit empty folder /var/log/Xorg.0.log log file /var/log/cups empty folder /var/tmp/.xfsm-ICE-SQA9HV txt file > remove protoname=ICE protodata etc, etc /var/tmp/dbus-3LmXfGNHtA srwxrwxrwx 0byte 11 files of same type /var/tmp/cache hald dir with running exec - cups dir empty |
|
||||
pkg_add and company uses the files in /var/db/pkg. Opening the files in the relavent sub directory will usually turn up most things. If you use portupgrade, you will also have a database file in BDB format, named something like pkgdb.db.
Could you be a little more specific about what you are looking far? :-).
__________________
My Journal Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
HOWTO: Lightest XFCE - Making XFCE lighter and faster | vermaden | Guides | 27 | 2nd September 2010 12:24 PM |
FreeBSD ZFS considered production ready in FreeBSD 8 | aleunix | News | 1 | 24th November 2009 04:11 PM |
consider OpenVPN production-grade solution? | nimnod | Off-Topic | 1 | 26th March 2009 12:22 AM |
xfce | darken | FreeBSD Ports and Packages | 4 | 31st July 2008 05:28 PM |
production server upkeep question | goku | FreeBSD Installation and Upgrading | 3 | 10th June 2008 02:37 AM |