From ff93306010900d02872ee71ee216165bfb5bd9eb Mon Sep 17 00:00:00 2001 From: Christoph Wickert Date: Sat, 7 May 2011 14:02:42 +0200 Subject: [PATCH] Security: Final fixes for F15 --- fedora-livecd-security.ks | 76 ++++++++++++++++++++++++++------------- 1 file changed, 51 insertions(+), 25 deletions(-) diff --git a/fedora-livecd-security.ks b/fedora-livecd-security.ks index 0b46ba9..f839e1f 100644 --- a/fedora-livecd-security.ks +++ b/fedora-livecd-security.ks @@ -22,39 +22,61 @@ %include fedora-live-minimization.ks %packages -#GUI Stuff +### LXDE desktop @lxde-desktop lxlauncher obconf lxdm -xarchiver -gnome-bluetooth -alsa-plugins-pulseaudio -system-config-printer -#gmixer -pavucontrol -lxmusic -asunder -hal-storage-addon -xcompmgr -xdg-user-dirs-gtk -perl-File-MimeInfo -gnome-keyring-pam -gnome-packagekit* --kpackagekit --polkit-gnome --polkit-kde -notification-daemon --xfce4-notifyd -metacity -gigolo - -# internet +### internet firefox +icedtea-web midori claws-mail +### audio & video +alsa-plugins-pulseaudio +asunder +lxmusic +pavucontrol + +### system +gigolo + +### more desktop stuff +fedora-icon-theme +adwaita-cursor-theme +adwaita-gtk2-theme +adwaita-gtk3-theme + +# pam-fprint causes a segfault in LXDM when enabled +-fprintd-pam + +# needed for automatic unlocking of keyring (#643435) +gnome-keyring-pam + +gnome-bluetooth +hal-storage-addon + +# needed for xdg-open to support LXDE +perl-File-MimeInfo + +xdg-user-dirs-gtk + +gnome-packagekit* +-kpackagekit + +# LXDE has lxpolkit. Make sure no other authentication agents end up in the spin. +-polkit-gnome +-polkit-kde + +# make sure xfce4-notifyd is not pulled in +notification-daemon +-xfce4-notifyd + +# make sure xfwm4 is not pulled in for firstboot +# https://bugzilla.redhat.com/show_bug.cgi?id=643416 +metacity # Command line cnetworkmanager @@ -83,10 +105,14 @@ yum-presto -sendmail ssmtp -acpid + +# drop some system-config things -system-config-boot +#-system-config-language -system-config-lvm -system-config-network -system-config-rootpassword +#-system-config-services -policycoreutils-gui # Useful tools @@ -311,7 +337,7 @@ cat >> /etc/rc.d/init.d/livesys << EOF cat > /etc/xdg/lxsession/LXDE/autostart << FOE /usr/libexec/gam_server @lxpanel --profile LXDE -@pcmanfm --desktop --profile lxde +@pcmanfm --desktop --profile LXDE @pulseaudio -D FOE