2012/3/23 Thierry Vignaud <[email protected]>: > On 23 March 2012 17:00, Maarten Vanraes <[email protected]> wrote: >> thanks for the explanations, i really appreciate this, it seems logical, >> somehow, except maybe what i'm coming back to: >> >> mageia-gfxboot-theme is pulled by installer? how does that work? >> >> is this really required? or is this something that's somehow done in the >> graphic installer? >> >> i mean, i didn't select graphic grub, i chose text-grub specifically. and >> somehow during the choosePackages step, the mageia-gfxboot-theme is >> automatically selected... >> >> this is the packages that's adding via extra dep and suggests, most of the >> stuff... >> >> where can i find the code that is responsible for this, so i can try and fix >> it? > > we preselect it here so that it got installed early: > http://svnweb.mageia.org/soft/drakx/trunk/perl-install/install/any.pm?revision=3532&view=markup > > because else it'll be automatically pulled later, adding a one package (or > more) > wait later: > http://svnweb.mageia.org/soft/drakx/trunk/perl-install/bootloader.pm?revision=3581&view=markup > > just look mageia-gfxboot-theme > > Of course, that's OK for 99% of our users but for those manually > selecting text lilo. > That's a trade off: enforcing waiting for packages installation after all > the other package installation so that a couple users can not have > the bootsplash installed and select lilo or having a couple users > unhappy > BWe could not preselect > >> about firewall, perhaps it's possible to just include iptables, but set >> policy >> on DROP incoming? shorewall seems a bit over the top... > > we configure shorewall, not iptables. > >> but, if summary isn't completed, you can't boot into it, wrt bootloader? so >> firewall seems useless for that...? what is the rationale behind this? > > In the old days we let poeple choose the security level early then we > automatically install & set up the firewall accordingly. > Later the security choice was moved to the summary and security level > number was reduced from to 3 (see msec or security::level) > But since the default security level is 1 ("standard"), we automatically > install the firewall anyway. > For years.
Yes and it has bothered me for years. Why not wait for the summary and install the firewall after the summary? Is there a security level without firewall? Name it "0" and add "This is not recommended for a standard installation." Same with glx-boot and plymouth, etc. Users will get used pretty fast to a new installation procedure where more packages are installed after the summary - last time I read this sentence "users will get used to it" when the move of X to tty1 was discussed - then this "having to get used to" was no problem. Why should it be one here? -- wobo
