Removing dependencies after installing from tarball
23 views
Skip to first unread message
Scott Wozny
Jun 15, 2020, 3:47:17 PM6/15/20
to ossec-list
Per the installation manual on the website, on a CentOS 7 minimal machine, I installed needed dependencies with: yum install make gcc zlib-devel pcre2-devel sqlite-devel openssl-devel libevent-devel (actually the suggested command is "yum install zlib-devel pcre2-devel make gcc zlib-devel pcre2-devel sqlite-devel openssl-devel libevent-devel" which includes zlib-devel and pcre2-devel twice; no harm to it, but if anyone who maintains the website sees this, it should probably be corrected). This installed each of the requested packages (except make, which I assume came with the base install) and their variety of dependencies. Then, I pulled down the tarball, expanded it and ran ./install.sh. Everything seemed to go well.
What I'm curious about, now, is which (if any) of the packages I installed for dependencies to do the install from source are needed for ongoing operation? Particularly, I don't really want to leave compilers on all my production servers (since the agent will be on all production servers, cloned from this original machine) but I, more generally, have an aversion to having to maintain software I don't use, if I can help it. So how much of the dependency software do I need to leave and how much can I remove before making these clones into what I need them to be?
Any suggestions would be appreciated.
Thanks,
Scott
dan (ddp)
Jun 17, 2020, 8:31:44 AM6/17/20
to ossec...@googlegroups.com
On Mon, Jun 15, 2020 at 3:47 PM Scott Wozny <saw...@gmail.com> wrote:
>
> Per the installation manual on the website, on a CentOS 7 minimal machine, I installed needed dependencies with: yum install make gcc zlib-devel pcre2-devel sqlite-devel openssl-devel libevent-devel (actually the suggested command is "yum install zlib-devel pcre2-devel make gcc zlib-devel pcre2-devel sqlite-devel openssl-devel libevent-devel" which includes zlib-devel and pcre2-devel twice; no harm to it, but if anyone who maintains the website sees this, it should probably be corrected). This installed each of the requested packages (except make, which I assume came with the base install) and their variety of dependencies. Then, I pulled down the tarball, expanded it and ran ./install.sh. Everything seemed to go well.
>
Pull request 303 opened for the duplicated info
>
> Per the installation manual on the website, on a CentOS 7 minimal machine, I installed needed dependencies with: yum install make gcc zlib-devel pcre2-devel sqlite-devel openssl-devel libevent-devel (actually the suggested command is "yum install zlib-devel pcre2-devel make gcc zlib-devel pcre2-devel sqlite-devel openssl-devel libevent-devel" which includes zlib-devel and pcre2-devel twice; no harm to it, but if anyone who maintains the website sees this, it should probably be corrected). This installed each of the requested packages (except make, which I assume came with the base install) and their variety of dependencies. Then, I pulled down the tarball, expanded it and ran ./install.sh. Everything seemed to go well.
>
(https://github.com/ossec/ossec-docs/pull/303). Thanks for the report!
> What I'm curious about, now, is which (if any) of the packages I installed for dependencies to do the install from source are needed for ongoing operation? Particularly, I don't really want to leave compilers on all my production servers (since the agent will be on all production servers, cloned from this original machine) but I, more generally, have an aversion to having to maintain software I don't use, if I can help it. So how much of the dependency software do I need to leave and how much can I remove before making these clones into what I need them to be?
>
uninstalled. gcc and make definitely.
> Any suggestions would be appreciated.
>
> Thanks,
>
> Scott
>
>
> ---
> You received this message because you are subscribed to the Google Groups "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/72df66bb-d2c0-483c-b8b0-737eef10cf9ao%40googlegroups.com.
Scott Wozny
Jun 17, 2020, 1:47:28 PM6/17/20
to ossec...@googlegroups.com
Make came on the base OS, so I'm not inclined to remove that. It's mostly the compiler I want gone. I'll do a deeper dig into the other dependencies to see if I can see some obvious ongoing operational reasons to keep the -devel packages around as most of the time I already had the regular operational non-devel version which (I believe) should be sufficient to run the system on an ongoing basis. I'll do some testing and report results back here.
Thanks,
Scott
To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/CAMyQvMp01iHHFsZYHzy%2BTOxqnS4w%2BGN1Of2-GvzzM7VBBBHw5A%40mail.gmail.com.
Scott Wozny
Jun 17, 2020, 7:49:11 PM6/17/20
to ossec...@googlegroups.com
OK, so that base OS came with zlib, sqlite, openssl and make.
As described in the tarball install guidance, I ran a: sudo yum install make gcc zlib-devel pcre2-devel sqlite-devel openssl-devel libevent-devel
After the install from the tarball, I removed gcc (and the dependencies that came with it: cpp, glibc-devel, glibc-headers, kernel-headers, libmpc and mpfr), zlib-devel, sqlite-devel, openssl-devel (and dependencies that came with it: keyutils-libs-devel, krb5-devel, libcom_err-devel, libkadm5, libselinux-devel, libsepol-devel, libverto-devel and pcre-devel) pcre2-devel (which came with gcc and it's baggage that I'm removing but ALSO came with pcre2, pcre2-utf16 and pcre2-32 that I'm intending to leave behind which I assume will be needed for ongoing running of ossec, but is that assumption correct?) and libevent-devel which came with libevent that I'll also leave behind for the same reason as the pcre2 packages (for similar reasons, is that assumption correct?).
No weird errors showed up in ossec.log and things have behaved well, so far. I'll let it bake for a couple days but, to my uneducated eye, it looks OK.
Is there anything I've done here that you think I may regret later?
Thanks,
Scott
As described in the tarball install guidance, I ran a: sudo yum install make gcc zlib-devel pcre2-devel sqlite-devel openssl-devel libevent-devel
After the install from the tarball, I removed gcc (and the dependencies that came with it: cpp, glibc-devel, glibc-headers, kernel-headers, libmpc and mpfr), zlib-devel, sqlite-devel, openssl-devel (and dependencies that came with it: keyutils-libs-devel, krb5-devel, libcom_err-devel, libkadm5, libselinux-devel, libsepol-devel, libverto-devel and pcre-devel) pcre2-devel (which came with gcc and it's baggage that I'm removing but ALSO came with pcre2, pcre2-utf16 and pcre2-32 that I'm intending to leave behind which I assume will be needed for ongoing running of ossec, but is that assumption correct?) and libevent-devel which came with libevent that I'll also leave behind for the same reason as the pcre2 packages (for similar reasons, is that assumption correct?).
No weird errors showed up in ossec.log and things have behaved well, so far. I'll let it bake for a couple days but, to my uneducated eye, it looks OK.
Is there anything I've done here that you think I may regret later?
Thanks,
Scott
Reply all
Reply to author
Forward
0 new messages