Mike Dotson wrote: > On Wed, 2009-03-25 at 18:15 -0700, Bart Smaalders wrote: >> Frank Fitch wrote: >> >>> If you want folks to use your tool, you have to make the tool usable. An >>> install tool without the ability to completely customize installs is >>> like a race car without wheels. Sure, it looks real pretty, and may in >>> theory be the best car in the race. But it probably won't win. >> >> Why can such customizations not wait until during first boot? > > lest we forget the telnet worm....
Telnet is enabled in single user mode? If you wait to complete your customizations until first boot, the range of possible operations becomes much larger. You're no longer constrained by whatever binaries are part of the boot image, whatever OS version was used to install your software, etc. The workaround for the telnet worm was to 1) install a patch. In IPS there is no distinction between packaging and patching operations; if there's a fix available in your install repo you'll get it. or 2) disable the telnet service. A SMF profile that disables telnet could be installed, or a script could be run early on to disable the service. It's quite possible to have the capability to run finish scripts in AI; we want these installed on the system and run during boot instead of run after package installation. - Bart -- Bart Smaalders Solaris Kernel Performance barts at cyber.eng.sun.com http://blogs.sun.com/barts "You will contribute more with mercurial than with thunderbird."
