On Mon, Nov 16, 2015 at 08:39:24PM -0500, Stephen Gallagher wrote:
1) Reduce disk space usage. While disk space on physical devices is
becoming trivially cheap, disk space on Cloud deployments and rented
virtual servers is still comparatively very expensive. We really want
to minimize the amount of space that we use for Fedora so that users
can fit their applications (the stuff they actually care about) into
the remaining space without being forced to buy a larger storage
allotment.
I want to add to this that smaller image size _also_ means less network
traffic and faster deployment time, which I also hear from people as an
importand factor.
* Limiting security exposure. Every package on the system is
another
potential privilege-escalation point. Keeping this number under
control means a reduced likelihood of a catastrophic breach. (The
actual risk here is impossible to quantify, but it can be assumed
that less code == less potential vulnerabilities.
And to this: in the large institutions that I've been a part of,
protesting that known vulnerabilities in code that isn't run because
the daemon is off, or because there's a firewall, or whatever, gets you
nowhere with the compliance people.
* The largest individual package in both deployments is the
glibc-common package. This is primarily due to the 106MiB
locale-archive. I'd really like to hear from glibc folks if there is
something we can do to break this up into smaller pieces contained in
different sub-packages with Suggests: dependencies.
Yes, there's work on this.
https://fedoraproject.org/wiki/Changes/Glibc_locale_subpackaging
--
Matthew Miller
<mattdm(a)fedoraproject.org>
Fedora Project Leader