LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Ubuntu
User Name
Password
Ubuntu This forum is for the discussion of Ubuntu Linux.

Notices



Reply
 
Search this Thread
Old 03-29-2009, 12:08 PM   #61
DarkFlame
Member
 
Registered: Nov 2008
Location: San Antonio, TX, USA
Distribution: Ubuntu Server 8.10 & SAMBA 3.2.3
Posts: 158
Blog Entries: 1

Rep: Reputation: 30

Quote:
Originally Posted by jjad View Post
In what form is gui a security risk? is it because it has extra services, or is it because the gui invirement?
My take, purely from a logical standpoint and NOT from an experience standpoint is that the short answer is "both."

A "hardened" server has all the unnecessary services (for the server to do it's job, not necessarily to assist us in doing our admin jobs) removed. This allows the server to run more efficiently without spending nanoseconds performing services that are not necessary for it's own functioning, and removing services that might allow others to login or to break the login security. And, from a purely security standpoint, having no gui makes it a lot more difficult for someone to poke around in the operating system. Having a gui means there are icons visible and clickable whereas having no gui would make it where they'd not only have to know the commands to access those same functions, but also the proper options and syntax thereof - even (& especially) if they broke the admin UID & PW (they'd have to know Linux commands)!

I have a Ubuntu 8.10 server running at home. It is not necessarily hardened, but it's got no keyboard or mouse or monitor connected, and no gui. I'm accessing all management functions via PuTTy from my XP Pro desktop. This is not just for security and efficiency purposes, but because I just don't want to have to have space for another keyboard or monitor or mouse. Further, I'm looking to move the server out of our office and put it in another location, locked up with nothing but a UPS and a fan, somewhere that it can vent without heating up the room or house. At this moment, having the 5 HDDs in it requires a hefty (& loud) fan to keep it cool, and it makes our little office (3 workstations, 1 server, router, dsl modem, all-in-1 printer, TV, laptop, and various cell phone and pocket-pc equipment) about 10 degrees warmer than the rest of the house. Adding another monitor (all the others are LCD flat screens but I only have a CRT left for the server if I were going to connect one) would only make it that much warmer.

Like pljvaldez said, a home server (which ours happens to be) might be easier to admin and control with a GUI & monitor/kybd/mouse, and the only security would be to protect yourself (& your family) from yourself (& your family). And, your only concerns are your own.

However, in a professional environment, you would definitely want a professional installation, which means hardening the server as much as possible and making it as secure and reliable as possible. Your only concerns in this situation are to protect your employer/client not only from themselves, but from any possible disaster (testing any or complete disaster recovery is only acceptable BEFORE a disaster strikes, never during - & "disaster" is any breach of security, loss of data, or data leak).

On a home server, you're only liable to yourself. On a professional installation, you (the installer/admin) are liable for all of it, including your employer's/client's loss of productivity due to disasters for which you failed to provide quick and complete recovery plans, methods, and procedures.

I'm sure others will have more direct and to-the-point answers, but that was how I logically figured I'd address the question which I have asked myself at home and would ask myself in a professional environment - even if I was hiring someone else to create the infrastructure.

Last edited by DarkFlame; 03-29-2009 at 12:10 PM.
 
Old 10-19-2009, 03:57 PM   #62
Martin2009
LQ Newbie
 
Registered: Oct 2009
Location: Canada
Distribution: Ubuntu, Fedora,SuSE (Novell)
Posts: 2

Rep: Reputation: 0
isn't it ?
Code:
sudo get-apt install gnome-desktop
On my server it works...
 
Old 12-17-2009, 07:49 AM   #63
gottymann
LQ Newbie
 
Registered: Dec 2009
Posts: 2

Rep: Reputation: 0
installing xfce on ubuntu 9.10

installed Ubuntu 9.10 on my computer but it is very slow and i don't feel like working on the same computer. Now i don't want to uninstall Ubuntu. But as i am not currently planning to upgrade my computer as i will be buying a new PC later i
 
Old 12-18-2009, 03:45 PM   #64
DarkFlame
Member
 
Registered: Nov 2008
Location: San Antonio, TX, USA
Distribution: Ubuntu Server 8.10 & SAMBA 3.2.3
Posts: 158
Blog Entries: 1

Rep: Reputation: 30
I can only imagine that if Ubuntu 9.10 is slow, then Windoze would be even SLOWER. So, GottyMann, are you seeking guidance or just complaining? What was your purpose for the computer originally? - workstation? server? other?
 
Old 11-29-2010, 10:01 AM   #65
adam8797
LQ Newbie
 
Registered: Dec 2009
Posts: 3

Rep: Reputation: 0
Sorry for waking an old thread...

but for all the googlers and readers out there the answer is very simple,

Code:
sudo apt-get update
then

Code:
sudo apt-get install ubuntu-desktop
that includes open office and extras.

For no extras type:

Code:
sudo aptitude  install --no-install-recommends ubuntu-desktop
 
Old 12-06-2010, 04:26 AM   #66
mahmoodn
Member
 
Registered: May 2010
Posts: 403

Rep: Reputation: 16
I get this error:
Code:
mahmood@localhost:~$ sudo aptitude  install --no-install-recommends ubuntu-desktop
aptitude: unrecognized option '--no-install-recommends'
aptitude 0.4.11.11
Usage: aptitude [-S fname] [-u|-i]
       aptitude [options] <action> ...
  Actions (if none is specified, aptitude will enter interactive mode):

 install      - Install/upgrade packages
 remove       - Remove packages
 purge        - Remove packages and their configuration files
 hold         - Place packages on hold
 unhold       - Cancel a hold command for a package
 markauto     - Mark packages as having been automatically installed
 unmarkauto   - Mark packages as having been manually installed
 forbid-version - Forbid aptitude from upgrading to a specific package version.
 update       - Download lists of new/upgradable packages
 safe-upgrade - Perform a safe upgrade
 full-upgrade - Perform an upgrade, possibly installing and removing packages
 forget-new   - Forget what packages are "new"
 search       - Search for a package by name and/or expression
 show         - Display detailed information about a package
 clean        - Erase downloaded package files
 autoclean    - Erase old downloaded package files
 changelog    - View a package's changelog
 download     - Download the .deb file for a package
 reinstall    - Download and (possibly) reinstall a currently installed package
 why          - Show the manually installed packages that require a package, or
                why one or more packages would require the given package
 why-not      - Show the manually installed packages that lead to a conflict
                with the given package, or why one or more packages would
                lead to a conflict with the given package if installed

  Options:
 -h             This help text
 -s             Simulate actions, but do not actually perform them.
 -d             Only download packages, do not install or remove anything.
 -P             Always prompt for confirmation or actions
 -y             Assume that the answer to simple yes/no questions is 'yes'
 -F format      Specify a format for displaying search results; see the manual
 -O order       Specify how search results should be sorted; see the manual
 -w width       Specify the display width for formatting search results
 -f             Aggressively try to fix broken packages.
 -V             Show which versions of packages are to be installed.
 -D             Show the dependencies of automatically changed packages.
 -Z             Show the change in installed size of each package.
 -v             Display extra information. (may be supplied multiple times)
 -t [release]   Set the release from which packages should be installed
 -q             In command-line mode, suppress the incremental progress
                indicators.
 -o key=val     Directly set the configuration option named 'key'
 --with(out)-recommends Specify whether or not to treat recommends as
                strong dependencies
 -S fname       Read the aptitude extended status info from fname.
 -u             Download new package lists on startup.
 -i             Perform an install run on startup.

                  This aptitude does not have Super Cow Powers.
Are you sure about that option?
 
Old 12-06-2010, 08:01 PM   #67
Kenny_Strawn
Senior Member
 
Registered: Feb 2010
Location: /usa/ca/orange_county/lake_forest
Distribution: ArchBang, Google Android 2.1 + Motoblur (on Motortola Flipside), Google Chrome OS (on Cr-48)
Posts: 1,791
Blog Entries: 62

Rep: Reputation: 55
It's not aptitude but apt-get that has the '--no-install-recommends' option.
 
Old 12-07-2010, 12:41 AM   #68
mahmoodn
Member
 
Registered: May 2010
Posts: 403

Rep: Reputation: 16
Can not see such option:
Code:
mahmood@localhost:~$ sudo apt-get --help
[sudo] password for mahmood: 
apt 0.7.25.3ubuntu9.3 for i386 compiled on Sep  9 2010 22:22:02
Usage: apt-get [options] command
       apt-get [options] install|remove pkg1 [pkg2 ...]
       apt-get [options] source pkg1 [pkg2 ...]

apt-get is a simple command line interface for downloading and
installing packages. The most frequently used commands are update
and install.

Commands:
   update - Retrieve new lists of packages
   upgrade - Perform an upgrade
   install - Install new packages (pkg is libc6 not libc6.deb)
   remove - Remove packages
   autoremove - Remove automatically all unused packages
   purge - Remove packages and config files
   source - Download source archives
   build-dep - Configure build-dependencies for source packages
   dist-upgrade - Distribution upgrade, see apt-get(8)
   dselect-upgrade - Follow dselect selections
   clean - Erase downloaded archive files
   autoclean - Erase old downloaded archive files
   check - Verify that there are no broken dependencies

Options:
  -h  This help text.
  -q  Loggable output - no progress indicator
  -qq No output except for errors
  -d  Download only - do NOT install or unpack archives
  -s  No-act. Perform ordering simulation
  -y  Assume Yes to all queries and do not prompt
  -f  Attempt to correct a system with broken dependencies in place
  -m  Attempt to continue if archives are unlocatable
  -u  Show a list of upgraded packages as well
  -b  Build the source package after fetching it
  -V  Show verbose version numbers
  -c=? Read this configuration file
  -o=? Set an arbitrary configuration option, eg -o dir::cache=/tmp
See the apt-get(8), sources.list(5) and apt.conf(5) manual
pages for more information and options.
                       This APT has Super Cow Powers.
However, aptitude has "--without-recommends" and I think that will do the job
Code:
 --with(out)-recommends Specify whether or not to treat recommends as
                strong dependencies
 
Old 12-26-2010, 10:34 PM   #69
stephen.jvvg
LQ Newbie
 
Registered: Dec 2010
Posts: 1

Rep: Reputation: 0
Never mind and sorry. I figured it out by myself, but I do not know how to delete my comments.

The original message said:
(
Quote:
Originally Posted by pljvaldez View Post
I don't know, but it is easy to add one if you need to. After install, you'd just have to sudo aptitude install x-window-system-core gnome-core (or gnome if you want all the bells and whistles of a full desktop environment). If you also want a gui login, then also install gdm.

In general, servers will be text only out of the box because running X is considered an unnecessary security risk. Servers usually want as few services running as possible to keep them secure and running quickly.
What is the exact command for the GUI login?)

Last edited by stephen.jvvg; 12-26-2010 at 11:24 PM. Reason: I figured out how to install it myself.
 
Old 01-26-2011, 12:33 PM   #70
thiyagi
LQ Newbie
 
Registered: Dec 2010
Posts: 4

Rep: Reputation: 0
thanks guys, that was really useful..
 
Old 08-24-2011, 06:23 PM   #71
kpera72
LQ Newbie
 
Registered: Aug 2011
Posts: 3

Rep: Reputation: Disabled
not sure

Webmin might help, easily remote
 
Old 08-16-2013, 09:23 PM   #72
Fred Caro
Member
 
Registered: May 2007
Posts: 738

Rep: Reputation: 62
why install ubuntu server then add gui

You could install a desktop then add server capabilities, that could be a security risk.. but you might just want to extend LTS and have just those gui programs you will be likely to use; a lot easier than installing Arch or Gentoo.
Once the cli is installed you only have to install a few large packages, eg 'gnome-session' 'gkm' and session manager.

Fred.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Ubuntu and Samba--Any GUI? errn12 Linux - Networking 1 04-02-2006 07:05 AM
instaling GUI in ubuntu 5.10 bcon Linux - Software 3 03-09-2006 08:48 AM
Ubuntu doesn't load GUI timclaason Ubuntu 7 02-19-2006 11:15 PM
Ubuntu GUI Tsukasa7 Linux - Newbie 5 09-01-2005 03:10 PM
[Ubuntu GUI] Changing GUI from Gnome to wmaker MangaManiac Linux - Laptop and Netbook 8 05-08-2005 04:17 PM


All times are GMT -5. The time now is 09:40 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration