Barebone kernel options request

Valeri Galtsev galtsev at
Mon Mar 11 16:03:11 UTC 2019

On 3/11/19 10:56 AM, tech-lists wrote:
> On Mon, Mar 11, 2019 at 01:54:48PM +0000, Carmel NY wrote:
>> Just out of some sort of morbid curiosity, I would be interested in
>> knowing exactly what problem the OP is trying to correct or alleviate
>> here. If his storage, memory or whatever resources are stretched to the
>> limit, he would be better served by purchasing a newer, more powerful
>> machine. "You can't make a silk purse out of a sow's ear."
> I dunno if this applies to the OP but I also compile custom kernels and
> world for some machines. My basic reasons:
> 1. I want available only what is needed, for the os/machine's purpose,
> so that there's more resources for the machine's job. Each disabled
> option means that some resource of some type, however tiny, becomes
> available. These add up.
> 2. Having only what you need means you have less to maintain, which is
> important for security. I guess it makes the "vulnerability surface"
> smaller, at least in theory.

I mostly achieve that by running these things in jails. Sometimes I have 
multiple jails representing one "server" - with the same IP, say, these 
may be in separate jails: shell (where users can ssh to), www, mail, 
mail/spam filter.

Just my $0.02


> 3. It might be the case that the machine I'm maintaining isn't mine, so
> the option to "buy better hardware" is out of the question.
> Being able to tailor the OS for exactly the requirement in hand is a
> major plus point in favour of FreeBSD for me. point #2 above is 
> particularly relevant for an internet-facing machine.

Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

More information about the freebsd-questions mailing list