On Mon, 14 Nov 2016 19:39:22 +0100 Andreas Cadhalpun
<andreas.cadhal...@googlemail.com> wrote:
> The only additional dependencies compared to the current
> qemu-system-x86 package are:
> libdrm2 libepoxy0 libexpat1 libgbm1 libvirglrenderer0
> libwayland-client0 libwayland-server0
>
> That doesn't seem excessive to me.
I am tracking testing. I'll show you the new dependencies pulled in by
the qemu-system-x86 package.
When talking about dependencies do not only look at direct dependencies,
but at the whole dependency tree.
We are talking about a HUGE number of additional packages and an
increased attack surface here.
This is for qemu-system-x86 1:2.7+dfsg-3+b1 --> 1:2.8+dfsg-1
I cringe at the thought that I have to install all these packages for
quemu on what were once a really lean and clean servers
just hosting virtual machines on the net. They are getting cluttered and
keeping them secure becomes harder and harder.
A headless console-only version is surgently needed.
EIOM Pri Section Package Description
_* Opt otherosf qemu-system- QEMU full system emulation binaries
(x86)
_* Opt libs libcairo2 Cairo 2D vector graphics library
_* Opt libs libepoxy0 OpenGL function pointer management library
_* Opt libs libgbm1 generic buffer management API -- runtime
_* Opt libs libgdk-pixbu GDK Pixbuf library
_* Opt libs libgtk-3-0 GTK+ graphical user interface library
_* Xtr libs libvirglrend virtual GPU for KVM virtualization
_* Opt libs libvte-2.91- Terminal emulator widget for GTK+ 3.0 -
runtime files
__ Opt net samba SMB/CIFS file, print, and login server
for Unix
__ Opt net vde2 Virtual Distributed Ethernet
__ Opt otherosf qemu-block-e extra block backend modules for
qemu-system and qemu-utils
__ Opt otherosf sgabios bios option rom to provide legacy serial
console for x86
__ Xtr misc ovmf UEFI firmware for 64-bit x86 virtual machines
_* Opt libs libfontconfi generic font configuration library - runtime
_* Opt libs libxcb-rende X C Binding, render extension
_* Opt libs libxcb-shm0 X C Binding, shm extension
_* Opt libs libxrender1 X Rendering Extension client library
_* Opt libs libdrm2 Userspace interface to kernel DRM
services -- runtime
_* Opt libs libwayland-c wayland compositor infrastructure -
client library
_* Opt libs libwayland-s wayland compositor infrastructure -
server library
_* Opt libs libtiff5 Tag Image File Format (TIFF) library
_* Opt misc shared-mime- FreeDesktop.org shared MIME database and spec
_* Opt libs libgdk-pixbu GDK Pixbuf library - data files
_* Opt misc libgtk-3-com common files for the GTK+ graphical user
interface library
_* Opt libs libatk-bridg AT-SPI 2 toolkit bridge - shared library
_* Opt libs libatk1.0-0 ATK accessibility toolkit
_* Opt libs libcairo-gob Cairo 2D vector graphics library (GObject
library)
_* Opt libs libcolord2 system service to manage device colour
profiles -- runtime
_* Opt libs libcups2 Common UNIX Printing System(tm) - Core
library
_* Opt libs libjson-glib GLib JSON manipulation library
_* Opt libs libpango-1.0 Layout and rendering of internationalized
text
_* Opt libs libpangocair Layout and rendering of internationalized
text
_* Opt libs libpangoft2- Layout and rendering of internationalized
text
_* Opt libs librest-0.7- REST service access library
_* Opt libs libsoup2.4-1 HTTP library implementation in C --
Shared library
_* Opt libs libwayland-c wayland compositor infrastructure -
cursor library
_* Opt libs libwayland-e implementation of the Wayland EGL
platform -- runtime
_* Opt libs libxcomposit X11 Composite extension library
_* Opt libs libxcursor1 X cursor management library
_* Opt libs libxdamage1 X11 damaged region extension library
_* Opt libs libxfixes3 X11 miscellaneous 'fixes' extension library
_* Opt libs libxinerama1 X11 Xinerama extension library
_* Opt libs libxkbcommon library interface to the XKB compiler -
shared library
_* Opt libs libxrandr2 X11 RandR extension library
_* Opt misc hicolor-icon default fallback theme for
FreeDesktop.org icon themes
_* Opt gnome adwaita-icon default icon theme of GNOME
_* Opt misc libgtk-3-bin programs for the GTK+ graphical user
interface library
_* Opt libs librsvg2-com SAX-based renderer library for SVG files
(extra runtime)
__ Opt libs gvfs userspace virtual filesystem - GIO module
_* Opt libs libpcre2-8-0 New Perl Compatible Regular Expression
Library- 8 bit runtime files
_* Opt libs libvte-2.91- Terminal emulator widget for GTK+ 3.0 -
common files
*** Opt otherosf qemu-utils QEMU utilities
_* Opt fonts fontconfig-c generic font configuration library -
configuration
_* Xtr libs libjbig0 JBIGkit libraries
_* Opt libs dconf-gsetti simple configuration storage system -
GSettings back-end
__ Xtr libs gconf-gsetti GNOME configuration database system -
GSettings back-end
_* Opt libs libatspi2.0- Assistive Technology Service Provider
Interface - shared
library
_* Opt misc libatk1.0-da Common files for the ATK accessibility
toolkit
_* Opt libs liblcms2-2 Little CMS 2 color management library
__ Opt graphics colord system service to manage device colour
profiles -- system daemon
__ Opt net cups-common Common UNIX Printing System(tm) - common
files
_* Opt libs libjson-glib GLib JSON manipulation library (common files)
_* Opt fonts fontconfig generic font configuration library -
support binaries
_* Opt libs libthai0 Thai language support library
_* Opt libs libharfbuzz0 OpenType text shaping engine (shared library)
_* Opt libs libsoup-gnom HTTP library implementation in C -- GNOME
support library
_* Opt libs glib-network network-related giomodules for GLib
_* Opt libs libegl1-mesa free implementation of the EGL API -- runtime
_* Opt misc gtk-update-i icon theme caching utility
_* Opt libs librsvg2-2 SAX-based renderer library for SVG files
(runtime)
__ Xtr admin debootstrap Bootstrap a basic Debian system
_* Opt fonts fonts-dejavu Vera font family derivate with additional
characters
__ Opt fonts ttf-bitstrea The Bitstream Vera family of free
TrueType fonts
__ Opt fonts fonts-libera Fonts with the same metrics as Times,
Arial and Courier
_* Opt libs dconf-servic simple configuration storage system -
D-Bus service
_* Opt libs libdconf1 simple configuration storage system -
runtime library
_* Opt misc at-spi2-core Assistive Technology Service Provider
Interface (dbus core)
__ Opt utils liblcms2-uti Little CMS 2 color management library
(utilities)
_* Opt libs libthai-data Data files for Thai language support library
_* Opt libs libdatrie1 Double-array trie library
__ Opt libs libqtcore4 Qt 4 core module
__ Opt libs libqtgui4 Qt 4 GUI module
_* Opt libs libgraphite2 Font rendering engine for Complex Scripts
-- library
_* Opt libs libproxy1v5 automatic proxy configuration management
library (shared)
_* Opt libs glib-network network-related giomodules for GLib -
D-Bus services
_* Opt libs glib-network network-related giomodules for GLib -
data files
_* Opt gnome gsettings-de GSettings desktop-wide
schemas
_* Opt libs libxcb-dri2- X C Binding, dri2 extension
_* Opt libs libxcb-dri3- X C Binding, dri3 extension
_* Opt libs libxcb-prese X C Binding, present extension
_* Opt libs libxcb-sync1 X C Binding, sync extension
_* Opt libs libxcb-xfixe X C Binding, xfixes extension
_* Opt libs libxshmfence X shared memory fences - shared library
_* Opt libs libcroco3 Cascading Style Sheet (CSS) parsing and
manipulation toolkit
__ Opt graphics librsvg2-bin command-line and graphical viewers for
SVG
files
