How do I install avahi yet never run avahi-daemon?

Ask Fedora
1

My current system building practice uses a minimal kickstart followed by ansible playbooks. The avahi package turns out to be one of those necessary evils the way packages I do want are built. A rather straightforward workaround is to stop and mask

avahi-daemon.socket
avahi-daemon.service

as suggested by Red Hat. Presets seemed like an option but when are they applied? Testing shows it does not happen at firstboot as the documentation indicates as a possiblity.

%post
...
# some things cannot be handled by presets
: mask units
units="\
  avahi-daemon.socket \
  avahi-daemon.service \
  sshd-keygen@rsa.service \
  sshd-keygen@ecdsa.service \
  systemd-suspend.service \
  systemd-hibernate.service \
  systemd-hybrid-sleep.service \
  systemd-suspend-then-hibernate.service \
  suspend.target \
"
for unit in $units
do
  ln -sf /dev/null /etc/systemd/system/$unit
done
...
%end

With f43 I feel like I’m attending church with the insessant notifications to donate to GNOME.

cat /etc/dconf/db/local.d/95-local
[org/gnome/settings-daemon/plugins/housekeeping]
donation-reminder-enabled=false

dconf update
2

This is controlled by the preset files as described by man systemd.preset.

You can create a file in /etc/systemd/system-preset with a suffix of .preset which overrides the default preset for avahi. For example name it /etc/systemd/systemd-preset/10-no-avahi.preset.

The default is

# https://fedoraproject.org/w/index.php?title=Starting_services_by_default&oldid=377748
enable avahi-daemon.*
1 Like
4

I think a lot of people in Fedora are security conscious. I use Fedora because I trust the defaults - there are a few things like you indicate that could be tightened.

5

Let us know what you find.

6

You leave that in place. In your new file you could specify

disable avahi-daemon.*

which will take precedence if the new file name comes alphabetically before 90-systemd.preset.

PS: A assume that not installing avahi is not an option.