On 12/14/2012 03:12 PM, Matthew Miller wrote:
Amazon recommends using ec2-user (with passwordless sudo) for EC2
images.
That's what Fedora has been doing. Do we want to continue this? Arguments:
A. It doesn't really provide any added security, but does add complication.
Additionally, normal "don't run as root" advice is less important since
cloud instances should be ephemeral and recreatable.
B. But, consistency.
What's our SIG consensus here?
Other points:
- We're making images for EC2 and for other cloud systems as well.
'ec2-user' seems particularly silly on, say, OpenStack.
- We could use ec2-user and something else (including just root) on the
generic images.
- We should decide this really fast because it's already past the last
minute; default is to just stay with ec2-user for F18 and revisit for
F19.
I'd suggests "cloud-user".