On Thu, Aug 29, 2019 at 1:08 AM John Harris <johnmh(a)splentity.com> wrote:
On Wednesday, August 28, 2019 10:00:35 PM MST Christopher wrote:
> No, the default firewalld zone affects all Fedora Workstation users,
> because firewalld runs outside of GNOME. Just because a user uses the
> Workstation Edition doesn't mean they're running GNOME... you can
> still run Cinnamon, XFCE, MATE, KDE, (or no graphical environment at
> all) using the Workstation Edition. It's just that GNOME is the
> default. So, this isn't a GNOME-specific issue. This is a Workstation
> Edition issue with /etc/firewalld/firewalld.conf's DefaultZone option.
How is that possible? The workstation installer installs GNOME, right? Can you
select something else in those ISOs' Anaconda config? If so, why would it
still pull in GNOME's firewall zone?
[SNIP]
We're getting off-topic, but really quickly: Yes, you can select
advanced packaging (at least you could in the past... probably still
can). You can also use kickstart to automate installs with custom
package installations and configuration using the same Workstation
ISO, and you can also just open a new TTY (e.g. Ctrl+Alt+F3),
customize your system, and reboot without ever logging in to GNOME.
It's not "GNOME's firewall zone". As previously mentioned, it's not
pulled in by GNOME at all. Rather, it's being provided by the
firewalld RPM itself, and configured by default, based on the contents
of /etc/os-release (which is provided by the
fedora-release-workstation RPM).
The main point is that it's not GNOME-specific at all, but it is
Workstation Edition-specific.