[Bug 1136025] New: Rewrite/update the Kickstart Installations chapter
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1136025
Bug ID: 1136025
Summary: Rewrite/update the Kickstart Installations chapter
Product: Fedora Documentation
Version: devel
Component: install-guide
Assignee: pbokoc(a)redhat.com
Reporter: pbokoc(a)redhat.com
QA Contact: docs-qa(a)lists.fedoraproject.org
CC: pbokoc(a)redhat.com, zach(a)oglesby.co
Update the Kickstart chapter.
Most of the surrounding text (howto) can be taken directly from RHEL7 Install
Guide[1].
The Kickstart Syntax reference section can be taken from there as well, but
note that many commands and options changed in Fedora since then, so it needs a
review and additional work. Some of the changes are described in the F21
Release Notes on the wiki[2].
Also: It has been reported that currently the syntax reference is really hard
to read and that it could use a table of contents. To do that, we should
probably consider moving it to a separate chapter and either turning each
command into its own section, or at least creating a few categories and
sections for them - so that a ToC is generated at the top of the chapter.
[1]
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
[2] https://fedoraproject.org/wiki/Documentation_Beats_Installer
--
You are receiving this mail because:
You are the QA Contact for the bug.
9 years, 5 months
[Bug 1079540] New: Document SELinux sandboxing
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1079540
Bug ID: 1079540
Summary: Document SELinux sandboxing
Product: Fedora Documentation
Version: devel
Component: security-guide
Assignee: sparks(a)redhat.com
Reporter: me(a)petetravis.com
QA Contact: docs-qa(a)lists.fedoraproject.org
CC: pkennedy(a)redhat.com, security-guide-list(a)redhat.com,
sparks(a)redhat.com, zach(a)oglesby.co
What is SELinux sandboxing and why should I care? How do I do it?
These questions and more should be covered in the Security Guide
--
You are receiving this mail because:
You are the QA Contact for the bug.
9 years, 5 months
[Bug 1008204] New: DNSSEC support for FreeIPA
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1008204
Bug ID: 1008204
Summary: DNSSEC support for FreeIPA
Product: Fedora Documentation
Version: devel
Component: docs-requests
Keywords: Tracking
Assignee: nobody(a)fedoraproject.org
Reporter: me(a)petetravis.com
QA Contact: docs-qa(a)lists.fedoraproject.org
CC: jreznik(a)redhat.com, nobody(a)fedoraproject.org,
pspacek(a)redhat.com, sparks(a)redhat.com,
stickster(a)gmail.com, tbabej(a)redhat.com,
zach(a)oglesby.co
Depends On: 998522
+++ This bug was initially created as a clone of Bug #998522 +++
This is a tracking bug for Change: DNSSEC support for FreeIPA
For more details, see: http://fedoraproject.org//wiki/Changes/IPAv3DNSSEC
FreeIPA with integrated DNS server will support serving of DNSSEC secured
zones.
--- Additional comment from Tomas Babej on 2013-08-28 10:22:11 EDT ---
This feature is self-contained and not in a testable state yet. It is planned
for FreeIPA 3.4 Beta release which is aligned with the F20 schedule.
--- Additional comment from Petr Spacek on 2013-09-02 07:18:58 EDT ---
It is possible that we will not be able to complete the feature in time for
Fedora 20 beta.
From:
http://fedoraproject.org//wiki/Changes/IPAv3DNSSEC#Contingency_Plan
Contingency mechanism: Do not expose new feature in FreeIPA's user interface
(i.e. revert patches for user interface)
--- Additional comment from Jaroslav Reznik on 2013-09-04 08:28:20 EDT ---
Ok, in case you won't be able to finish it by Beta Change Deadline (currently
planned for 2013-10-08), let me know and put the bug to the NEW state, version
to rawhide.
Thanks for update!
-----------------------------------------------
Discussion at
https://lists.fedoraproject.org/pipermail/devel-announce/2013-July/001193...
Please assess existing documentation for the impact of this Change.
--
You are receiving this mail because:
You are the QA Contact for the bug.
9 years, 5 months
[Bug 1008203] New: DNSSEC support for FreeIPA
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1008203
Bug ID: 1008203
Summary: DNSSEC support for FreeIPA
Product: Fedora Documentation
Version: devel
Component: release-notes
Keywords: Tracking
Assignee: relnotes(a)fedoraproject.org
Reporter: me(a)petetravis.com
QA Contact: docs-qa(a)lists.fedoraproject.org
CC: jreznik(a)redhat.com, pspacek(a)redhat.com,
relnotes(a)fedoraproject.org, tbabej(a)redhat.com,
wb8rcr(a)arrl.net, zach(a)oglesby.co
Depends On: 998522
+++ This bug was initially created as a clone of Bug #998522 +++
This is a tracking bug for Change: DNSSEC support for FreeIPA
For more details, see: http://fedoraproject.org//wiki/Changes/IPAv3DNSSEC
FreeIPA with integrated DNS server will support serving of DNSSEC secured
zones.
--- Additional comment from Tomas Babej on 2013-08-28 10:22:11 EDT ---
This feature is self-contained and not in a testable state yet. It is planned
for FreeIPA 3.4 Beta release which is aligned with the F20 schedule.
--- Additional comment from Petr Spacek on 2013-09-02 07:18:58 EDT ---
It is possible that we will not be able to complete the feature in time for
Fedora 20 beta.
From:
http://fedoraproject.org//wiki/Changes/IPAv3DNSSEC#Contingency_Plan
Contingency mechanism: Do not expose new feature in FreeIPA's user interface
(i.e. revert patches for user interface)
--- Additional comment from Jaroslav Reznik on 2013-09-04 08:28:20 EDT ---
Ok, in case you won't be able to finish it by Beta Change Deadline (currently
planned for 2013-10-08), let me know and put the bug to the NEW state, version
to rawhide.
Thanks for update!
-----------------------------------------------------------------
Discussion available at
https://lists.fedoraproject.org/pipermail/devel-announce/2013-July/001193...
Please document this Change in the Release Notes.
--
You are receiving this mail because:
You are the QA Contact for the bug.
9 years, 5 months
[Bug 1107633] New: System-wide crypto policy
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1107633
Bug ID: 1107633
Summary: System-wide crypto policy
Product: Fedora Documentation
Version: devel
Component: security-guide
Keywords: Documentation, ReleaseNotes
Assignee: sparks(a)redhat.com
Reporter: sparks(a)redhat.com
QA Contact: docs-qa(a)lists.fedoraproject.org
CC: hkario(a)redhat.com, jreznik(a)redhat.com,
nmavrogi(a)redhat.com, pkennedy(a)redhat.com,
security-guide-list(a)redhat.com, sparks(a)redhat.com,
zach(a)oglesby.co
Depends On: 1076390
+++ This bug was initially created as a clone of Bug #1076390 +++
This is a tracking bug for Change: System-wide crypto policy
For more details, see: http://fedoraproject.org//wiki/Changes/CryptoPolicy
Unify the crypto policies used by different applications and libraries. That is
allow
setting a consistent security level for crypto on all applications in a Fedora
system. The implementation approach will be to initially modify SSL libraries
to respect the policy and gradually adding more libraries and applications.
--- Additional comment from Eric Christensen on 2014-03-24 13:40:11 EDT ---
I wrote up something about this already (but can't find it) that can be used in
the Release Notes and Security Guide. As soon as I can lay my hands on it,
again, I'll post it for review.
--- Additional comment from Eric Christensen on 2014-03-24 14:40:25 EDT ---
This is the text I'd like to use for the Release Notes and Security Guide if it
looks good to the feature owner.
--- Additional comment from Nikos Mavrogiannopoulos on 2014-03-25 05:45:07 EDT
---
Let's not update the release notes and manual yet, as the details are not yet
fixed. I expect these to be fixed by the end of next month.
--- Additional comment from Nikos Mavrogiannopoulos on 2014-06-03 07:26:05 EDT
---
I've updated the proposed text for the release notes.
<title>Crypto Policy</title>
<para>Beginning in Fedora 21, a system-wide crypto policy will be available for
users to quickly setup the cryptographic options for their systems. Users that
must meet certain cryptographic standards can make the policy change in
<filename>//etc/crypto-policies/config</filename>, and run
update-crypto-policies. At this point applications that are utilize the default
set of ciphers in the GnuTLS and OpenSSL libraries will follow the policy
requirements.</para>
<para>The available options are: (1) LEGACY, which ensures compatibility with
legacy systems - 64-bit security, (2) DEFAULT, a reasonable default for today's
standards - 80-bit security, and (3) FUTURE, a conservative level that is
believed to withstand any near-term future attacks -128-bit security.
These levels affect SSL/TLS settings, including elliptic curve, signature hash
functions, and ciphersuites and key sizes.</para>
<para>Additional information on this new feature can be found on the <ulink
url="https://fedoraproject.org/wiki/Changes/CryptoPolicy">CryptoPolicy Changes
wiki page</ulink>.</para>
--- Additional comment from Eric Christensen on 2014-06-03 11:58:18 EDT ---
(In reply to Nikos Mavrogiannopoulos from comment #4)
Awesome, thanks! I've added it to the Security Beat
(https://fedoraproject.org/wiki/Documentation_Security_Beat) and it should be
in the Release Notes for F21.
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1076390
[Bug 1076390] System-wide crypto policy
--
You are receiving this mail because:
You are the QA Contact for the bug.
9 years, 5 months
[Bug 1171470] New: Failed to migrate virtual machines using virsh
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1171470
Bug ID: 1171470
Summary: Failed to migrate virtual machines using virsh
Product: Fedora Documentation
Version: devel
Component: virtualization-guide
Assignee: docs(a)lists.fedoraproject.org
Reporter: hao.xu(a)cs2c.com.cn
QA Contact: docs-qa(a)lists.fedoraproject.org
CC: docs(a)lists.fedoraproject.org, lnovich(a)redhat.com,
zach(a)oglesby.co
Description of problem:
Using virsh to migrate virtual machines may sometimes fail with error:
Connection reset by peer
Version-Release number of selected component (if applicable):
How reproducible:
ofen
Steps to Reproduce:
1.
2.
3.
Actual results:
Expected results:
Additional info:
--
You are receiving this mail because:
You are the QA Contact for the bug.
9 years, 5 months