On Tue, Dec 07, 2010 at 12:38:07AM +0100, Michał Piotrowski wrote:
> 2010/12/7 Toshio Kuratomi <a.badger(a)gmail.com>:
> > Those might be
> > able to start defining a category of "things needed to run a desktop
> > session" or something.
> > iptables,
> no chance to disable this
I'd be more inclined to ask what benefit we have to turning the firewall off
vs having a more permissive set of firewall rules by default. AFAIK,
turning the firewall on doesn't currently turn on any additional daemon --
it just sets up the defined rules.
> I guess ip6tables too?
Would you be willing to write up a Packaging Draft and add it to the FPC
tracker? If not, I'll bring it up in the Packaging Meeting on Wednesday
On Mon, Dec 06, 2010 at 06:55:20PM +0100, Michał Piotrowski wrote:
> W dniu 6 grudnia 2010 18:43 użytkownik Kevin Fenzi <kevin(a)scrye.com> napisał:
> > On Mon, 6 Dec 2010 18:17:51 +0100
> > Michał Piotrowski <mkkp4x4(a)gmail.com> wrote:
> >> W dniu 6 grudnia 2010 18:01 użytkownik Kevin Fenzi <kevin(a)scrye.com>
> >> napisał:
> > ...snip...
> >> > What are you trying to do?
> >> I'm trying to convert sysvinit scripts to systemd services (as many
> >> as possible)
> > If you're trying to determine what units should be enabled by default,
> > please talk to the Fedora Packaging Comittee.
> > See also:
> > https://fedorahosted.org/fesco/ticket/504
> > Where fesco decided:
> > "Default is off, exceptions exist to allow proper functioning of the
> > os. FPC to document exceptions and process exception requests."
> > FPC was going to work on a exceptions list I think...
> This list will be useful.
> Dear FPC people, could you provide this list in the near future?
Feedback appreciated -- what do you think should be on? What do you think
should be off? Right now I think we'd make an exception for ssh (a really
big exception since it's a network facing service, even). Dbus and
default syslog variant also spring to mind which might be. Those might be
able to start defining a category of "things needed to run a desktop
session" or something.
iptables, auditd, restorecond sound like keepers -- maybe a category here
would be things that add to system security in a default install. For this
category we'd want to be careful, do we also want to allow fail2ban or
denyhosts to run by default if they're installed?
Other categories or specific examples would be good.
I am working on packaging our project into Fedora. Here some questions I want to consult for you.
Our project is Java based, it depends on many thirdpartt JARs that some are already in Fedora and some are not.
1. For those absent JARs, how should I handle them? Could directly include them in my package?
I saw some packages do directly include JARs even these JARs are available in other packages. e.g. eclipse-pde
2. We use ANT to build and deploy our software, however, we also use waf to do configuration because ANT is not strong on this part.
Will this be a problem? I really see some Java project mixed uses GNU tool and ANT, so I guess it's also ok for mixing ANT with waf.