On Fri, 2014-06-06 at 15:55 -0700, Adam Williamson wrote:
More criteria considerations:
* It must be possible to forward system logs from one system running
the
release to another using rsyslog.
* After system installation, the system firewall must be active, and the
only ports which may be open are port 22 and any ports associated with
server Roles selected during installation. [pace explicit kickstart
configuration]
If you look at these two - they kind of mutually contradict a bit. We
want log forwarding to work, but we're explicitly requiring that any
port likely to be used for it be firewalled?
Would "log server" be a viable role, hence you'd deploy your "log
server
role" and the appropriate firewall ports would be opened as a part of
that? That could be a long term solution (or even short term, if someone
wanted to throw that role together).
Otherwise I can just write an exception for the firewall port into the
system logging criterion.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
http://www.happyassassin.net