Fedora workstation: what do we want installed by default?
Richard Turner
rjt at zygous.co.uk
Mon Aug 18 20:09:52 UTC 2014
On 18 Aug 2014 20:44, "Elad Alfassa" <elad at fedoraproject.org> wrote:
> I propose configuration that works out of the box.
A laudable goal, but difficult to achieve for all use cases.
> Right now in the firewalld policy in Fedora Workstation any non-root port
is unblocked by default. If you need a webserver running on port 80, I
assume the best way of fixing this would be bundling a firewalld
configuration file in webserver packages that will open port 80 and port
443 for you - but that might be out of scope for the Workstation WG and
more in the Server WG realm.
Yes, and that's a good point: when thinking about the needs of developers
the lines between workstation and server are a bit fuzzy sometimes.
I'm running PostgreSQL on my box, and need to have some VMs I run connect
to it. I'd not propose that port 5432 was open by default though. I don't
think what I'm doing is terribly esoteric, but neither would I expect it to
work out of the box because I can imagine the opposite configuration (port
5432 closed, PostgreSQL listening only for local connections) being more
common.
> Also, if we don't install it by default you'd still be able to install
it, or install cockpit instead (I don't remember if cockpit has firewall
controls, but it sounds like it's something it probably would benefit from
having).
Having realised that the firewall is responsible for a silent failure,
needing to install an app to reconfigure it is an additional pain. These
days I'm just as likely to uninstall the firewall and be damned. I'm trying
to work, and the need to configure the firewall is preventing that; having
to install an app to do so compounds the problem.
(I'm playing Devil's Advocate a bit of course, I'd not be spitting nails if
I had to install a UI app to configure the firewall, but I might think
"well, that could have been easier".)
R
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/desktop/attachments/20140818/c08aca0d/attachment.html>
More information about the desktop
mailing list