Accidentally enabled service after update from F16 to F17 - solutions?

Stanislav Ochotnicky sochotnicky at
Thu Jun 14 14:19:55 UTC 2012

Quoting Michal Schmidt (2012-06-14 15:10:56)
> On 06/14/2012 02:59 PM, Stanislav Ochotnicky wrote:
> > +%triggerun -- jetty < 8.1.2-9
> You already have one triggerun for jetty in the spec:
> %triggerun -- jetty < 8.1.0-3
> You're likely to hit this RPM bug:

I guess this in itself solves the problem for us. We can't fix user
systems properly ergo...

> > +/bin/systemctl --no-reload disable jetty.service >/dev/null 2>&1 ||:
> > +/bin/systemctl --no-reload stop jetty.service >/dev/null 2>&1 ||:
> >
> > This trigger will do following:
> > If we are updating from previous releases, we disable the service and
> > stop it if it's running
> I dislike this, because:
>   - You'd just break some users' systems for the sake of a different
>     subset of users.
>   - Some breakage during distribution upgrade is more tolerable than
>     breakage within regular updates.

Well not anymore, I'll just describe it in the bodhi update.

> Is a running jetty really _that_ dangerous? Why do we ship it at all 
> then? ;-)

Why do we ship Apache, tomcat and tens (hundrets?) of other useful
packages? Jetty unlike most packages _is_ remotely accessible so the
attack surface is rather large. 

If you wrote that in a jest, then sorry but I don't take my mistake that
could compromise security of Fedora's users that lightly.


Stanislav Ochotnicky <sochotnicky at>
Software Engineer - Base Operating Systems Brno

PGP: 7B087241
Red Hat Inc.                     

More information about the devel mailing list