Initial set of proposed release criteria for Server product

Adam Williamson awilliam at redhat.com
Thu Jun 12 15:33:01 UTC 2014 

On Wed, 2014-06-11 at 21:53 -0400, Simo Sorce wrote:
> On Wed, 2014-06-11 at 16:28 -0700, Adam Williamson wrote:
> > On Fri, 2014-06-06 at 15:55 -0700, Adam Williamson wrote:
> > 
> > More criteria considerations:
> > 
> > > * It must be possible to forward system logs from one system running the
> > > release to another using rsyslog.
> > > 
> > > * After system installation, the system firewall must be active, and the
> > > only ports which may be open are port 22 and any ports associated with
> > > server Roles selected during installation. [pace explicit kickstart
> > > configuration]
> > 
> > If you look at these two - they kind of mutually contradict a bit. We
> > want log forwarding to work, but we're explicitly requiring that any
> > port likely to be used for it be firewalled?
> 
> I do not see a contradiction, the point say you must be able to forward
> logs, not to receive logs. Of course you need a log server, but that
> could be anything, Fedora or not, and clearly you do need to configure
> it after installation (including any client you may want to get logs
> from).

The intent of the wording was actually to cover both functions, as I
assumed we'd want that. However, now I see it's not entirely clear. "one
system running the release to another" is meant to mean that *both
systems in question* are running the Fedora release to which the
criterion is being applied, but now I see that's not entirely clear.

> 
> > Would "log server" be a viable role, hence you'd deploy your "log server
> > role" and the appropriate firewall ports would be opened as a part of
> > that? That could be a long term solution (or even short term, if someone
> > wanted to throw that role together).
> 
> A log server may be an appropriate role, but for the future.
> 
> > Otherwise I can just write an exception for the firewall port into the
> > system logging criterion.
> 
> No exception is needed in my opinion.
> 
> Simo.
> 

-- 
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
http://www.happyassassin.net

More information about the server mailing list