Fedora Server Role D-BUS API Design Discussion
Stephen Gallagher
sgallagh at redhat.com
Thu Mar 20 13:00:59 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 03/19/2014 06:10 PM, Kevin Fenzi wrote:
> On Wed, 19 Mar 2014 09:47:20 -0400 Stephen Gallagher
> <sgallagh at redhat.com> wrote:
>
> ...snip...
>
>> 4) The D-BUS API must be stable. If it is likely that the set of
>> input required to deploy or configure will change, this should
>> be planned for in the design.
>>
>> 5) As it is not possible to plan for all contingencies, the API
>> must be versioned such that the clients can determine whether
>> they can properly perform the requested actions.
>
> I agree with these, but we may not want to '1.0' the api until we
> are further along?
>
I'd like for clients to be backwards and forwards-compatible. So new
versions of clients should be able to fall back to older, deprecated
versions of the API and newer versions of the server should be able to
support any version of the API that is still meaningful (such as we've
added a new version of the API that gives more control, but the old
version could still produce a usable system compatible with older
releases).
> ...snip...
>
>> == Open questions ==
>>
>> 1) How do we handle configuring the Firewall? I think we want to
>> have a Firewall object
>> (/org/fedoraproject/server/RoleFirewallManager) available to
>> query the firewall as a whole, but we may also want to be able to
>> view and apply firewall rules from the Role objects directly.
>> (Note: I'm not suggesting we need a complete firewall solution
>> here. This should be a wrapper that deals only with the Roles).
>> Firewalld already provides a more comprehensive firewall
>> interface for the general case.
>
> Should we try and rope in the firewalld maintainer(s) here? They
> may have some ideas on how to do this so it causes the least amount
> of pain.
Yes, good idea. I'm CCing Thomas Woerner and will politely ask him to
review this thread.[1]
[1]
https://lists.fedoraproject.org/pipermail/server/2014-March/000999.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlMq5osACgkQeiVVYja6o6P6AwCeJV91PZDeY1mdRB4GlP+zLOVy
ztcAnjg4/7Ta8MibVwMJKEyWIbAu467I
=lgUF
-----END PGP SIGNATURE-----
More information about the server
mailing list