On 12/14/2012 03:12 PM, Matthew Miller wrote: > Amazon recommends using ec2-user (with passwordless sudo) for EC2 images. > That's what Fedora has been doing. Do we want to continue this? Arguments: > > > A. It doesn't really provide any added security, but does add complication. > Additionally, normal "don't run as root" advice is less important since > cloud instances should be ephemeral and recreatable. > > B. But, consistency. > Fedora can of course do its own thing, but Ubuntu, Amazon Linux, future RHELs, and other distros use ec2-user. This lines up with the EC2 documentation as well. I'd discourage changing it just because we can. > What's our SIG consensus here? > > Other points: > > - We're making images for EC2 and for other cloud systems as well. > 'ec2-user' seems particularly silly on, say, OpenStack. > - We could use ec2-user and something else (including just root) on the > generic images. Fair points. > - We should decide this really fast because it's already past the last > minute; default is to just stay with ec2-user for F18 and revisit for > F19. > +1 - Jay _______________________________________________ cloud mailing list cloud@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/cloud
