On 12/14/2012 04:00 PM, Jay Greguske wrote: > On 12/14/2012 03:12 PM, Matthew Miller wrote: >> Amazon recommends using ec2-user (with passwordless sudo) for EC2 images. >> That's what Fedora has been doing. Do we want to continue this? Arguments: >> >> >> A. It doesn't really provide any added security, but does add complication. >> Additionally, normal "don't run as root" advice is less important since >> cloud instances should be ephemeral and recreatable. >> >> B. But, consistency. >> > Fedora can of course do its own thing, but Ubuntu, Amazon Linux, future > RHELs, and other distros use ec2-user. This lines up with the EC2 > documentation as well. I'd discourage changing it just because we can. > >> What's our SIG consensus here? >> >> Other points: >> >> - We're making images for EC2 and for other cloud systems as well. >> 'ec2-user' seems particularly silly on, say, OpenStack. >> - We could use ec2-user and something else (including just root) on the >> generic images. > Fair points. > >> - We should decide this really fast because it's already past the last >> minute; default is to just stay with ec2-user for F18 and revisit for >> F19. >> > +1 > > - Jay > > _______________________________________________ > cloud mailing list > cloud@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/cloud Amazon of course uses ec2-user, ec2 is an Amazon product. Ubuntu initially focused on ec2 so ec2-user made sense. Multiple back-end support is a core principal for Red Hat cloud solutions. Using a user name which reflects a proprietary offering seems counter to that. Again, I suggest "cloud-user". Joe VLcek _______________________________________________ cloud mailing list cloud@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/cloud
