generic/fedora-20-cloud.ks | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
New commits:
commit 3eb95005f76ed2af8253f635be70dd94e292a171
Author: Dennis Gilmore <dennis@xxxxxxxx>
Date: Sun Oct 13 23:27:00 2013 -0500
Breaks comppses
Revert "anaconda no longer requires firewalld"
This reverts commit c3df27a4f11705831502415a5e03b0fe3a19383d.
diff --git a/generic/fedora-20-cloud.ks b/generic/fedora-20-cloud.ks
index 62582a8..2c9294e 100644
--- a/generic/fedora-20-cloud.ks
+++ b/generic/fedora-20-cloud.ks
@@ -19,8 +19,9 @@ auth --useshadow --enablemd5
selinux --enforcing
rootpw --lock --iscrypted locked
-# a static firewall allowing ssh is configured below
-firewall --disabled
+# this is actually not used, but a static firewall
+# matching these rules is generated below.
+firewall --service=ssh
bootloader --timeout=1 --append="console=ttyS0,115200n8 console=tty0" extlinux
@@ -65,10 +66,11 @@ dracut-config-generic
# by anaconda, but appliance-creator needs the hint
syslinux-extlinux
+# Needed initially, but removed below.
+firewalld
# Basic firewall. If you're going to rely on your cloud service's
-# security groups you can remove iptables-services.
--firewalld
+# security groups you can remove this.
iptables-services
# cherry-pick a few things from @standard
@@ -134,6 +136,11 @@ echo .
echo "Removing linux-firmware package."
yum -C -y remove linux-firmware
+# Remove firewalld; was supposed to be optional in F18+, but is required to
+# be present for install/image building.
+echo "Removing firewalld."
+yum -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
+
# Non-firewalld-firewall
echo -n "Writing static firewall"
cat <<EOF > /etc/sysconfig/iptables
_______________________________________________
cloud mailing list
cloud@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/cloud
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
