On Tue, Nov 17, 2015 at 09:18:22AM -0500, James B. Byrne wrote:
> This behaviour is congruent with SELinux. One utility adjusts the
> permanent configuration, the one that will be applied at startup.
> Another changes the current running environment without altering the
> startup config. From a sysadmin point of view this is desirable since
> changes to a running system are often performed for empirical testing.
> Leaving ephemeral state changes permanently fixed in the startup
> config could, and almost certainly would eventually, lead to serious
> problem during a reboot.
>
> Likewise, immediately introducing a state change to a running system
> when reconfiguring system startup options is just begging for an
> operations incident report.
Another possible reason is because when you're setting up firewalld,
you might want to batch a bunch of changes with --permanent, then,
once you've added them all, *then* you restart firewalld to pick up
the changes. Having the firewall restart after *every* permanent
change you want to make would leave the system's firewall bouncing up
and down.
--
Jonathan Billings <billings@xxxxxxxxxx>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
