On Fri, 2012-11-09 at 20:39 -0500, Matthew Miller wrote: > On Fri, Nov 09, 2012 at 03:24:02PM -0800, Adam Williamson wrote: > > it maybe doesn't actually need to be). So perhaps we should change > > firewalld to default to opening port 22. > > +1, even having read the rest of this message. > > > Same with iptables if firewalld is not installed by default. Somehow it took me 45 minutes to notice the giant logic fail in my thinking: if what we're trying to achieve is 'don't install firewalld in a minimal install', obviously firewalld's default firewall configuration is entirely irrelevant. To achieve the above, we don't need to make sure that the default configuration leaves port 22 open when firewalld is installed, but that the default configuration leaves port 22 open when firewalld is *not* installed. D'oh. We can still not bother poking the firewall configuration by default in anaconda if firewalld's package default leaves port 22 open and firewalld is being installed, which would still be a valuable simplification of what anaconda has to do and is still a sensible change, but obviously, we can't use that as a reason not to install firewalld in a minimal install. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora http://www.happyassassin.net -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
