On 9 November 2012 18:46, Adam Williamson <awilliam@xxxxxxxxxx> wrote: > On Fri, 2012-11-09 at 20:39 -0500, Matthew Miller wrote: >> On Fri, Nov 09, 2012 at 03:24:02PM -0800, Adam Williamson wrote: >> > it maybe doesn't actually need to be). So perhaps we should change >> > firewalld to default to opening port 22. >> >> +1, even having read the rest of this message. >> >> >> Same with iptables if firewalld is not installed by default. > > Somehow it took me 45 minutes to notice the giant logic fail in my > thinking: if what we're trying to achieve is 'don't install firewalld in > a minimal install', obviously firewalld's default firewall configuration > is entirely irrelevant. To achieve the above, we don't need to make sure > that the default configuration leaves port 22 open when firewalld is > installed, but that the default configuration leaves port 22 open when > firewalld is *not* installed. D'oh. Well with firewalld not installed and no iptables configs.. I would believe that the default would be everything open... unless some other program is there to set some defaults. -- Stephen J Smoogen. "Don't derail a useful feature for the 99% because you're not in it." Linus Torvalds "Years ago my mother used to say to me,... Elwood, you must be oh so smart or oh so pleasant. Well, for years I was smart. I recommend pleasant. You may quote me." —James Stewart as Elwood P. Dowd -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
