Stephen John Smoogen wrote: >1) I do not feel that countless programs will or want to accept >patches to open ports twice. I expect them to actually open a port >once and if they want to work with firewalld or some other firewall >daemon signal on dbus that they are looking to have a port open using >a predefined and open protocol. The port will be open like it always >was and the firewall will be closed if they don't use it, and possibly >open if they do (depending on the top level policy of whatever >firewall management program is there). Fine, so they wouldn't be patches to open ports twice, they'd be patches to ask FirewallD to open the firewall in addition to opening ports. Whatever. The point is that a lot of programs would have to be patched to do a Fedora-specific thing, and the patches would either have to be accepted upstream or carried in Fedora, or else the programs wouldn't work on Fedora. >3) glibc is meant to work on multiple OS's and distributions. Fedora >and even Red Hat are not important enough to force through a change >that isn't in the interests of other distributions. Which is where the >vague politics comes up. This sort of change would require working >with other distributions, other OS's and other organizations to get >their consensus on how it should work. That takes a long amount of >meetings, talking with people, showing them why it would be >worthwhile, figuring out all the corner cases and seeing if they are >fixable, etc. And it would see if it breaks various 'promises' like >POSIX compliance and such that the glibc team work actively to keep. All of that is true, but I don't see how it would be an argument for signaling FirewallD from many places rather than from one place. Most of the programs are also meant to work on multiple OSes and distributions, and I doubt that their developers would be happy to implement multiple distribution-specific protocols for opening firewalls. It would still require lots of discussions to get all of those distributions, OSes and organizations to agree on a single firewall-opening protocol, regardless of whether that protocol would then be used from GlibC of from each program individually. -- Björn Persson
Attachment:
signature.asc
Description: PGP signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
