Re: Firewalld

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 08/26/2014 09:22 PM, Pete Travis wrote:
On 08/26/2014 09:43 AM, Eric H. Christensen wrote:
On Mon, Aug 25, 2014 at 03:40:10PM -0600, Pete Travis wrote:
> On 08/25/2014 02:17 PM, Eric H. Christensen wrote:
>> On Mon, Aug 25, 2014 at 01:13:46PM -0600, Pete Travis wrote:
>>> Here's my idea:  In the security guide, give an overview, instructions
>>> on how to lock down to deny-all, general instructions on adding back,
>>> and link out to the Networking Guide. In the NG, give a full
overview -
>>> network security should be an inherent part of network configuration.
>>> In others, include the command to open a port for the service being
>>> documented where appropriate.
>>
>> I really dislike the idea of spreading information out into different
>> guides.  Users think they've got the entire story only to miss another
>> aspect elsewhere.
>>
> Right, it's the spreading out that bothers me too. Service config here,
> network config here, firewall config there.  I *don't* like the idea of
> managing similar content in different places, though.  The wiki doesn't
> really fix that problem; includes work there just as well as in docbook,
> there's just a broader scope.  There are valid concerns about the
> administrative overhead of our publishing stack, vs the 'just write'
> ethos of a wiki - but I think that even with a wiki we would need to
> have discussions about structure and scope.

So how about this...  Instead of having these big, fat guides that
contain a lot of information on a lot of different topics, we start
breaking down these guides into smaller chunks.  Think "Firewall
Guide" which would talk specifically about iptables and firewalld.
They likely would be less work to maintain (although there would be
more of them) since, potentially, it would have less stuff to deal with.

-- Eric

--------------------------------------------------
Eric "Sparks" Christensen
Fedora Project

sparks@xxxxxxxxxxxxxxxxx - sparks@xxxxxxxxxx
097C 82C3 52DF C64A 50C2  E3A3 8076 ABDE 024B B3D1
--------------------------------------------------

I like it. More manageable chunks sounds.. more manageable. Until we get
to the part where you have to read the httpd guide to set up a web
server, then the SELinux guide for file contexts for a web server, then
the firewall guide for firewall rules for a webserver -

Now now now Pete, steady on, having a small guide on firewall topics open while editing the firewall rules and then alt-tabing back to the guide you were using to set up httpd is not so bad. Could even be better than having a huge guide a having to search three or ten chapters forward and back all the time,

or we maintain
the same content in different guides and try to keep track of it all.

No, please, no duplication. Links with scripts to check links are valid is better.
Yeah, I know you're saying "start here", but I think we've come back
around to the question about most suitable formats.

The idea of modularized documentation is*really*  appealing, but the
actual implementation isn't going to come for free.  Will
publican/docbook work? What formats would enable the built-for-purpose
articles that Dylan is envisioning?  We should explore some
possibilities before putting in the work to migrate the copy into new books.

( He says, hoping the conversation doesn't die there )

--
-- Pete Travis
  - Fedora Docs Project Leader
  - 'randomuser' on freenode
  - immanetize@xxxxxxxxxxxxxxxxx




--
Stephen Wadeley
Content Author | Red Hat, Inc.
Purkynova 99 | Brno, Czech Republic

--
docs mailing list
docs@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/docs





[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Red Hat 9]     [Yosemite News]     [KDE Users]

  Powered by Linux