On Mon, 06.12.10 12:30, Bill Nottingham (nott...@redhat.com) wrote:
> Michał Piotrowski (mkkp...@gmail.com) said:
> > >> If systemd will allow us to do that, sure.
> > >
> > > What's the point here? For example, this doesn't cut down on the number
> > > of listening ports, obviously, nor on the r
On Sat, Dec 11, 2010 at 8:11 PM, Kevin Kofler wrote:
> Rahul Sundaram wrote:
> > Socket activation is not mandatory or even a benefit in all cases. Just
> > because we have a patch doesn't mean it is the right one. Upstream might
> > have the foresight and the knowledge to see problems with pat
Rahul Sundaram wrote:
> Socket activation is not mandatory or even a benefit in all cases. Just
> because we have a patch doesn't mean it is the right one. Upstream might
> have the foresight and the knowledge to see problems with patches we might
> not. There might be security implications. It
On Sat, Dec 11, 2010 at 4:57 AM, Kevin Kofler wrote:
> Bill Nottingham wrote:
> > Right. To do this in systemd implies that you're patching openssh to
> > do socket-based activation... hence why I asked about upstream's opinion
> > on it.
>
> Why would we care?
>
> It's our goal to have ALL networ
Chris Adams wrote:
> The only thing you need a firewall by default for is to prevent services
> that are listening on the network from being accessible. The better
> solution is to stop having services listen on the network by default.
FWIW, this is what Ubuntu has been doing for ages (they call
Bill Nottingham wrote:
> Right. To do this in systemd implies that you're patching openssh to
> do socket-based activation... hence why I asked about upstream's opinion
> on it.
Why would we care?
It's our goal to have ALL network daemons be socket-activated eventually.
This is a distribution-wi
On Mon, Dec 06, 2010 at 08:08:49PM -0600, Chris Adams wrote:
> Once upon a time, Adam Williamson said:
> > On most laptops, however, which are the most common types of system sold
> > today, a firewall is very definitely needed when you're connecting to
> > hotel networks, public wifi access point
2010/12/7 Genes MailLists :
> On 12/07/2010 10:20 AM, Michał Piotrowski wrote:
>
>> How many users use NFS on desktop? This is not even used on all servers.
>>
>> So the question is - do we want to have NFS by default?
>>
>> I use samba and I don't want to force all users to install it by default.
On 12/07/2010 10:20 AM, Michał Piotrowski wrote:
> How many users use NFS on desktop? This is not even used on all servers.
>
> So the question is - do we want to have NFS by default?
>
> I use samba and I don't want to force all users to install it by default.
>
No idea how many but count
2010/12/7 Tomas Mraz :
> On Mon, 2010-12-06 at 20:08 -0600, Chris Adams wrote:
>> Once upon a time, Adam Williamson said:
>> > On most laptops, however, which are the most common types of system sold
>> > today, a firewall is very definitely needed when you're connecting to
>> > hotel networks, pu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/06/2010 07:03 PM, Matt McCutchen wrote:
> On Tue, 2010-12-07 at 00:38 +0100, Michał Piotrowski wrote:
>> Cron - but should be activated only when cron files exist
>>
>> It seems to me that the list:
>> - ssh
>> - Dbus
>> - syslog
>> - iptables
>>
Once upon a time, Tomas Mraz said:
> In the cups case might be probably reasonable to default to localhost.
> However for rpcbind it is clearly not so - what's the point of starting
> things that are mostly needed for NFS when you would be able to mount
> only NFS provided by the localhost and exp
On Mon, 2010-12-06 at 20:08 -0600, Chris Adams wrote:
> Once upon a time, Adam Williamson said:
> > On most laptops, however, which are the most common types of system sold
> > today, a firewall is very definitely needed when you're connecting to
> > hotel networks, public wifi access points...
>
Dne 7.12.2010 01:03, Matt McCutchen napsal(a):
> I don't agree that ssh is required for a "working system". A desktop
> user may never ssh to his/her own machine. (Whether to enable ssh by
> default is a different question.)
Please do keep sshd enabled by default ... be it daemon, inetd service,
On Tue, Dec 07, 2010 at 07:14:16AM +0100, Michał Piotrowski wrote:
> 2010/12/7 Toshio Kuratomi :
> > On Tue, Dec 07, 2010 at 12:38:07AM +0100, Michał Piotrowski wrote:
> >> 2010/12/7 Toshio Kuratomi :
> >> > Those might be
> >> > able to start defining a category of "things needed to run a desktop
2010/12/7 Toshio Kuratomi :
> On Tue, Dec 07, 2010 at 12:38:07AM +0100, Michał Piotrowski wrote:
>> 2010/12/7 Toshio Kuratomi :
>> > Those might be
>> > able to start defining a category of "things needed to run a desktop
>> > session" or something.
>> >
>> > iptables,
>>
>> no chance to disable t
On 12/06/2010 07:07 PM, Michał Piotrowski wrote:
>> A desktop
>> user may never ssh to his/her own machine.
>
> That's why it should be socket activated as soon as possible
Question - what do we imagine happens if user starts a service
listening on port (which happens to be sshd) ? Will
Once upon a time, Adam Williamson said:
> On most laptops, however, which are the most common types of system sold
> today, a firewall is very definitely needed when you're connecting to
> hotel networks, public wifi access points...
The only thing you need a firewall by default for is to prevent
On Mon, 2010-12-06 at 17:57 -0800, Adam Williamson wrote:
> On Mon, 2010-12-06 at 10:54 +0100, Michał Piotrowski wrote:
>
> > There are no stupid questions :)
> >
> > On most desktop systems firewall is not needed. Many users do not even
> > know how to configure it. In fact I disable it in most
On 12/06/2010 05:57 PM, Adam Williamson wrote:
> On most laptops, however, which are the most common types of system sold
> today, a firewall is very definitely needed when you're connecting to
> hotel networks, public wifi access points...
Please explain why. What actual service is the firewall
Adam Williamson píše v Po 06. 12. 2010 v 17:57 -0800:
> On Mon, 2010-12-06 at 10:54 +0100, Michał Piotrowski wrote:
>
> > There are no stupid questions :)
> >
> > On most desktop systems firewall is not needed. Many users do not even
> > know how to configure it. In fact I disable it in most of m
On Mon, 2010-12-06 at 10:54 +0100, Michał Piotrowski wrote:
> There are no stupid questions :)
>
> On most desktop systems firewall is not needed. Many users do not even
> know how to configure it. In fact I disable it in most of my systems,
> because there is no real use for it. So I asked a sim
On Tue, 2010-12-07 at 01:07 +0100, Michał Piotrowski wrote:
> 2010/12/7 Matt McCutchen :
> > On Tue, 2010-12-07 at 00:38 +0100, Michał Piotrowski wrote:
> >> Cron - but should be activated only when cron files exist
> >>
> >> It seems to me that the list:
> >> - ssh
> >> - Dbus
> >> - syslog
> >> -
> "MP" == Michał Piotrowski writes:
MP> Dear FPC people, could you provide this list in the near future?
We haven't even met since it was decided that we were to do this. I
imagine it would take a couple of meetings to bang out a list.
- J<
--
devel mailing list
devel@lists.fedoraproject
On Tue, Dec 07, 2010 at 12:38:07AM +0100, Michał Piotrowski wrote:
> 2010/12/7 Toshio Kuratomi :
> > Those might be
> > able to start defining a category of "things needed to run a desktop
> > session" or something.
> >
> > iptables,
>
> no chance to disable this
>
I'd be more inclined to ask wh
2010/12/7 Matt McCutchen :
> On Tue, 2010-12-07 at 00:38 +0100, Michał Piotrowski wrote:
>> Cron - but should be activated only when cron files exist
>>
>> It seems to me that the list:
>> - ssh
>> - Dbus
>> - syslog
>> - iptables
>> - ip6tables
>> - auditd
>> - restorecond
>> is an absolute minimu
On Tue, 2010-12-07 at 00:38 +0100, Michał Piotrowski wrote:
> Cron - but should be activated only when cron files exist
>
> It seems to me that the list:
> - ssh
> - Dbus
> - syslog
> - iptables
> - ip6tables
> - auditd
> - restorecond
> is an absolute minimum to get "working system".
I don't agr
2010/12/7 Toshio Kuratomi :
> On Mon, Dec 06, 2010 at 06:55:20PM +0100, Michał Piotrowski wrote:
>> W dniu 6 grudnia 2010 18:43 użytkownik Kevin Fenzi napisał:
>> > On Mon, 6 Dec 2010 18:17:51 +0100
>> > Michał Piotrowski wrote:
>> >
>> >> W dniu 6 grudnia 2010 18:01 użytkownik Kevin Fenzi
>> >>
On Mon, Dec 06, 2010 at 06:55:20PM +0100, Michał Piotrowski wrote:
> W dniu 6 grudnia 2010 18:43 użytkownik Kevin Fenzi napisał:
> > On Mon, 6 Dec 2010 18:17:51 +0100
> > Michał Piotrowski wrote:
> >
> >> W dniu 6 grudnia 2010 18:01 użytkownik Kevin Fenzi
> >> napisał:
> >
> > ...snip...
> >
> >
2010/12/6 Bill Nottingham :
> Michał Piotrowski (mkkp...@gmail.com) said:
>> We are talking here about the case when ssh server is started when
>> user connect to 22 port (or other configured). From my POV everything
>> should work as expected.
>
> Right. To do this in systemd implies that you're p
Michał Piotrowski (mkkp...@gmail.com) said:
> We are talking here about the case when ssh server is started when
> user connect to 22 port (or other configured). From my POV everything
> should work as expected.
Right. To do this in systemd implies that you're patching openssh to
do socket-based
I wonder why my server rejected my previous email?
-- Wiadomość przekazana dalej --
Od: Michał Piotrowski
Data: 6 grudnia 2010 20:46
Temat: Re: Fedora default services (was: Re: F15 Feature - convert as
many service init files as possible to the native SystemD services)
Do
Michał Piotrowski píše v Po 06. 12. 2010 v 20:22 +0100:
> 2010/12/6 Bill Nottingham :
> Does openssh stands out something special between other demons?
Actually, it does - for remote installations (sometimes the only option)
ssh needs to be running after installation so that the system
administrato
2010/12/6 Bill Nottingham :
> Michał Piotrowski (mkkp...@gmail.com) said:
>> >> If systemd will allow us to do that, sure.
>> >
>> > What's the point here? For example, this doesn't cut down on the number
>> > of listening ports, obviously, nor on the requirements for root passwords
>> > and potent
Michał Piotrowski (mkkp...@gmail.com) said:
> >> If systemd will allow us to do that, sure.
> >
> > What's the point here? For example, this doesn't cut down on the number
> > of listening ports, obviously, nor on the requirements for root passwords
> > and potential root login. And if it's starte
W dniu 6 grudnia 2010 18:43 użytkownik Kevin Fenzi napisał:
> On Mon, 6 Dec 2010 18:17:51 +0100
> Michał Piotrowski wrote:
>
>> W dniu 6 grudnia 2010 18:01 użytkownik Kevin Fenzi
>> napisał:
>
> ...snip...
>
>> > What are you trying to do?
>>
>> I'm trying to convert sysvinit scripts to systemd
On Mon, 6 Dec 2010 18:17:51 +0100
Michał Piotrowski wrote:
> W dniu 6 grudnia 2010 18:01 użytkownik Kevin Fenzi
> napisał:
...snip...
> > What are you trying to do?
>
> I'm trying to convert sysvinit scripts to systemd services (as many
> as possible)
If you're trying to determine what units
2010/12/6 Bill Nottingham :
> Kevin Fenzi (ke...@scrye.com) said:
>> > IMO ssh can be off by default and should be started only if user tries
>> > to connect over port 22.
>>
>> If systemd will allow us to do that, sure.
>
> What's the point here? For example, this doesn't cut down on the number
>
W dniu 6 grudnia 2010 18:01 użytkownik Kevin Fenzi napisał:
> On Mon, 6 Dec 2010 06:34:45 +0100
> Michał Piotrowski wrote:
>
>> Hi,
>>
>> W dniu 3 grudnia 2010 09:14 użytkownik Michał Piotrowski
>> napisał:
>> [..]
>> > What services are installed by default when installong form Live
>> > GNOME/
Kevin Fenzi (ke...@scrye.com) said:
> > IMO ssh can be off by default and should be started only if user tries
> > to connect over port 22.
>
> If systemd will allow us to do that, sure.
What's the point here? For example, this doesn't cut down on the number
of listening ports, obviously, nor o
On Mon, 6 Dec 2010 06:34:45 +0100
Michał Piotrowski wrote:
> Hi,
>
> W dniu 3 grudnia 2010 09:14 użytkownik Michał Piotrowski
> napisał:
> [..]
> > What services are installed by default when installong form Live
> > GNOME/KDE/etc and DVD?
>
> Ok, let's ask the question differently - what serv
W dniu 6 grudnia 2010 10:43 użytkownik Hans de Goede
napisał:
> Hi,
>
> On 12/06/2010 06:34 AM, Michał Piotrowski wrote:
>> Hi,
>>
>> W dniu 3 grudnia 2010 09:14 użytkownik Michał Piotrowski
>> napisał:
>> [..]
>>> What services are installed by default when installong form Live
>>> GNOME/KDE/et
Hi,
On 12/06/2010 06:34 AM, Michał Piotrowski wrote:
> Hi,
>
> W dniu 3 grudnia 2010 09:14 użytkownik Michał Piotrowski
> napisał:
> [..]
>> What services are installed by default when installong form Live
>> GNOME/KDE/etc and DVD?
>
> Ok, let's ask the question differently - what services shoul
Hi,
W dniu 3 grudnia 2010 09:14 użytkownik Michał Piotrowski
napisał:
[..]
> What services are installed by default when installong form Live
> GNOME/KDE/etc and DVD?
Ok, let's ask the question differently - what services should be run
by default to provide working system for desktop user?
IMO
44 matches
Mail list logo
