[Kimchi-devel] [PATCH] Issue #456: Firewall ports are not open after firewall restart
Paulo Ricardo Paz Vital
pvital at gmail.com
Wed Jan 7 08:04:47 UTC 2015
If you remove the firewall and SELinux commands from one distro, you have
to do the same for all supported distros by Kimchi. Also, there is a
solution to the issue of rules don't be persistent after a service restart
or machine reboot.
IMO, all these security code and tricks can be moved to a new plugin. If
the user is interested to use the project security rules, he/she install
the plugin.
That's my 2 cents!
Paulo Vital.
On Tue Jan 06 2015 at 8:42:46 PM Ramon Medeiros <ramonn at linux.vnet.ibm.com>
wrote:
> On 01/06/2015 04:53 PM, Crístian Viana wrote:
> > On 06-01-2015 14:50, Ramon Medeiros wrote:
> >> +
> >> +Troubleshooting
> >> +---------------
> >
> > IMO, this section shouldn't be named "Troubleshooting" because those
> > actions are required in order for Kimchi to work in a remote client.
> > It's not as if the user did something wrong and this section should
> > help them to fix it; this is a required extra step, in my view.
> >
> >> +Kimchi uses ports 8000, 8001 and 64667. If you are using firewalld,
> >> there is a easy way to add the rules:
> > *an* easy way
> >
> > Also, shouldn't this patch remove the firewall commands from
> > contrib/DEBIAN/* as well?
> The bug did not claimed for this issue on debian. I will check.
>
> --
> Ramon Nunes Medeiros
> Kimchi Developer
> Software Engineer - Linux Technology Center Brazil
> IBM Systems & Technology Group
> Phone : +55 19 2132 7878
> ramonn at br.ibm.com
>
> _______________________________________________
> Kimchi-devel mailing list
> Kimchi-devel at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/kimchi-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/kimchi-devel/attachments/20150107/57398896/attachment.html>
More information about the Kimchi-devel
mailing list