Hi - I have a question about [1], the policy limiting what services may be started/enabled by default (when the RPM is installed).
# If a service does not require configuration to be functional and # does not listen on a network socket, it may be enabled by default # [...] # All other services must not be enabled by default. I'm thinking about how this needs to apply to server processes associated with performance co-pilot (pcp). The various daemons can be set to listen on any mixture IPv4 / IPv6 / AF_UNIX sockets. We think it would be a fine performance-data-gathering background service to run (deeper than sar but still tiny overhead), but default-on appears to be precluded by the policy. Or is it? Is the intent of this policy to prevent unintentional remote access to the services from a network (ignoring the default firewall)? If so, then a server restricted to localhost and/or AF_UNIX parts should be allowed to be enabled by default. Can someone clarify the intent / definitions of this constraint? [1] https://fedoraproject.org/wiki/Starting_services_by_default -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
