On Wed, 2014-04-16 at 02:59 -0500, Justin Brown wrote: > Martin, > > I think that making the firewall configuration automatic is the best > solution. I've updated > http://www.freeipa.org/page/V4/Firewall_Configuration for automatic > configuration unless --no-firewall is passed. > > You guys know the user-base better than I do, but I would imagine that > users would benefit by making a FreeIPA installation work properly > with as few arguments as possible.
+1 Simo. > Thanks, > Justin > > On Thu, Apr 10, 2014 at 1:48 AM, Martin Kosek <mko...@redhat.com> wrote: > > On 04/10/2014 02:57 AM, Dmitri Pal wrote: > >> On 04/08/2014 02:42 PM, Rob Crittenden wrote: > >>> Justin Brown wrote: > > ... > >> b) Example: freeipa-server-install --setup-dns --forwarder=192.168.0.2 > >> --forwarder=192.168.0.3 > > > > Let's talk about CLI. Shouldn't we add just one option - "--no-firewall"? I > > would assume that we want to open the firewall ports by default *if* the > > firewalld is running. If firewalld is not running, ipa-server-install would > > detect it via DBUS and just simply print warning and would not configure > > anything and could just maybe spit out iptables configuration as Justin > > mentioned (optional). > > > > Martin > > _______________________________________________ > Freeipa-devel mailing list > Freeipa-devel@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-devel -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
