On Mon, 06.12.10 12:30, Bill Nottingham (nott...@redhat.com) wrote:
Michał Piotrowski (mkkp...@gmail.com) said:
If systemd will allow us to do that, sure.
What's the point here? For example, this doesn't cut down on the number
of listening ports, obviously, nor on the requirements
Rahul Sundaram wrote:
Socket activation is not mandatory or even a benefit in all cases. Just
because we have a patch doesn't mean it is the right one. Upstream might
have the foresight and the knowledge to see problems with patches we might
not. There might be security implications. It
On Sat, Dec 11, 2010 at 8:11 PM, Kevin Kofler wrote:
Rahul Sundaram wrote:
Socket activation is not mandatory or even a benefit in all cases. Just
because we have a patch doesn't mean it is the right one. Upstream might
have the foresight and the knowledge to see problems with patches
Bill Nottingham wrote:
Right. To do this in systemd implies that you're patching openssh to
do socket-based activation... hence why I asked about upstream's opinion
on it.
Why would we care?
It's our goal to have ALL network daemons be socket-activated eventually.
This is a distribution-wide
Chris Adams wrote:
The only thing you need a firewall by default for is to prevent services
that are listening on the network from being accessible. The better
solution is to stop having services listen on the network by default.
FWIW, this is what Ubuntu has been doing for ages (they call it
On Sat, Dec 11, 2010 at 4:57 AM, Kevin Kofler kevin.kof...@chello.atwrote:
Bill Nottingham wrote:
Right. To do this in systemd implies that you're patching openssh to
do socket-based activation... hence why I asked about upstream's opinion
on it.
Why would we care?
It's our goal to
On Mon, 2010-12-06 at 20:08 -0600, Chris Adams wrote:
Once upon a time, Adam Williamson awill...@redhat.com said:
On most laptops, however, which are the most common types of system sold
today, a firewall is very definitely needed when you're connecting to
hotel networks, public wifi
Once upon a time, Tomas Mraz tm...@redhat.com said:
In the cups case might be probably reasonable to default to localhost.
However for rpcbind it is clearly not so - what's the point of starting
things that are mostly needed for NFS when you would be able to mount
only NFS provided by the
2010/12/7 Tomas Mraz tm...@redhat.com:
On Mon, 2010-12-06 at 20:08 -0600, Chris Adams wrote:
Once upon a time, Adam Williamson awill...@redhat.com said:
On most laptops, however, which are the most common types of system sold
today, a firewall is very definitely needed when you're connecting
On Mon, Dec 06, 2010 at 08:08:49PM -0600, Chris Adams wrote:
Once upon a time, Adam Williamson awill...@redhat.com said:
On most laptops, however, which are the most common types of system sold
today, a firewall is very definitely needed when you're connecting to
hotel networks, public wifi
Hi,
On 12/06/2010 06:34 AM, Michał Piotrowski wrote:
Hi,
W dniu 3 grudnia 2010 09:14 użytkownik Michał Piotrowski
mkkp...@gmail.com napisał:
[..]
What services are installed by default when installong form Live
GNOME/KDE/etc and DVD?
Ok, let's ask the question differently - what
W dniu 6 grudnia 2010 10:43 użytkownik Hans de Goede
hdego...@redhat.com napisał:
Hi,
On 12/06/2010 06:34 AM, Michał Piotrowski wrote:
Hi,
W dniu 3 grudnia 2010 09:14 użytkownik Michał Piotrowski
mkkp...@gmail.com napisał:
[..]
What services are installed by default when installong form
On Mon, 6 Dec 2010 06:34:45 +0100
Michał Piotrowski mkkp...@gmail.com wrote:
Hi,
W dniu 3 grudnia 2010 09:14 użytkownik Michał Piotrowski
mkkp...@gmail.com napisał:
[..]
What services are installed by default when installong form Live
GNOME/KDE/etc and DVD?
Ok, let's ask the question
Kevin Fenzi (ke...@scrye.com) said:
IMO ssh can be off by default and should be started only if user tries
to connect over port 22.
If systemd will allow us to do that, sure.
What's the point here? For example, this doesn't cut down on the number
of listening ports, obviously, nor on the
W dniu 6 grudnia 2010 18:01 użytkownik Kevin Fenzi ke...@scrye.com napisał:
On Mon, 6 Dec 2010 06:34:45 +0100
Michał Piotrowski mkkp...@gmail.com wrote:
Hi,
W dniu 3 grudnia 2010 09:14 użytkownik Michał Piotrowski
mkkp...@gmail.com napisał:
[..]
What services are installed by default
2010/12/6 Bill Nottingham nott...@redhat.com:
Kevin Fenzi (ke...@scrye.com) said:
IMO ssh can be off by default and should be started only if user tries
to connect over port 22.
If systemd will allow us to do that, sure.
What's the point here? For example, this doesn't cut down on the
On Mon, 6 Dec 2010 18:17:51 +0100
Michał Piotrowski mkkp...@gmail.com wrote:
W dniu 6 grudnia 2010 18:01 użytkownik Kevin Fenzi ke...@scrye.com
napisał:
...snip...
What are you trying to do?
I'm trying to convert sysvinit scripts to systemd services (as many
as possible)
If you're
W dniu 6 grudnia 2010 18:43 użytkownik Kevin Fenzi ke...@scrye.com napisał:
On Mon, 6 Dec 2010 18:17:51 +0100
Michał Piotrowski mkkp...@gmail.com wrote:
W dniu 6 grudnia 2010 18:01 użytkownik Kevin Fenzi ke...@scrye.com
napisał:
...snip...
What are you trying to do?
I'm trying to
Michał Piotrowski (mkkp...@gmail.com) said:
If systemd will allow us to do that, sure.
What's the point here? For example, this doesn't cut down on the number
of listening ports, obviously, nor on the requirements for root passwords
and potential root login. And if it's started in
2010/12/6 Bill Nottingham nott...@redhat.com:
Michał Piotrowski (mkkp...@gmail.com) said:
If systemd will allow us to do that, sure.
What's the point here? For example, this doesn't cut down on the number
of listening ports, obviously, nor on the requirements for root passwords
and
Michał Piotrowski píše v Po 06. 12. 2010 v 20:22 +0100:
2010/12/6 Bill Nottingham nott...@redhat.com:
Does openssh stands out something special between other demons?
Actually, it does - for remote installations (sometimes the only option)
ssh needs to be running after installation so that the
I wonder why my server rejected my previous email?
-- Wiadomość przekazana dalej --
Od: Michał Piotrowski mkkp...@gmail.com
Data: 6 grudnia 2010 20:46
Temat: Re: Fedora default services (was: Re: F15 Feature - convert as
many service init files as possible to the native SystemD
Michał Piotrowski (mkkp...@gmail.com) said:
We are talking here about the case when ssh server is started when
user connect to 22 port (or other configured). From my POV everything
should work as expected.
Right. To do this in systemd implies that you're patching openssh to
do socket-based
2010/12/6 Bill Nottingham nott...@redhat.com:
Michał Piotrowski (mkkp...@gmail.com) said:
We are talking here about the case when ssh server is started when
user connect to 22 port (or other configured). From my POV everything
should work as expected.
Right. To do this in systemd implies
On Mon, Dec 06, 2010 at 06:55:20PM +0100, Michał Piotrowski wrote:
W dniu 6 grudnia 2010 18:43 użytkownik Kevin Fenzi ke...@scrye.com napisał:
On Mon, 6 Dec 2010 18:17:51 +0100
Michał Piotrowski mkkp...@gmail.com wrote:
W dniu 6 grudnia 2010 18:01 użytkownik Kevin Fenzi ke...@scrye.com
2010/12/7 Toshio Kuratomi a.bad...@gmail.com:
On Mon, Dec 06, 2010 at 06:55:20PM +0100, Michał Piotrowski wrote:
W dniu 6 grudnia 2010 18:43 użytkownik Kevin Fenzi ke...@scrye.com napisał:
On Mon, 6 Dec 2010 18:17:51 +0100
Michał Piotrowski mkkp...@gmail.com wrote:
W dniu 6 grudnia 2010
On Tue, 2010-12-07 at 00:38 +0100, Michał Piotrowski wrote:
Cron - but should be activated only when cron files exist
It seems to me that the list:
- ssh
- Dbus
- syslog
- iptables
- ip6tables
- auditd
- restorecond
is an absolute minimum to get working system.
I don't agree that ssh
2010/12/7 Matt McCutchen m...@mattmccutchen.net:
On Tue, 2010-12-07 at 00:38 +0100, Michał Piotrowski wrote:
Cron - but should be activated only when cron files exist
It seems to me that the list:
- ssh
- Dbus
- syslog
- iptables
- ip6tables
- auditd
- restorecond
is an absolute
On Tue, Dec 07, 2010 at 12:38:07AM +0100, Michał Piotrowski wrote:
2010/12/7 Toshio Kuratomi a.bad...@gmail.com:
Those might be
able to start defining a category of things needed to run a desktop
session or something.
iptables,
no chance to disable this
I'd be more inclined to ask
On Tue, 2010-12-07 at 01:07 +0100, Michał Piotrowski wrote:
2010/12/7 Matt McCutchen m...@mattmccutchen.net:
On Tue, 2010-12-07 at 00:38 +0100, Michał Piotrowski wrote:
Cron - but should be activated only when cron files exist
It seems to me that the list:
- ssh
- Dbus
- syslog
-
On Mon, 2010-12-06 at 10:54 +0100, Michał Piotrowski wrote:
There are no stupid questions :)
On most desktop systems firewall is not needed. Many users do not even
know how to configure it. In fact I disable it in most of my systems,
because there is no real use for it. So I asked a simple
Adam Williamson píše v Po 06. 12. 2010 v 17:57 -0800:
On Mon, 2010-12-06 at 10:54 +0100, Michał Piotrowski wrote:
There are no stupid questions :)
On most desktop systems firewall is not needed. Many users do not even
know how to configure it. In fact I disable it in most of my
On 12/06/2010 05:57 PM, Adam Williamson wrote:
On most laptops, however, which are the most common types of system sold
today, a firewall is very definitely needed when you're connecting to
hotel networks, public wifi access points...
Please explain why. What actual service is the firewall
On Mon, 2010-12-06 at 17:57 -0800, Adam Williamson wrote:
On Mon, 2010-12-06 at 10:54 +0100, Michał Piotrowski wrote:
There are no stupid questions :)
On most desktop systems firewall is not needed. Many users do not even
know how to configure it. In fact I disable it in most of my
Once upon a time, Adam Williamson awill...@redhat.com said:
On most laptops, however, which are the most common types of system sold
today, a firewall is very definitely needed when you're connecting to
hotel networks, public wifi access points...
The only thing you need a firewall by default
2010/12/7 Toshio Kuratomi a.bad...@gmail.com:
On Tue, Dec 07, 2010 at 12:38:07AM +0100, Michał Piotrowski wrote:
2010/12/7 Toshio Kuratomi a.bad...@gmail.com:
Those might be
able to start defining a category of things needed to run a desktop
session or something.
iptables,
no chance
On Tue, Dec 07, 2010 at 07:14:16AM +0100, Michał Piotrowski wrote:
2010/12/7 Toshio Kuratomi a.bad...@gmail.com:
On Tue, Dec 07, 2010 at 12:38:07AM +0100, Michał Piotrowski wrote:
2010/12/7 Toshio Kuratomi a.bad...@gmail.com:
Those might be
able to start defining a category of things
Hi,
W dniu 3 grudnia 2010 09:14 użytkownik Michał Piotrowski
mkkp...@gmail.com napisał:
[..]
What services are installed by default when installong form Live
GNOME/KDE/etc and DVD?
Ok, let's ask the question differently - what services should be run
by default to provide working system for
38 matches
Mail list logo