Yedidyah Bar David has posted comments on this change. Change subject: packaging: setup: update firewall for all services ......................................................................
Patch Set 3: > Once again... what I fear is that we update firewall setting especially > iptables which is a complete over write losing sysadmin customization when > running setup again. > This is my fear, nothing more. Very well - open a bug, send a patch, you know the process... this does not contradict at all this change. In fact, it might best be implemented in otopi and not in engine-setup - e.g. abort if there is /etc/sysconfig/iptables and we are asked to overwrite it, or perhaps do some magic and decide for very simple cases that we are ok, whatever. > For the postgres, there was explicit rfe to support remove access. I agree it > is not wise. But for simplicity it may be better to allow sysadmin to disable > later. Same. But if it's only for dwh/reports, I think we should seriously consider not opening it at all during setup. -- To view, visit http://gerrit.ovirt.org/20737 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: If3c1a634b2e8539ebd604205b5487290c8d8a1a9 Gerrit-PatchSet: 3 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yedidyah Bar David <d...@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Ofer Schreiber <oschr...@redhat.com> Gerrit-Reviewer: Sandro Bonazzola <sbona...@redhat.com> Gerrit-Reviewer: Yedidyah Bar David <d...@redhat.com> Gerrit-HasComments: No _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
