Simone Tiraboschi has posted comments on this change. Change subject: packaging: setup: Adding a dialog to let the user review iptables changes ......................................................................
Patch Set 1: (1 comment) http://gerrit.ovirt.org/#/c/33085/1/packaging/setup/ovirt_engine_setup/constants.py File packaging/setup/ovirt_engine_setup/constants.py: Line 380: def UPDATE_FIREWALL(self): Line 381: return 'OVESETUP_CONFIG/updateFirewall' Line 382: Line 383: FIREWALL_MANAGERS = 'OVESETUP_CONFIG/firewallManagers' Line 384: SKIP_FIREWALL_REVIEW = 'OVESETUP_CONFIG/skipFirewallReview' > I really think we need a very strict, well-defined, perhaps even clearly wr I perfectly agree on the general schema. But this cause it's just a bit different due to a precise reason: the question itself depends not just from our actions but also from external conditions: for instance, I'm going to ask a confirmation of iptables differences between the proposed version and the current one if and only I find any difference. The point, on my opinion, is that the question itself doesn't simply come from state S0 but also from user actions on iptables rules that are not under our control. For instance: you can have a system at status S0 witch generates a specific answer file going to S1 due to engine-setup; than the user reverts to S0 and, on its own, adds some modification to iptables rules; current iptables rule set it's not completely under our control, is it really the same S0 state? So on my opinion it's really a good idea to save the answer of a question that we really don't know. What we can do it's to add another question before, something like: 'There can be some modification to iptables rule, if so, do you want to review them?' and we can save this answer while instead the review process it's, at least on my opinion, interactive by definition. Line 385: VALID_FIREWALL_MANAGERS = 'OVESETUP_CONFIG/validFirewallManagers' Line 386: FQDN_REVERSE_VALIDATION = 'OVESETUP_CONFIG/fqdnReverseValidation' Line 387: FQDN_NON_LOOPBACK_VALIDATION = 'OVESETUP_CONFIG/fqdnNonLoopback' Line 388: -- To view, visit http://gerrit.ovirt.org/33085 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I63e0eeb26d925c8c79b9c8e55da64c57ce94a3f6 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Simone Tiraboschi <stira...@redhat.com> Gerrit-Reviewer: Lev Veyde <lve...@redhat.com> Gerrit-Reviewer: Sandro Bonazzola <sbona...@redhat.com> Gerrit-Reviewer: Simone Tiraboschi <stira...@redhat.com> Gerrit-Reviewer: Yedidyah Bar David <d...@redhat.com> Gerrit-Reviewer: automat...@ovirt.org Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
