Desktop issues discussion proposal
Havoc Pennington
hp at redhat.com
Thu Apr 22 23:24:02 UTC 2004
On Thu, 2004-04-22 at 16:50, jludwig wrote:
> This would also be what I would like to see. For example, every time I
> upgrade or load a system I get the "out of the box" firewall rules
> without any other option. This is fine for average desktops and newbees,
> but causes my extra configuration work.
I don't think more installer options will happen - everyone is very in
favor of kicking that stuff to firstboot or to config tools post-boot.
If you want to avoid manually configuring systems, what you want is
kickstart.
For the firewall example specifically, there's no real reason firewalls
on most systems should even _require_ configuration - we know what
services are up, we should open those ports and close the other ports.
On a desktop, that probably means everything is closed. If someone
starts a service, the initscript or whatever can open the port.
If you don't want a port open, stop the service.
Yes, some services can serve both local and remote users. Let those two
aspects be started and stopped separately. "[ ] Receive print jobs from
this machine" "[ ] Receive print jobs from other machines" - if both are
unchecked, no print daemon starts.
But of course leave the config file, so if you really want some other
firewall config, or are setting up a machine whose purpose is to be a
firewall, rather than to be firewalled, you can create that config.
And there might be a GUI for creating a custom firewall, covering common
use-cases for that.
Havoc
More information about the Fedora-desktop-list
mailing list