On Fri, Dec 14, 2012 at 1:00 PM, Jay Greguske <jgreg...@redhat.com> wrote:
> On 12/14/2012 03:12 PM, Matthew Miller wrote: > > Amazon recommends using ec2-user (with passwordless sudo) for EC2 images. > > That's what Fedora has been doing. Do we want to continue this? > Arguments: > > > > > > A. It doesn't really provide any added security, but does add > complication. > > Additionally, normal "don't run as root" advice is less important > since > > cloud instances should be ephemeral and recreatable. > > > > B. But, consistency. > > > > Fedora can of course do its own thing, but Ubuntu, Amazon Linux, future > RHELs, and other distros use ec2-user. This lines up with the EC2 > documentation as well. I'd discourage changing it just because we can. > Well, not exactly, ubuntu lucid in aws uses 'ubuntu', both 'cloud-user' or even 'fedora would be generic enough... in my opinion. > > > What's our SIG consensus here? > > > > Other points: > > > > - We're making images for EC2 and for other cloud systems as well. > > 'ec2-user' seems particularly silly on, say, OpenStack. > > - We could use ec2-user and something else (including just root) on the > > generic images. > > Fair points. > > > - We should decide this really fast because it's already past the last > > minute; default is to just stay with ec2-user for F18 and revisit for > > F19. > > > > +1 > > - Jay > > _______________________________________________ > cloud mailing list > cloud@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/cloud > -- Jorge A Gallegos <k...@blegh.net> http://kad.blegh.net
_______________________________________________ cloud mailing list cloud@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/cloud