Re: Poll: How users use DNF

Hi, Thanks, I'll take a look. Jon On Tue, 9 Dec 2014 22:58 Colin Walters wrote: > On Tue, Dec 9, 2014, at 04:58 PM, Jon Kent wrote: > > Hi, > > We use yum wrapped up in a python script that runs from a master server > and uses ssh to log into server/servers and run the requested command > > >

Blacklisting of Indian xkb layouts

Hi, We have xkb layouts and m17n input methods to type Indian languages and both gets installed on GNOME by default. So it always creates confusion for uses that which are input methods and xkb layouts. However with xkb layouts one can't write conjuncts or complex characters. So it would be nic

Re: "Workstation" Product defaults to wide-open firewall

On Wed, Dec 10, 2014 at 12:08:19AM -0500, Simo Sorce wrote: > Most users have no idea what NAT, TCP or ports are (nor should they!). > At most they understand *literally* a question like: "do you want this > to be allowed to access the network ?" and you better > name the app in the same way the G

Re: "Workstation" Product defaults to wide-open firewall

On Wed, 10 Dec 2014 05:46:32 +0100 Kevin Kofler wrote: > Pete Travis wrote: > > Lets say I do have an understanding of network basics, just for the > > sake of argument. I share my application with you. The > > application is intended to listen on the network, you know this and > > want the app

Re: Poll: How users use DNF

Przemek Klosowski wrote: > I have mixed feelings for the typo correction/suggestions for arguments > providing package names: I am glad they are case-insensitive because > case conventions in package names are all over the place. On the other > hand I am concerned about possible mistakes (I want to

Re: "Workstation" Product defaults to wide-open firewall

Bastien Nocera wrote: > For example, RTSP streaming, Rhythmbox remote control for iOS, music > sharing via DAAP, DLNA sharing via rygel, but also DLNA client usage > (through Videos), and VNC are impacted. This is a non-exhaustive list for > the default applications in the Workstation version. VNC

Re: "Workstation" Product defaults to wide-open firewall

Solomon Peachy wrote: > On Tue, Dec 09, 2014 at 08:07:00PM +0100, Kevin Kofler wrote: >> This kind of sharing "features" is a security risk to begin with. Users >> starting them are part of the problem. A desktop is not a file server. > > A desktop isn't a file server, until it is. > > Please, t

Re: "Workstation" Product defaults to wide-open firewall

Pete Travis wrote: > Lets say I do have an understanding of network basics, just for the sake > of argument. I share my application with you. The application is > intended to listen on the network, you know this and want the application > for that purpose. You run the application, it tries to li

Re: "Workstation" Product defaults to wide-open firewall

On Tue, Dec 09, 2014 at 12:09:23PM -0700, Pete Travis wrote: > On Dec 9, 2014 12:06 PM, "Chuck Anderson" wrote: > > > > On Tue, Dec 09, 2014 at 11:52:01AM -0700, Pete Travis wrote: > > > On Dec 9, 2014 11:33 AM, "Chuck Anderson" wrote: > > > I should have said "ask firewalld for a port to be open

Re: "Workstation" Product defaults to wide-open firewall

Stephen John Smoogen wrote: > In the end, this is a tempest in a teapot. The release is out and it is > done. The release is out, but there are an expected 13 months of security updates, of which this ought to be the first. Kevin Kofler -- devel mailing list devel@lists.fedoraproject.o

Re: Poll: How users use DNF

On Tuesday 09 December 2014 18:39:25 Radek Holy wrote: > Wow, I have already received a lot of feedback from you. I have not read it > all yet. I very much appreciate it. Feel free to add even more feedback :-) > I just forgot to mention that even your own aliases, plugins, workarounds and > the

Re: "Workstation" Product defaults to wide-open firewall

- Original Message - > On 9 December 2014 at 13:47, Matthew Miller wrote: > > On Tue, Dec 09, 2014 at 01:11:33PM +, Ian Malone wrote: > >> > have a proposal for a new spin focused on privacy and security — the > >> > Netizen Spin. (If you're interested, I think that could use additio

Re: Poll: How users use DNF

Hi On Tue, Dec 9, 2014 at 7:19 PM, M. Edward (Ed) Borasky wrote: > I have yet to port my scripts (https://bitbucket.org/znmeb/osjourno) > from 'yum' to 'dnf'. I'm not sure I am going to unless the live ISO > creation tools also switch. But I have tried both 'dnf' and 'yum' > manually during the F

Re: Poll: How users use DNF

I have yet to port my scripts (https://bitbucket.org/znmeb/osjourno) from 'yum' to 'dnf'. I'm not sure I am going to unless the live ISO creation tools also switch. But I have tried both 'dnf' and 'yum' manually during the F21 alpha and beta test phases. I think there were cases where 'yum' said th

Re: Poll: How users use DNF

On Tue, Dec 9, 2014 at 12:28 PM, Radek Holy wrote: > Dear users of YUM and DNF, > > I'm writing to you regarding a request for your feedback. I would be very > grateful if you could send me a brief description of how you use YUM or DNF > currently or how would you like to use it. I am particularl

Re: Poll: How users use DNF

- Original Message - > From: "Radek Holy" > To: devel@lists.fedoraproject.org > Sent: Tuesday, December 9, 2014 6:28:54 PM > Subject: Poll: How users use DNF > > Dear users of YUM and DNF, > > I'm writing to you regarding a request for your feedback. I would be very > grateful if you cou

Re: Poll: How users use DNF

On Tue, Dec 9, 2014, at 04:58 PM, Jon Kent wrote: > Hi, > > We use yum wrapped up in a python script that runs from a master > server and uses ssh to log into server/servers and run the > requested command I'd recommend Ansible, it comes with built in primitives for interacting with yum declarati

Re: "Workstation" Product defaults to wide-open firewall

On 9 December 2014 at 13:47, Matthew Miller wrote: > On Tue, Dec 09, 2014 at 01:11:33PM +, Ian Malone wrote: >> > have a proposal for a new spin focused on privacy and security — the >> > Netizen Spin. (If you're interested, I think that could use additional >> > contributors.) >> I was under

Re: Poll: How users use DNF

On 12/09/2014 12:28 PM, Radek Holy wrote: Please share with me the use cases, not the description of the "install" command. Think twice before you share something because I believe it's not as easy as it might seem. As an example I think it might be something like: - "I call YUM install, becau

Re: "Workstation" Product defaults to wide-open firewall

On Wed, Dec 10, 2014 at 08:13:54AM +1030, William B wrote: > * Exploited applications are now more easily able to communicate back > to C&C systems. Most applications are not "sandboxed", and even if > they were, this sandboxing is not an excuse to open up other parts > of the system. Note t

Re: Poll: How users use DNF

Hi, We use yum wrapped up in a python script that runs from a master server and uses ssh to log into server/servers and run the requested command (the script doesn't support all, just most -install, downgrade, upgrade etc) against either a single rpm or upgrade all rpms. It uses the exit status f

Re: "Workstation" Product defaults to wide-open firewall

On Dec 9, 2014 1:31 PM, "Reindl Harald" wrote: > > > > Am 09.12.2014 um 21:25 schrieb Pete Travis: > >> Lets say I do have an understanding of network basics, just for the sake >> of argument. I share my application with you. The application is >> intended to listen on the network, you know this

Re: "Workstation" Product defaults to wide-open firewall

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 > > If by opening up some ports that would have hampered the user, rather > than protect them[1], we avoid the users disabling the firewall, and > exposing security critical services (such as exposing rpcbind, or > ntpd, or any other root service), th

Re: "Workstation" Product defaults to wide-open firewall

On Tue, Dec 09, 2014 at 22:00:28 +0100, Reindl Harald wrote: what you completly ignore is the fact with the current warnings of firefox after accept the self signed cert it no longer wanns *but* if that cert changes it warns again This is not a significant threat for me. In the main case I h

DNF 0.6.3 Released

Hey, I am announcing release of DNF 0.6.3. In more detail here [1]. Try it out! [1] http://dnf.baseurl.org/2014/12/09/dnf-0-6-3-and-dnf-plugins-core-0-1-4-released/ -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct:

Re: "Workstation" Product defaults to wide-open firewall

Am 09.12.2014 um 21:47 schrieb Bruno Wolff III: On Tue, Dec 09, 2014 at 20:35:35 +0100, Reindl Harald wrote: Am 09.12.2014 um 20:20 schrieb Bruno Wolff III: There should be a way to disable FF's you need to click twice to accept certs that are not signed by authorities it recognizes. w

Re: "Workstation" Product defaults to wide-open firewall

On Tue, Dec 09, 2014 at 20:35:35 +0100, Reindl Harald wrote: Am 09.12.2014 um 20:20 schrieb Bruno Wolff III: There should be a way to disable FF's you need to click twice to accept certs that are not signed by authorities it recognizes. why? Because I have no trust in any of the cert aut

Re: "Workstation" Product defaults to wide-open firewall

On 12/09/2014 04:04 PM, Chuck Anderson wrote: On Tue, Dec 09, 2014 at 01:25:47PM -0700, Pete Travis wrote: On Dec 9, 2014 12:55 PM, "Reindl Harald" wrote: Am 09.12.2014 um 20:51 schrieb Pete Travis: Hmm... a whitelist of things that are allowed to ask for firewall accommodation doesn't hel

Re: "Workstation" Product defaults to wide-open firewall

On Tue, Dec 09, 2014 at 08:07:00PM +0100, Kevin Kofler wrote: > This kind of sharing "features" is a security risk to begin with. Users > starting them are part of the problem. A desktop is not a file server. A desktop isn't a file server, until it is. Please, take a deep breath, and consider th

Re: "Workstation" Product defaults to wide-open firewall

On Tue, Dec 09, 2014 at 01:25:47PM -0700, Pete Travis wrote: > On Dec 9, 2014 12:55 PM, "Reindl Harald" wrote: > > > > > > Am 09.12.2014 um 20:51 schrieb Pete Travis: > > > >> Hmm... a whitelist of things that are allowed to ask for firewall > >> accommodation doesn't help me develop new applicati

Re: "Workstation" Product defaults to wide-open firewall

Am 09.12.2014 um 21:25 schrieb Pete Travis: Lets say I do have an understanding of network basics, just for the sake of argument. I share my application with you. The application is intended to listen on the network, you know this and want the application for that purpose. You run the applic

Re: "Workstation" Product defaults to wide-open firewall

On Dec 9, 2014 12:55 PM, "Reindl Harald" wrote: > > > Am 09.12.2014 um 20:51 schrieb Pete Travis: > >> Hmm... a whitelist of things that are allowed to ask for firewall >> accommodation doesn't help me develop new applications at all. And >> you're jumping to a really high level UI thing and just

Re: "Workstation" Product defaults to wide-open firewall

Am 09.12.2014 um 21:02 schrieb Matthew Miller: On Tue, Dec 09, 2014 at 08:55:38PM +0100, Reindl Harald wrote: a prerequisite for develop network applications is understanding of network basics and if your application don't use networking you are not affected But maybe you're part of a team, a

Re: "Workstation" Product defaults to wide-open firewall

On Tue, Dec 09, 2014 at 08:55:38PM +0100, Reindl Harald wrote: > a prerequisite for develop network applications is understanding of > network basics and if your application don't use networking you are > not affected But maybe you're part of a team, and not working on the networking part. -- M

Re: "Workstation" Product defaults to wide-open firewall

Am 09.12.2014 um 20:51 schrieb Pete Travis: Hmm... a whitelist of things that are allowed to ask for firewall accommodation doesn't help me develop new applications at all. And you're jumping to a really high level UI thing and just sort of hand waving over the mechanism needed to make it all w

Re: "Workstation" Product defaults to wide-open firewall

On Dec 9, 2014 12:38 PM, "Chuck Anderson" wrote: > > On Tue, Dec 09, 2014 at 12:09:23PM -0700, Pete Travis wrote: > > On Dec 9, 2014 12:06 PM, "Chuck Anderson" wrote: > > > > > > On Tue, Dec 09, 2014 at 11:52:01AM -0700, Pete Travis wrote: > > > > On Dec 9, 2014 11:33 AM, "Chuck Anderson" wrote:

Re: "Workstation" Product defaults to wide-open firewall

On Tue, Dec 09, 2014 at 12:09:23PM -0700, Pete Travis wrote: > On Dec 9, 2014 12:06 PM, "Chuck Anderson" wrote: > > > > On Tue, Dec 09, 2014 at 11:52:01AM -0700, Pete Travis wrote: > > > On Dec 9, 2014 11:33 AM, "Chuck Anderson" wrote: > > > I should have said "ask firewalld for a port to be open

Re: "Workstation" Product defaults to wide-open firewall

Am 09.12.2014 um 20:20 schrieb Bruno Wolff III: On Tue, Dec 09, 2014 at 19:20:10 +0100, Reindl Harald wrote: * Firefox asks too * it is not hard to accept a self signed cert * BUT it is hard enough to defeat the "click OK somewhere" reflex There should be a way to disable FF's you need to

Re: "Workstation" Product defaults to wide-open firewall

On Tue, Dec 09, 2014 at 19:20:10 +0100, Reindl Harald wrote: * Firefox asks too * it is not hard to accept a self signed cert * BUT it is hard enough to defeat the "click OK somewhere" reflex There should be a way to disable FF's you need to click twice to accept certs that are not signed b

Re: "Workstation" Product defaults to wide-open firewall

Am 09.12.2014 um 20:16 schrieb Robert Marcano: On 12/09/2014 02:19 PM, Reindl Harald wrote: Am 09.12.2014 um 19:45 schrieb Bastien Nocera: Richard Hughes wrote: So do I! I'm a developer, which spin do I use so that the firewall doesn't get in my way? We can't develop a *product* based aroun

Re: "Workstation" Product defaults to wide-open firewall

On 12/09/2014 02:19 PM, Reindl Harald wrote: Am 09.12.2014 um 19:45 schrieb Bastien Nocera: Richard Hughes wrote: So do I! I'm a developer, which spin do I use so that the firewall doesn't get in my way? We can't develop a *product* based around what you specifically want, not me, nor anyone e

Re: "Workstation" Product defaults to wide-open firewall

On Dec 9, 2014 11:54 AM, "Brian Wheeler" wrote: > > On 12/09/2014 01:45 PM, Bastien Nocera wrote: >> >> >> - Original Message - >>> >>> Richard Hughes wrote: So do I! I'm a developer, which spin do I use so that the firewall doesn't get in my way? We can't develop a *product

Re: "Workstation" Product defaults to wide-open firewall

On Tue, 2014-12-09 at 16:04 +0100, Reindl Harald wrote: > Am 09.12.2014 um 15:57 schrieb Christian Schaller: > > Well I think it is hard for anyone to guess what would be reasonable > > defaults for > > you specifically, any default is by its nature just targeting an generic > > person, which migh

Re: "Workstation" Product defaults to wide-open firewall

On Dec 9, 2014 12:06 PM, "Chuck Anderson" wrote: > > On Tue, Dec 09, 2014 at 11:52:01AM -0700, Pete Travis wrote: > > On Dec 9, 2014 11:33 AM, "Chuck Anderson" wrote: > > I should have said "ask firewalld for a port to be opened" - sorry, I > > thought that would come from the context. > > > > Ar

Re: "Workstation" Product defaults to wide-open firewall

Bastien Nocera wrote: > If you start sharing something on a network, then we consider it safe to > share. If you connect to a public unencrypted Wi-Fi, you won't have the > option to. If you connect to an encrypted Wi-Fi where sharing your holiday > photos isn't acceptable then it won't, because yo

Re: "Workstation" Product defaults to wide-open firewall

On Tue, Dec 09, 2014 at 11:52:01AM -0700, Pete Travis wrote: > On Dec 9, 2014 11:33 AM, "Chuck Anderson" wrote: > I should have said "ask firewalld for a port to be opened" - sorry, I > thought that would come from the context. > > Are you saying bind() should be talking to firewalld, via some ap

Re: "Workstation" Product defaults to wide-open firewall

Am 09.12.2014 um 19:54 schrieb Brian Wheeler: On 12/09/2014 01:45 PM, Bastien Nocera wrote: - Original Message - Richard Hughes wrote: So do I! I'm a developer, which spin do I use so that the firewall doesn't get in my way? We can't develop a *product* based around what you specific

Re: "Workstation" Product defaults to wide-open firewall

On 12/09/2014 01:45 PM, Bastien Nocera wrote: - Original Message - Richard Hughes wrote: So do I! I'm a developer, which spin do I use so that the firewall doesn't get in my way? We can't develop a *product* based around what you s

Re: "Workstation" Product defaults to wide-open firewall

Stephen Gallagher wrote: > * Port forward between two interfaces, which is really useful with > virtualizationFedoraWorkstation (default, active) > interfaces: em1 virbr0 virbr0-nic wlp4s0 > sources: > services: dhcpv6-client dns freeipa-ldap freeipa-ldaps samba-client > ssh > ports: > ma

Re: "Workstation" Product defaults to wide-open firewall

On 9 December 2014 at 18:19, Kevin Kofler wrote: > If you're a developer, surely you know what a port is and can make a few > clicks in firewall-config or system-config-firewall to open it! A > "developer" who can't even figure that out is a HORRIBLE developer! Yup, that's me. A horrible develope

Re: "Workstation" Product defaults to wide-open firewall

On Dec 9, 2014 11:33 AM, "Chuck Anderson" wrote: > > On Tue, Dec 09, 2014 at 11:16:54AM -0700, Pete Travis wrote: > > But seriously, there's an implication in this thread that there will be > > work happening to give stuff a path to ask for an open port. Where can we > > follow along with that ef

Re: "Workstation" Product defaults to wide-open firewall

So, since I was accused of "ignoring" the main part of this mail, let's answer it: Stephen Gallagher wrote: > I think you're forgetting the core tenet of security: good security is > *always* layered. But Workstation is basically removing the outer layer. > Also yes: I keep my irreplaceable and

Re: "Workstation" Product defaults to wide-open firewall

Am 09.12.2014 um 19:45 schrieb Bastien Nocera: Richard Hughes wrote: So do I! I'm a developer, which spin do I use so that the firewall doesn't get in my way? We can't develop a *product* based around what you specifically want, not me, nor anyone else on this list. If you're a developer, sur

Re: "Workstation" Product defaults to wide-open firewall

- Original Message - > Richard Hughes wrote: > > So do I! I'm a developer, which spin do I use so that the firewall > > doesn't get in my way? We can't develop a *product* based around what > > you specifically want, not me, nor anyone else on this list. > > If you're a developer, surely

Re: "Workstation" Product defaults to wide-open firewall

Am 09.12.2014 um 19:33 schrieb Chuck Anderson: On Tue, Dec 09, 2014 at 11:16:54AM -0700, Pete Travis wrote: But seriously, there's an implication in this thread that there will be work happening to give stuff a path to ask for an open port. Where can we follow along with that effort? Starting

Re: "Workstation" Product defaults to wide-open firewall

On Tue, Dec 09, 2014 at 11:16:54AM -0700, Pete Travis wrote: > But seriously, there's an implication in this thread that there will be > work happening to give stuff a path to ask for an open port. Where can we > follow along with that effort? Starting with, say, how I might change > `nikola runse

Re: "Workstation" Product defaults to wide-open firewall

Michael Catanzaro wrote: > The default for an invalid TLS certificate should be to fail, no > exceptions, since we know that a user clicking Yes is almost always > picking the wrong option. Nonsense (and this is one of the reasons I hate Firefox). The right answer for an "invalid" TLS certificate

Re: "Workstation" Product defaults to wide-open firewall

Przemek Klosowski wrote: > I think that we should start with the low hanging fruit and simplify the > firewall zones to two : a public, restricted one and a home/private with > more ports open; selected by user for each new interface. Those 2 zones are basically what is defined now with that Works

Re: "Workstation" Product defaults to wide-open firewall

Brian Wheeler wrote: > Ok, so what product/spin am I supposed to use? I'm a RHEL sysadmin > but I use Fedora on my desktop & laptop. I expect the firewall > to be on so when I evaluate a new piece of software or do a bit of > network development I don't inadvertently increase my e

Schedule for Wednesday's FESCo Meeting (2014-12-10)

Following is the list of topics that will be discussed in the FESCo meeting Wednesday at 18:00UTC in #fedora-meeting on irc.freenode.net. To convert UTC to your local time, take a look at http://fedoraproject.org/wiki/UTCHowto or run: date -d '2014-12-10 18:00 UTC' Links to all tickets belo

Re: "Workstation" Product defaults to wide-open firewall

Am 09.12.2014 um 19:13 schrieb Kevin Kofler: Michael Catanzaro wrote: The default for an invalid TLS certificate should be to fail, no exceptions, since we know that a user clicking Yes is almost always picking the wrong option. Nonsense (and this is one of the reasons I hate Firefox). The ri

Re: "Workstation" Product defaults to wide-open firewall

Christian Schaller wrote: > I think the part of the sentence you probably missed was "if you are aware > and understand the finer details here", because for anyone who doesn't > understand the finer details here you are suggesting we default the system > to 'broken'. s/broken/secure/ "Secure by d

Re: "Tick-tock" release cadence?

On Mon, Dec 8, 2014 at 2:18 PM, Brendan Conoboy wrote: > On 12/04/2014 06:39 AM, Matthew Miller wrote: >> >> What do you think? Would this help towards the goals listed above? >> Would it help _other_ things? What downsides would it bring? > > > It sounds a lot like releasing a new compose of an e

Re: "Workstation" Product defaults to wide-open firewall

Richard Hughes wrote: > So do I! I'm a developer, which spin do I use so that the firewall > doesn't get in my way? We can't develop a *product* based around what > you specifically want, not me, nor anyone else on this list. If you're a developer, surely you know what a port is and can make a few

Re: "Workstation" Product defaults to wide-open firewall

On Dec 9, 2014 10:54 AM, "Stephen John Smoogen" wrote: > > > > On 9 December 2014 at 10:46, Alec Leamas wrote: >> >> On 09/12/14 18:39, Stephen John Smoogen wrote: >>> >>> >>> >>> On 9 December 2014 at 10:27, Chris Murphy > >> >> [cut] >> >>> OS X's firewall is disabled by default. Where's th

Re: "Workstation" Product defaults to wide-open firewall

On Tue, 2014-12-09 at 10:19 -0500, Bastien Nocera wrote: > > - Original Message - > > Hi, > > > > > > I also thought that the whole points of having Zones etc, was so that > > > > we could pick a different zone per network connection, > > > > /me too. > > > > > > so if I'm in the office

Re: [Test-Announce] Fedora 22 nightly compose 2014-12-08 nominated for testing

On Mon, 2014-12-08 at 19:06 -0800, Adam Williamson wrote: > Hi, folks. So after this morning's meeting, I worked today to implement > nightly build support in the mediawiki template magic and in relval. We > don't yet have the bits to listen out for composes, create the results > pages when anacond

Re: "Workstation" Product defaults to wide-open firewall

On 09/12/14 18:53, Stephen John Smoogen wrote: In the end, this is a tempest in a teapot. The release is out and it is done. I don't like it, but my yelling and screaming and spitting in an autistic rage did not fix it so its time to move on so that is what I am going to do. Amen --alec -- d

Re: "Workstation" Product defaults to wide-open firewall

On 9 December 2014 at 10:46, Alec Leamas wrote: > On 09/12/14 18:39, Stephen John Smoogen wrote: > >> >> >> On 9 December 2014 at 10:27, Chris Murphy > > > [cut] > > OS X's firewall is disabled by default. Where's the outcry? >> >> >> It was a long time ago and it basically caused it to have

Re: "Workstation" Product defaults to wide-open firewall

On 12/09/2014 11:46 AM, Richard Hughes wrote: I don't think it makes much sense for people to stamp their feet saying "BUT I LIKED THE OLD WAY OF DOING THINGS" when the people leading the workstation product have identified that the old way of doing things just

Re: "Workstation" Product defaults to wide-open firewall

On 09/12/14 18:39, Stephen John Smoogen wrote: On 9 December 2014 at 10:27, Chris Murphy [cut] OS X's firewall is disabled by default. Where's the outcry? It was a long time ago and it basically caused it to have extra configurations before it could be 'ok'd' for various corporate and

Agenda for Env-and-Stacks WG meeting (2014-12-10)

WG meeting will be at 12:00 UTC (07:00 EST, 13:00 Brno, 7:00 Boston, 21:00 Tokyo, 22:00 Brisbane) in #fedora-meeting on Freenode. = Topics = * Follow-ups * languages repositories * SCLs * Chairman for next meeting * Open Floor -- devel mailing list devel@lists.fedoraproject.org https://admin.f

Re: "Workstation" Product defaults to wide-open firewall

On 9 December 2014 at 10:27, Chris Murphy wrote: > On Mon, Dec 8, 2014 at 11:59 PM, William B > wrote: > > > The true crux of this issue is the over complexity that firewalld has > brought to fedora, and the fact that a quality UI for managing it does not > exist yet. > > > > OSX solves this iss

Re: "Workstation" Product defaults to wide-open firewall

On Tue, Dec 9, 2014 at 2:08 AM, Nikos Mavrogiannopoulos wrote: > On Tue, 2014-12-09 at 17:29 +1030, William B wrote: >> > > I just happened to look at the firewalld default settings, and I >> > > was not amused when I noticed this: >> > > http://pkgs.fedoraproject.org/cgit/firewalld.git/tree/Fedor

Re: "Workstation" Product defaults to wide-open firewall

On 12/09/2014 10:27 AM, Chris Murphy wrote: > On Mon, Dec 8, 2014 at 11:59 PM, William B wrote: > >> The true crux of this issue is the over complexity that firewalld has >> brought to fedora, and the fact that a quality UI for managing it does not >> exist yet. >> >> OSX solves this issue by h

Poll: How users use DNF

Dear users of YUM and DNF, I'm writing to you regarding a request for your feedback. I would be very grateful if you could send me a brief description of how you use YUM or DNF currently or how would you like to use it. I am particularly interested in the occurrences of "dnf/yum install" calls

Re: "Workstation" Product defaults to wide-open firewall

On Mon, Dec 8, 2014 at 11:59 PM, William B wrote: > The true crux of this issue is the over complexity that firewalld has brought > to fedora, and the fact that a quality UI for managing it does not exist yet. > > OSX solves this issue by having an "on or off" button, and a list of > applicatio

Re: "Workstation" Product defaults to wide-open firewall

On 9 December 2014 at 14:18, Brian Wheeler wrote: > I also expect things to work with the minimum amount of fuss. So do I! I'm a developer, which spin do I use so that the firewall doesn't get in my way? We can't develop a *product* based around what you specifically want, not me, nor anyone else

Re: Request to take over orphaned python-mutagen

That's a good thing. Looking forward to seeing the new version made available which now supports Python3. Thanks Michele! On Tue, Dec 9, 2014 at 1:21 AM, Michele Baldessari wrote: > Hi all, > > as per [1], I'd like to take over the orphaned python-mutagen package. > Let me know if there are an

Fedora ARM & AArch64 Status Meeting Minutes 2014-12-09

== #fedora-meeting-2: Fedora ARM & AArch64 Status Meeting == Meeting started by pwhalen at 15:02:22 UTC. The full logs are available at http://meetbot.fedoraproject.org/fedora-meeting-2/2014-12

Re: "Workstation" Product defaults to wide-open firewall

On 12/08/2014 06:41 PM, Reindl Harald wrote: the security community is usually very clear: * forbid as much as you can by default * allow only what *really* is needed to get the work done ...and this is the tricky part---you want tightly defined functionality, and other people want to install a

Re: "Workstation" Product defaults to wide-open firewall

Hi, > > Side Note: For the latter we need to cleanup the zones though. There > >are *way* to many to choose from, and the names suck big > >time. WTF is a "Fedora$product" zone? And wasn't that > >discussed before on this list? Why do we *still* have this

Re: Announcing Fedora 21!

thanks! seeding the torrent images from now on via "qbittorrent-nox" http://torrent.fedoraproject.org/torrents/Fedora-Server-DVD-x86_64-21.torrent http://torrent.fedoraproject.org/torrents/Fedora-Server-DVD-i386-21.torrent http://torrent.fedoraproject.org/torrents/Fedora-Live-Workstation-x86_64

Re: "Workstation" Product defaults to wide-open firewall

On 12/09/2014 10:11 AM, Bastien Nocera wrote: The defaults for the various products are "packaged" by zones. You just need to change the firewalld zone to get whatever is the default on the server side. Ok, so it's another item on my list of "th

[Bug 1163236] perl-Git-CPAN-Patch-2.0.3 is available

https://bugzilla.redhat.com/show_bug.cgi?id=1163236 Petr Šabata changed: What|Removed |Added Depends On||1172210 Referenced Bugs: https://bugz

Re: "Workstation" Product defaults to wide-open firewall

Am 09.12.2014 um 16:40 schrieb Christian Schaller: - Original Message - From: "Reindl Harald" To: devel@lists.fedoraproject.org Sent: Tuesday, December 9, 2014 10:04:46 AM Subject: Re: "Workstation" Product defaults to wide-open firewall Am 09.12.2014 um 15:57 schrieb Christian Schal

Re: "Workstation" Product defaults to wide-open firewall

- Original Message - > From: "Reindl Harald" > To: devel@lists.fedoraproject.org > Sent: Tuesday, December 9, 2014 10:04:46 AM > Subject: Re: "Workstation" Product defaults to wide-open firewall > > > Am 09.12.2014 um 15:57 schrieb Christian Schaller: > > Well I think it is hard for

Re: "Workstation" Product defaults to wide-open firewall

On 12/09/2014 11:01 AM, Christian Schaller wrote: - Original Message - From: "Gerd Hoffmann" To: "Development discussions related to Fedora" Sent: Tuesday, December 9, 2014 10:22:01 AM Subject: Re: "Workstation" Product defaults to wide-open firewall On Di, 2014-12-09 at 08:16 -05

Re: "Workstation" Product defaults to wide-open firewall

- Original Message - > On Tue, 9 Dec 2014 10:09:07 -0500 (EST) > Bastien Nocera wrote: > > > > > > > - Original Message - > > > On Mon, 8 Dec 2014 05:45:56 -0500 (EST) > > > Bastien Nocera wrote: > > > > > > > No, because that'd be awful UI. > > > > > > Is it really so awfu

Re: "Workstation" Product defaults to wide-open firewall

- Original Message - > From: "Gerd Hoffmann" > To: "Development discussions related to Fedora" > > Sent: Tuesday, December 9, 2014 10:22:01 AM > Subject: Re: "Workstation" Product defaults to wide-open firewall > > On Di, 2014-12-09 at 08:16 -0500, Bastien Nocera wrote: > > > > ---

Re: "Workstation" Product defaults to wide-open firewall

On Mon, 8 Dec 2014 05:45:56 -0500 (EST) Bastien Nocera wrote: > No, because that'd be awful UI. Is it really so awful to ask a user: "Do you want to expose Eclipse to the network ?" (of course worded in a better way than my poor English skills can do). I think users can understand such a questi

Re: "Workstation" Product defaults to wide-open firewall

On Tue, 9 Dec 2014 10:09:07 -0500 (EST) Bastien Nocera wrote: > > > - Original Message - > > On Mon, 8 Dec 2014 05:45:56 -0500 (EST) > > Bastien Nocera wrote: > > > > > No, because that'd be awful UI. > > > > Is it really so awful to ask a user: > > "Do you want to expose Eclipse to

Re: Allow internet/network access based on binary -- ask user for permission if a binary wants to connect to the internet

- Original Message - > You can do this with SELinux and confined users somewhat. > > YOU basically could setup a user as xguest with no network access and > then write > policy to transition to certain domains that can use the internet. No > ability to prompt the user > though. > > Thi

Re: "Workstation" Product defaults to wide-open firewall

On Di, 2014-12-09 at 08:16 -0500, Bastien Nocera wrote: > > - Original Message - > > On Tue, Dec 09, 2014 at 12:54:59PM +0100, Gerd Hoffmann wrote: > > > Why we can't have something like this? And if you don't want a popup > > > asking, have something in the NetworkManager applet menu, wh

Re: "Workstation" Product defaults to wide-open firewall

- Original Message - > Hi, > > > > I also thought that the whole points of having Zones etc, was so that > > > we could pick a different zone per network connection, > > /me too. > > > > so if I'm in the office or at home I can say use this zone, if I'm > > > at a coffee shop I can pic

Re: "Workstation" Product defaults to wide-open firewall

- Original Message - > On 12/09/2014 08:50 AM, Richard Hughes wrote: > > > > On 9 December 2014 at 13:39, Michael Catanzaro wrote: > > > > So your challenge is to find an alternative default that > supports it. > I'd go even further. I don't think the people writing the vast number

Re: "Workstation" Product defaults to wide-open firewall

- Original Message - > On Mon, 8 Dec 2014 05:45:56 -0500 (EST) > Bastien Nocera wrote: > > > No, because that'd be awful UI. > > Is it really so awful to ask a user: > "Do you want to expose Eclipse to the network ?" (of course worded in a > better way than my poor English skills can d

Re: "Workstation" Product defaults to wide-open firewall

On 12/09/2014 03:57 PM, Christian Schaller wrote: - Original Message - From: "Brian Wheeler" To: devel@lists.fedoraproject.org Sent: Tuesday, December 9, 2014 9:18:47 AM Subject: Re: "Workstation" Product defaults to wide-open firewall On 12/09/2014 08:50 AM, Richard Hughes wrote:

Announcing Fedora 21!

Fedora 21 Release Announcement == The Fedora Project is pleased to announce the release of Fedora 21, ready to run on your desktops, servers, and in the cloud. Fedora 21 is a game-changer for the Fedora Project, and we

Re: "Workstation" Product defaults to wide-open firewall

Am 09.12.2014 um 15:57 schrieb Christian Schaller: Well I think it is hard for anyone to guess what would be reasonable defaults for you specifically, any default is by its nature just targeting an generic person, which might or might not be a lot like you. But if you are aware and understand

  1   2   >