Bug 169584

Summary: Tutorial does not currently cover security config. requirements
Product: [Fedora] Fedora Documentation Reporter: Stuart Ellis <stuart>
Component: docs-requestsAssignee: Paul W. Frields <stickster>
Status: CLOSED CURRENTRELEASE QA Contact: Karsten Wade <kwade>
Severity: medium Docs Contact:
Priority: medium    
Version: develCC: kwade, stickster
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: 0.37.1 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-11-27 15:38:05 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 130125    
Attachments:
Description Flags
Amends HTTP setup description
none
Amends HTTP setup description (v.2) none

Description Stuart Ellis 2005-09-29 21:00:19 UTC 
Description of problem:

By default, a Fedora server has both a firewall and SELinux enabled.
Enabling access to the file transfer/sharing service requires changing settings
on system-config-securitylevel. Depending on the root directory and services
involved, it may also require SELinux policy modifications for the facility to
work. 

Details may depend upon the default service or use cases - see also #169581 for
some comments on this.
Comment 1 Paul W. Frields 2005-10-12 22:21:56 UTC 
I'm glad you filed this and #169581, because you made me remember how much I
hated the way this tutorial flowed the last time I looked at it.  It has
languished so long in CVS that much of it has become deprecated
(system-config-packages), and without s-c-p, there's really no longer any reason
to include NFS in the tutorial.  I am gutting that whole section to keep this
aligned with the "Just Use Yum(tm)" philosophy. :-)  Thanks for making me see
the light.
Comment 2 Paul W. Frields 2005-10-16 23:59:05 UTC 
Please check this against the new beta 0.33 and let me know if the current text
seems to suffice.
Comment 3 Stuart Ellis 2005-10-23 21:15:47 UTC 
Created attachment 120295 [details]
Amends HTTP setup description

Attached is a patch that corrects a couple of the commands, adds firewall
setup, and a note on SELinux.

Note that in order to allow for servers where Apache is already installed I've
split installing Apache and adding the configuration into separate sections.
This introduces an extra </section> tag later - which is why diff has all of
the createrepo and yum-arch sections as well. There are actually no changes to
the text in those sections in this patch.
Comment 4 Paul W. Frields 2005-11-01 21:34:45 UTC 
Hmm, I get total failures when I try to apply this to the CVS version.  Can you
make sure your local copy is updated, and regenerate?  The version in CVS was
last changed 17 Oct 2005; it's not a conflict fortunately.
Comment 5 Stuart Ellis 2005-11-09 00:09:35 UTC 
Created attachment 120829 [details]
Amends HTTP setup description (v.2)

OK, this amended patch applies cleanly to a fresh copy of the document from
CVS.
Comment 6 Paul W. Frields 2005-11-09 23:43:59 UTC 
Thanks Stuart!  Keep in mind that you're free to change the NEEDINFO back to
ASSIGNED to make sure the bug turns up on the owner's list of assigned bugs.  I
made a few style edits and added an extra "su -c" where it was needed, otherwise
it looks good.  Pushed CVS to 0.35 and republished on site; I am going to ask
for this to go to final editorial (QA_READY) at this point since no one else has
brought up any shortcomings.
Comment 7 Stuart Ellis 2005-11-10 00:32:31 UTC 
The reload line in section 3.2 should also use su -c, i.e.:

su -c '/sbin/service httpd reload'

Mea culpa.
Comment 8 Paul W. Frields 2005-11-27 15:38:05 UTC 
All fixed in CVS, should be on web shortly as well.
Comment 9 eric 2009-07-07 04:09:11 UTC 
Ticket moved to allow products to be removed from BZ.