Bug 454692

Summary: Add checkbox for Cluster Suite to trusted services
Product: Red Hat Enterprise Linux 5 Reporter: Nate Straz <nstraz>
Component: system-config-securitylevelAssignee: Thomas Woerner <twoerner>
Status: CLOSED WONTFIX QA Contact:
Severity: medium Docs Contact:
Priority: high    
Version: 5.2CC: bstevens, cfeist, pknirsch, theo_nra
Target Milestone: rcKeywords: FutureFeature
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://www.redhat.com/docs/manuals/enterprise/RHEL-5-manual/en-US/RHEL510/Cluster_Administration/s2-iptables-clnodes-CA.html
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
: 493668 (view as bug list) Environment:
Last Closed: 2012-10-25 07:03:52 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 456578    

Description Nate Straz 2008-07-09 19:05:55 UTC
Description of problem:

Red Hat Cluster Suite requires a number of ports to be open as stated in the
Cluster Admin guide (see url).  We should include a checkbox in
system-config-securitylevel to open all related ports in one step.


Version-Release number of selected component (if applicable):
system-config-securitylevel-1.6.29.1-2.1.el5

Comment 2 Thomas Woerner 2009-01-26 13:37:37 UTC
Looking at the examples in the url mentioned above, I see that there are input, source and destination addresses. There is no way in system-config-securitylevel to handle IP addresses. Are these needed?

BTW: Adding services to system-config-securitylevel requires big code changes in C and Python.

Comment 3 Nate Straz 2009-02-05 14:06:06 UTC
No, the IP address and netmask are not important here.  We run multiple clusters on the same networks without firewalls and they do not interfere with each other.  There is no need to restrict to IP and netmask with iptables rules.

Comment 5 RHEL Program Management 2009-03-26 17:01:14 UTC
This request was evaluated by Red Hat Product Management for
inclusion, but this component is not scheduled to be updated in
the current Red Hat Enterprise Linux release. If you would like
this request to be reviewed for the next minor release, ask your
support representative to set the next rhel-x.y flag to "?".

Comment 6 RHEL Program Management 2009-11-06 18:54:49 UTC
This request was evaluated by Red Hat Product Management for
inclusion, but this component is not scheduled to be updated in
the current Red Hat Enterprise Linux release. If you would like
this request to be reviewed for the next minor release, ask your
support representative to set the next rhel-x.y flag to "?".

Comment 9 RHEL Program Management 2012-10-10 11:54:15 UTC
Thank you for submitting this issue for consideration. Red Hat Enterprise Linux 5 has reached the end of Production 1 Phase of its Life Cycle.  Red Hat does not plan to incorporate the suggested capability in a future Red Hat Enterprise Linux 5 minor release. If you would like Red  Hat to re-consider this feature request and the requested functionality is not currently in Red Hat Enterprise Linux 6, please re-open the request via appropriate support channels and provide additional supporting details about the importance of this issue.