Bug ID 1090372
Summary Server System Roles have suboptimal default firewall settings
Classification openSUSE
Product openSUSE Tumbleweed
Version Current
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Installation
Assignee rbrown@suse.com
Reporter rbrown@suse.com
QA Contact jsrain@suse.com
Found By ---
Blocker --- 

sshd is still disabled and blocked by default on openSUSE Leap 15 and
Tumbleweed server roles at time of writing

There are 3 control.xml parameters that control this

<enable_firewall config:type="boolean">  - Enables the firewall
<firewall_enable_ssh config:type="boolean"> - opens the SSH port in the
firewall
<enable_sshd config:type="boolean"> - enables sshd

Currently the settings are

enable_firewall - True
firewall_enable_ssh - False
enable_sshd - Undef (False)

Discussing this with Ludwig his desire for Leap 15.1 will be to have the
following for the server system roles

enable_firewall - False
firewall_enable_ssh - Doesn't matter if enable_firewall is false
enable_sshd - True

I'm tempted to agree and plan to implement this in Tumbleweed. This bug is
therefore here to remind myself to do that, or give people a chance to object
before I get around to it.

You are receiving this mail because: