I'm not really sure what might break here, we've always used -nevershared
since the vnc code was first added to Anaconda waaaay back when. But it's
worth testing in rawhide to see what falls over I suppose.

--
jlk

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list

Hi,

I think this was disabled to prevent eavesdropping on the install, much like we allowed only one install ssh session. So boot option would probably be better here.

Other than that, the patch is fine and I have used this myself successfully when playing with my prototype of pipeable text only vnc client.

Martin

----- Original Message -----
> I'm not really sure what might break here, we've always used
> -nevershared
> since the vnc code was first added to Anaconda waaaay back when. But
> it's
> worth testing in rawhide to see what falls over I suppose.
>
> --
> jlk
>
> _______________________________________________
> Anaconda-devel-list mailing list
> Anaconda-devel-list@redhat.com
> https://www.redhat.com/mailman/listinfo/anaconda-devel-list
>

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list

On 05/30/2012 02:07 AM, Martin Sivak wrote:

Hi,

I think this was disabled to prevent eavesdropping on the install,
much like we allowed only one install ssh session. So boot option
would probably be better here.

Other than that, the patch is fine and I have used this myself
successfully when playing with my prototype of pipeable text only vnc
client.


Well, a vnc password should be enough to prevent eavesdropping, and it
already supported. I'd rather not introduce even more command line
arguments. Maybe just documentation is needed here.


Also, are you really sure we only allow one install ssh session? 'cause
I've sshed in as root@ multiple times in my testing, no restriction. Of
course, can't do multiple install@ because the shell for that user is
/sbin/anaconda


Are there any other opinions here?

--
Jesse Keating
Fedora -- Freedom² is a feature!

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list

On Wed, May 30, 2012 at 12:17:39PM -0700, Jesse Keating wrote:
> On 05/30/2012 02:07 AM, Martin Sivak wrote:
> >Hi,
> >
> >I think this was disabled to prevent eavesdropping on the install,
> >much like we allowed only one install ssh session. So boot option
> >would probably be better here.
> >
> >Other than that, the patch is fine and I have used this myself
> >successfully when playing with my prototype of pipeable text only vnc
> >client.
>
> Well, a vnc password should be enough to prevent eavesdropping, and
> it already supported. I'd rather not introduce even more command
> line arguments. Maybe just documentation is needed here.
>
> Also, are you really sure we only allow one install ssh session?
> 'cause I've sshed in as root@ multiple times in my testing, no
> restriction. Of course, can't do multiple install@ because the
> shell for that user is /sbin/anaconda
>
> Are there any other opinions here?

Our default has been to allow access without a password, even if it is a
race to see who can connect to vnc first. If they need security they
should be setting a password so I'm fine with a change to using sharing
by default.

--
Brian C. Lane | Anaconda Team | IRC: bcl #anaconda | Port Orchard, WA (PST8PDT)
_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list