On Fri, 2019-11-08 at 13:58 +0100, Andrea Bolognani wrote:
On Fri, 2019-11-08 at 09:22 +0100, Erik Skultety wrote:
> On Thu, Nov 07, 2019 at 07:51:57PM +0100, Andrea Bolognani wrote:
> > Both CentOS and Fedora have had this enabled by default up until
> > now, but that's no longer the case as of Fedora 31. Enabling it
> > explicitly makes the first connection work as expected on the
> > newer distributions without impacting the older ones negatively.
>
> Now that I read ^this, I'm wondering whether it wouldn't be worth also
adding
>
> services --enabled sshd
>
> to the kickstart - I know, this is only useful with the workstation flavour
> which comes with SSH daemon disabled, but I think it doesn't hurt to specify
> this explicitly, especially in context of ansible, just my 2c.
I wonder which specific component disables sshd for the Workstation
flavor? Is there a chance the corresponding package is simply not
installed in the first place?
Found it:
$ rpm -ql fedora-release-workstation-31-1.noarch
/usr/lib/os-release
/usr/lib/swidtag/fedoraproject.org/org.fedoraproject.Fedora-edition.swidtag
/usr/lib/systemd/system-preset/80-workstation.preset
/usr/share/glib-2.0/schemas/org.gnome.shell.gschema.override
/usr/share/polkit-1/rules.d/org.projectatomic.rpmostree1.rules
$ cat /usr/lib/systemd/system-preset/80-workstation.preset
#
# Fedora Workstation
#
# disable sshd socket by default on workstation
disable sshd.socket
# disable sshd service by default on workstation
disable sshd.service
# enable cups on-demand socket activation by default on workstation
#
https://pagure.io/fedora-workstation/issue/8
enable cups.socket
enable cups.path
disable cups.service
So I would say we don't need to concern ourselves with it.
--
Andrea Bolognani / Red Hat / Virtualization