[Freeipa-users] Server Ports

[Martin Kosek]

On 04/03/2014 09:46 AM, Justin Brown wrote:
> Petr,
> 
> I'll try another replica for testing tomorrow, and unfortunately the
> logs were purged when I reinstalled. The error message was not helpful
> and said something along the lines of CA installation failed, but did
> not list any reason. I'll get you the exact message tomorrow. I'll
> also try some more network tests as I have all of the ports that you
> listed plus some additional Dogtag ports, which I've come to
> understand are now proxied through 7389.
> 
>> Patches are welcome :-)
> 
> Yes, you've got me. ;) I'll review the Firewalld packaging in more
> detail and try to come up with a workable solution. It's not currently
> possible to do meta-services in firewalld, and I'm sure the FreeIPA
> developers don't want a hard dependency on firewalld via a
> hypothetical freeipa-server-firewalld dependency. I'm sure some
> solution is possible -- maybe even just in the documentation.
> 
> Thanks,
> Justin

Hi Justin,

Petr is right, patches and contributions are extremely welcome :-)

Let me just pass the initial information in case you'd want to accept this
challenge:

How to contribute: http://www.freeipa.org/page/Contribute/Code
Trac ticket with related information and links to Bugzillas:
https://fedorahosted.org/freeipa/ticket/2110

Actually I do not think that freeipa-server-firewalld or similar is that bad
idea. We already thought of shipping our own firewalld file(s) and such
subpackage may be a way to go. This is something that can be discussed on
freeipa-devel list.

Martin