All the discussion of clustering and virtualization projects are nice,
and this all seems like what should be happening with a maturing
platform like BQ: others pick it up, make tweaks and add-ons, and then
offer commercial support. Actually the price seems reasonable to me,
considering the amount of time needed to do this yourself (or compared
with the price of VMware VI3/ESX).
However, clustering and virtualization isn't my biggest concern as we
move forward to a new OS...
Top on my list as BQ is ported to CentOS5, is the possibility of keeping
the default SElinux policy. This policy is what protects most network
services, like Apache and BIND. I can understand if the web admin-server
may be difficult to protect, but at least I would like to see all the
other services protected. Also some simple tools to allow common things,
relabeling of the filesystem, or to disable SElinux for certain
services. I don't really see a need to disable protection for FTP or
POP3/IMAP, but disabling other services might be required to appeal to
the largest audience. Kind of a 'secure by default' setup (including
iptables, but that can be a separate discussion), and easy to disable if
ever needed.
Does anyone else want to use SElinux protection? Is there anyone else
familiar with SElinux willing to help out?
Rusty