No, it’s a default Fedora installation which is configured with the help of Ansible. For setup a system like the Fedora Security Lab Test bench some file modifications are needed. Live CDs don’t allow to ship modified content or files.
Because the Package Review process in Fedora is slow (even for simple packages it takes months and I wanted to have the FSL Test bench now). Most software core parts are coming out of the Fedora Package Collection. The surrounding items and the configuration are installed by Ansible out of their upstream sources.
I don’t think so, but never say never. We are customizing configuration files. Those configuration files are modified during the setup process to match the provided environment. The web interface is dynamically generated according your choises on the fly. This is not possible with a Spin.
No, because one big issue is trust. Providing a VM is like shipping a blackbox. You have to trust us about what’s inside the VM. By using Ansible’s playbooks you can see what steps are taken to setup the FSL Test bench. You are in control of every setup step, nothing is hidden and everything is transparent. The core components are installed out of the Fedora Package Collection on top of a minimal Fedora installation. This ensure that the operating system runs the latest packages and behave with integrity.
As mentioned on the setup page a DNS/DHCP server is a requirement. For security purposes we suggest that you use a dedicated network for setup your FSL Test bench.
For the setup access to the internet of the system which will host the FSL Test bench is needed. When the setup is finished, you can shutdown the internet access. DO NOT expose the FSL Test bench to the internet. Bad things could happen. You have been warned.
Yes, you can. Periodically the fsl-packages.yml playbook get synced. This ways you don’t need to clone the Fedora Security Lab git repository to install Fedora Security Lab host.
The reason is simple DNF will become the next default Package manager for Fedora. And as always we wanted to be ahead of the rest of the world.
No. This is project is a proof of concept only at the moment.
Creating a libvirt-based virtual machine and using Ansible to configure it, takes something between 25 and 30 minutes. It heavily depends on your hardware and the speed of your internet connection.
Yes, it is. Basically we skipped the discussions and just made an implementation which we think is feasible for our needs.
Because github offers easy access to the git repositories for everyone not only Fedora contributors. To get as many contributions as possible we need to be as open as possible. The Fedora Security Lab is hosted on Fedorahosted.org and we don’t plan to change that.
Sure, contributions are appriciated. Please for the Fedora Security Lab Test bench repository and when you are done, open a Pull request.
Please follow the Fedora Project guidelines in this matter. The Forbidden items page in the Fedora Wiki is a good starting place. The item to include must be under an open source license, not proprietary, and not violate laws.