 record okay hello everyone my name is Alberto Riz I work for the desktop ish team at Red Hat and for the last year and a half my focus I've been working on Flick Commander so I try to explain what Flick Commander is and isn't our focus is to provide large-scale configuration management for user sessions in a non-intrusive way so you can think of it almost as Ansible for the desktop so a lot of people have asked me so can you use Ansible why why wouldn't you use Ansible and the answer lies in how desktop applications work and how we actually manage the user data in Linux for first of all like if you have an organization with a hundred thousand people a bunch of them maybe on the road or working from home you don't necessarily have an SSH port to get to and bring your data in and run commands in and on top of that this desktop configuration is usually stored in the home directory and you don't want to enter in the home directory of every user maybe while they're even running their software so Ansible doesn't quite fit the model of user sessions user desktop user sessions so we have to come up with something slightly different so the same principle is that you store all the profile data centrally and each host will pull the data from that central repository and it will somewhat compile it down to something that the apps can can find and use so we're working with the app streams to to make sure that at least the most common set of applications actually do work with our system so to give you a big of history and background every time we go out there and we try to get Linux in big enterprise or even small-sized companies with maybe 10 15 computers the one question we get asked is well do you have a counterpart to Microsoft Active Directory and Microsoft Active Directory is basically a bundle is a computer part to free IPA in our world and it's basically a bundle what why do you laugh well if you come from the Linux world that's your route to so basically it's it's a combination of two things so it's a bunch of administration tools an LDAP server and a bunch of all this stuff so the way are you the use case fleet commanders trying to cover the way the Microsoft guys do it is they have this huge directory of hierarchy of settings and keys for different things in mostly Microsoft apps but some other apps might provide their own templates but basically Microsoft developers and ISVs have to provide their own templates to manage this thing here which is cumbersome and a bit counterintuitive but it the end result is like this is way better than the experience in Linux so far where you basically have to write your own RPMs shell scripts even sometimes like pack stuff so that you can you have some sort of interface to the boost up there but right now when I see something that is used to these kind of tools to get the scale that they need there hasn't been a compelling answer to them there has been a few times funny thing ten years ago I got hired by a side macro systems to open source a protocol APOC and APOC basically did the same thing that the commander did but it was quite focused on Solaris and the Solaris desktop and it was developed as a closed source app my job was to open source it but there were a bunch of it was a Java web app and it had a bunch of dependencies on things that were never open source so the project unfortunately died and couldn't live on but we did open source a lot of a lot of the stuff and the design principles around it actually live on in the commander and the other attempt that was done also about ten ish years ago by Alex Larson already a red hat I was called Savayon and Savayon solved the other end of the problem so instead of using these handwritten templates it created a next nest session with a special user and you could open your apps and change your configuration and it will read the configuration and you will get a log of the configurations that like what you wanted and bundle everything to a profile the one thing that Savayon never quite solved was the deployment story so they did some work to make it work without that somehow so bundling the Savayon profile into an all that repository but it was all hand it was all a bunch of commands that you have to add and things didn't quite work as mostly as a as a demanding C suddenly will want so I'm gonna give you an overview of the architecture basically main component of the commander is its admin interface and it runs on top of cockpit it's a cockpit plugin so we get all the stuff that's done for free like Divas access authentication using the local username and password so we get rid of all the all the overhead of having to run your own infrastructure to do like a web service in your machine plus it gives us a lot of access to a lot of knowledge from the cockpit team who are probably more willing to help us given that we're using their stuff so that's been that's been great so one thing that we do on our admin interface and I'll show you later with the screen shots and the demo is we reuse this concept of from Savayon where you have this virtual session where you actually configure your app live instead of creating a template for every app and so to do that we need a VM and we connect to that VM remotely using spies on the browser using the HTML5 JavaScript implementation so that means you can access remotely to the session without having to stall any plugins or extensions in your browser and from any OS so so indeed from any OS part is important because we're trying to target sysadmins that might get a call at 3 a.m. in the morning to redeploy a new configuration somewhere else in the world and they might not have access to a Linux system so enforcing a Linux native app into the whole mix it will be quite unreasonable with regards to the kind of target use cases we're trying to satisfy so that's why we use Libbird so basically you can select a template VM with with the OS and the way it works you just create a VM in boxes and we access your Libbird session user session with the same username and and it'll just show up the machines that you have available you select one it creates a volatile session a temporary session that doesn't write any data on disk so you can do anything with it next time it'll be back to what it was because otherwise if you keep stacking configuration changes after a while you're gonna have a mess of a desktop so it's quite hard to predict how to do things so once your once your settings have been selected we put everything on static files JSON files on static HTTP server right now on the next release we have our own server using Libsup and you but you could also take the same directory and start with using Apache or whatever else we initially I thought that you I thought that using all that might be a good idea but after a few conversations with Alexander Bokoy from from the identity management team it seemed like using static HTTP or HTTP even was a better idea and these days most sysadmins know how to run an HTTP server at scale within their own organization so it's we're not close to thinking about other deployment methods but this seems quite sensitive Can I ask for clarification by HTTP do you mean HTTPS? Absolutely sysadmins because if you don't have HTTPS then you have an amend the middle attack. Ideally you wouldn't run this outside of your network even in your network. If a server configuration gives you an advantage you would be able to inject a profile that the user doesn't have in order to get around something. Right but remember this runs within Cockpit and Cockpit by default is protected by HTTPS. So you could run the static part within the Cockpit as well. The HTTP server is not the one in Cockpit. You can. What I'm saying is that you could do the path within Cockpit that essentially represents this. So right now so by default it will do HTTP but this is the default version is not supposed to go on the production sysadmins. It's a lib-soup server it's not meant to be used at scale. I would definitely put clear documentation in that. Oh yeah yeah yeah HTTPS is wrongly suggested. So at the moment we're still in a quite fast-paced development phase and I'm more worried about getting the word out there and getting knowledge about the project. I mean I do worry about those things and we do we there's a few things I'm not comfortable about how we handle certain things with regards to security. So certainly security overall is a big concern and how we want to isolate Eventually I will want to isolate configuration data by at least by domains or in some way so that not every configuration key is available to everyone but that's the kind of fine tuning that would be easier to do once the core of the architecture is more settled. Because otherwise we're going to be in the middle of the channel. No no no it's a good concern. It's a problem that concerns me as well. You might even want I mean at some point you might even want to have like a root certificate pre-installed in the machines so that only machines that have a certificate on the server side that is trusted by the client are going to be able to deliver stuff. So I do have thoughts on that line but we haven't got to the point where I can worry about that. IP integration will come. Yes what could do with GSS? You can get GSS API and then you actually know which authentication on both sides. Right. So anyway so we have this topic HTTDBS server and we have a bunch of client clients and they all talk to the HTTDBS server. We have free IPA integration being worked on right now. And the idea is that the address for the static server is going to be provided by... So right now you have to put it on your configuration file by hand. But the idea is that there will be a configuration key that is going to be in the forward one. So if you install the package and you're enrolling a domain and free IPA provides you with the data to give you that server, SSSD will pick it up, put it somewhere and our client demon will also pick it up and talk to that server. So the idea is that you will manage the entry point to your network will be the free IPA server. Right. So right now we support most of the GNUMS stack. So everything based on deconf we support it. I already talked about the live session and I'll show you in the demo right now. Provided as serve static files 3DDB. So again non-invasive, all the data provided by the profiles with some exceptions. But basically they're deployed in slash run in special cases for each vertical app. Like deconf keys are stored in slash run slash decon slash user ID file. And then the user deconf knows how to read there and it works in a layered way. So the good thing about this is that you can wipe that data and everything goes back to normal. So that's what I mean with non-invasive. One of our design principles is that as soon as Flip Commander gets out of the way, everything goes back to what it was. So we're not writing onto a home directory of the user. Also the way it works is you only deploy data in slash run if the user logs in. So if you have a thousand users and you have profile data that applies to a thousand of them, you're not going to create a database for the thousand users on every host. We use the login D signal for a login user to build the database quite quickly. So by the time he logs in it's already there. Yeah, so we support LibreOffice and GNOME software has a special feature where you can actually add the recommended apps. So this is a nice way for sysadmins to kind of encourage their users to install certain apps. So once you open GNOME software, sysadmins might choose to select, I don't know, even their own internal apps or things like instead of transmissions showing up there, maybe Eclipse or something like that. We have a special case for that because even though it's based on Decon, there's no UI to change that setting from GNOME software itself, so we have a web UI for that. We're working, well, I'll talk about the future later. So, sir? Do we have Firefox on there as well? No, not yet. So Firefox and Chromium are on our radar, so there's two things. The one we care the most right now is bookmarks. And we were just having a conversation with one of the Chromium developers who's actually here at Vlog. And there seems that we're going to have a way to handle bookmarks. Settings, I have the gut feeling we're going to be able to do it for Firefox, and the gut feeling comes from the fact that when we did APOC at Sun, there was an extension that we did internally for Mozilla. So at least back then, they had the concept of layered configuration providers. And if we can reuse that these days, it should be doable, but then we need to figure out whether AppStream will accept that, or whether we downstream patch it. So that's an open question. We haven't had the capacity to look into that yet, but it's on our radar. It's one of the top priorities once I get the core bits of the app ready. So this is mandatory screenshots. This is cockpit. And the tools menu is the menu for the plugins. So you select the commander once you log in. This will only work if you're an admin on that host, right? And these are like the profiles listed. So we have one for network, one for the settings, one for your office. I'll make you a demo later and you'll see the whole thing, but this is to give you an idea. And this is the virtual session running inside the browser. Again, the idea is you open your app, you go to the settings interface and you tweak your settings. And there's a button up there that says review and submit. So you can review the changes, select the ones you want, and bundle it in your profile. Are there any preset profiles recommended by the Facebook team? No, every organization is quite different. And since it's so easy to create one, it's a bit of a... Plus, I will have to think about how does that fit into the UI and whatnot. So no, we don't have anything else. So demo time. So last vlog, I tried to do a demo and it crashed on me. No, not as of now. We're working on it. We had a meeting a few months ago. So we know how to make it happen. It's not a lot of work, but the free IPA guys have been quite busy. So we didn't make it for... We see we're able to make it happen for Fedora 25, but this is some real monetary way. Maybe not from the free IPA UI, but in a way where you can use it from the command... You know, inject the setting from the command line and then SSD picking it up or something. So that's the two ways of integrating here. One of them is you can log in there and you have this group basis profile application, which means that Fleet Commander needs to know about groups that get identified. That's your part of the solution. And the other one is publishing which Fleet Commander server applies to which hosts. That's on my IPA side. So I made a video of the demo. I didn't want to risk it. So basically I log in into the cockpit UI, go to Fleet Commander plugin. So I create a profile, select the user I want to apply it to. So now the profile is created, but it's empty. So I'm going to add settings through the last session. I select the VM that I want to template. And the VM will boot. The VM, by the way, needs to have the Fleet Commander logger installed, which is the demo that runs on your session listening for any configuration changes. This works with Fedora and Tango system also? Yeah, yeah, yeah. So some of the newest features might not work, but in the long run, our idea is to put this in rel eventually. All the decomp based stuff, like most GNOME apps will work, LibreOffice will work in the next rel update, I guess. So yeah, our focus is rel in center. So yeah, so I select the, for example, the single click to open items setting. So now I can go review the list of changes. So I have all the changes that have been done to decomp in here. So I select the one I'm interested in. It's safe. So now that data is in the profile. So now I manually run the client because it has a polling interval and I just need to hit it manually. So you see that Tilo doesn't do like single click because when it does hit, there's an underline on the text. So I wanted to show them. I didn't fake it. So I run the demon with debugging output just for me to know what's going on. And now, so you see, that underline means that it's single click policy for opening it and you can see it in there. Is this behavior read-only for the user? You can select it to be read-only, but we haven't enabled that on the UI. Yes. However... See, that's where the min and the middle comes in. Yeah. Well, yeah. If you're restricting user actions and someone can inject an alternative profile that would allow... No, the way the way the clients talk to the server, that's something I've been concerned about since the beginning. But it's, again, it's like a technical problem. I need the capacity to concentrate on. But yeah, yeah. So there's two things that worry me with regards to security. One of them is that, like, someone being able to inject stuff into the host. For example, the proxy setting. If you change the proxy setting, you're going to get all the traffic on your own proxy, right? So, yeah, we need to be careful. So it needs to be well-documented. At least the UI should try not to let you do the wrong thing. But that's a stage, probably not for the next cycle, but the cycle after that one. That's where I want to focus on browser support and security aspects around the app. What's the second concern? You said you had two security concerns. Ah, the other one, yeah. So I'm going to demo right now the Network Manager support. Say you create a Network Manager profile and you enter a username-specific password of the sysadmin. Let's say the sysadmin logged into a VPN user using its own password. I don't want to distribute that password, if you know what I mean. So I want that to be opt-in. You just need multiple. You need mutual authentication. Yeah, so what I have in place is a filter. So as of now, I don't ever distribute a password that is specific to the user. But for groups, it's different, because that's actually something you want to deploy because you don't want users having to think about passwords. So the username and the password is something that can be prompted by Network Manager itself, so that's something I want to get out of the way. But for example, for Wi-Fi, you might have a guest Wi-Fi, which you don't care that much about the password of that Wi-Fi, because that's something you just want to constrain somehow, because that's a super secret. So you can preconfigure that one. So let me show you... Oh, sorry. Let me show you the demo for the Network Manager stuff. So again, I have a profile. I select the user I want to apply it to. I go to the live session again. I select my template, and I wait for it to boot. It will take a few seconds, I guess. So yeah, basically, what we've done with the Network Manager, while you're in a session, it allows you to listen for configuration changes through Divas, and it allows you to inject configuration through Divas as well, as long as your user has the capacity to do that. So we've taken advantage of that interface to listen for configuration changes in Network Manager. So what I'm going to do here is I'm going to have a profile for Ethernet. Just as an example, Wi-Fi will work as well, but I don't have a Wi-Fi device on the VM. So now there are ways around that. But there's a special UI for Network Manager called NM Connection Editor, and you can use that to add in kind of thing like a Wi-Fi setting. You can use that as well. So I have the change slot here with the name of the profile, the Ethernet profile. I start on my profile, I run the... Oh yeah, I show that I'm not faking it, so if we go to the Ethernet list of profiles, that's what you get. I run the client demon by hand so that it refreshes the profile data. And I go to the preferences, network pane, go to wire settings, and my profile is right there. And actually if you go inside, you'll see that the NS setting is what we set on the other end. If the settings are system-wide, can you also apply those? Fleet Commander is not meant to be used as a system-wide configuration manager. You will use... You will use Ansible for something like that, but in practice when you have a connection and you don't set... Okay, so in Network Manager when you have a connection configuration block, there's a setting called Permissions, and in Fleet Commander it will always add the permission setting for the user that was logged in. But like you have us, for example, certificate for an entire org, right? Which needs to be... That's different. So there's two options about that. We could choose to bundle the certificate in the profile. That's one of the security concerns I have. I mean, how risky it is to distribute the certificate through your network. That's something I'm not sure about. But then the other thing is you could deploy the certificate through RPM and put it on a static place and then choose the... Because the VM you're using, it might be exactly the same image that you deploy in the rest of the organization. So you could choose to have that. We could also, when we check that a certificate has been set, we can bundle it on the profile using, you know, basically encoding it on the JSON file and then deploy it on the hard disk on a special path and then mongling the paths of there. But in principle, Flip Commander is not meant to be used as a host configuration tool. I mean, in principle. I mean, at some point, I might not be against the idea of having... Because Free IPA has the concept of hosts. So I'm not against the idea of also using host names and match those with profiles. But that's something I'm not too... I haven't rubbed my head around that use case right now, so... Since you brought up a question of hosts and users and groups. Yeah. I saw that there were users and groups there. Yeah. How is that layered? Ah, do you mean which policy do we use? So right now, it's... The user has the highest precedence than groups, then... Is it a per attribute veto, or is it a... You get whatever is in the highest rank profile? Right now, it's hard coded, yes. So eventually, I will want to... I will want for the policy to be configurable so that you can say user... Sorry, group-wide profiles have precedence over user profiles and the other thing I want to do is to add priority levels to each profile. So that... But what I'm saying is it doesn't mix the profiles. Yes. It doesn't merge them. No, no. Just only get the user profile or the group profile. No, it matches them. It does merge them. Yeah, yeah, yeah. So again, it's hard coded so that it merges them in a specific way right now, but I want to make that optional network one. As of right now, if you have both the group profile and the user profile specified, then the group profile will be applied first and then the user profile, and anything that's in the user profile that overrides will override. Yeah, ish. So right now, I don't care about that. So whatever it does, it does. But I do have plans to be able to isolate that and then add priority so that you can have a policy where a group profile... Group profiles have precedence over user profiles, but that specific profile right there, you can bump up the profile priority. So therefore, it works in an upper layer, so that the... See, something has control over that. We want to add that, but again, that's something we need to worry about in further cycles. So yeah, I'll go back to the slides. There we go. So future stuff. So the network manager and the VIP integration is something I'm hoping to have in master soon-ish. So the network manager integration I show you right here is... I finished it yesterday at 2 a.m. But it's something I'm hoping to get for Fedora25, certainly. Free IPA, we'll see. We'll try. At least something rudimentary. I think we can make it. But to some extent, it's up to the constraints of the free IPA team. If we can figure out something that they can sneak in for Fedora25, then good. Otherwise, we'll wait for the next cycle. So we use this as an example of plug-in. And run this as a separate plug-in, a separate RPM that you install and then get this function. So the other thing that is being worked on right now is the non-online account specific support. That's not finished yet. We think we can make it for Fedora25, though. We've done the fleet commander bits, and now Goa, the non-online accounts, have to do basically the modifications so that it reads data from slash run and emerges the data. And also the way it works is different than it was when the data is in slash user home. So farther down the line, I would like to add an inline profile viewers because right now you add settings, but after that, you don't quite know what's in there unless you go to the file and open it. So we want to add something from the browser. Since it's all JSON data, we might even support inline editing. If you don't want to set up a new thing, but if we add that, it'll be a use at your own risk kind of thing. Yeah, so web browser support. There's two things, as I mentioned before. One is the bookmark stuff, which doesn't quite behave like settings, so we're going to do a special web UI for bookmarks. And that'll be our first attempt to write code for the browsers. And the next thing we want is if we can get the same level of support as in Decon and LibreOffice-based apps all setting matrix of Firefox and Chromium. I think it's doable, but it's work, and it means convincing the upstreams to take the code because I don't want to do a downstream patch for Firefox and specifically Chromium when most users are going to be using Chrome, I would assume, and even corporations are going to use Chrome. And if the support is not there you need to use your own build of Chromium. That's not the official thing. Richard? No, and there's no way we could. Mostly because web apps usually store stuff in the cloud or in the sandbox of the, what's it called? Local storage. Yeah, the local storage and then the JavaScript run. So that's not something I'm looking into. We're cool, but the local storage is a key value store. We're cool, but that'll be a lot of work and it'll mean getting into risky territories. That might be something for it. Yeah, to try it once we're done and we're happy with the app and maybe we could look into that. It's not a crazy idea. So you don't put web apps with apps? Yeah, yeah. But again, that will mean that we will need to get support from the web browsers to get data from the local storage into the logger and then injecting that data again. I don't know how hard that would be and it's always different between Firefox and Chromium. And they're going to have security concerns with that. Absolutely, yeah. So, yeah. Oh, yeah. And then there are the long tail of apps that don't use deconf and are not mainstream enough for us to concentrate on them. And I'm thinking things like, I don't know, Blender or other apps that might have their own format on this that will have layers at all. Actually, sorry? Other desktops. So the problem I did... So when deconf was written, I was actually the manager of the developer doing that, Alison Lorti. And we did reach out to the KDE and the Qt community to see what they could do. So with Qt, we had better chat... Well, a bit of a better relationship. Sorry, not better relationship. The way Qt provides settings was a better match with deconf. But in the case of KDE, they have a... They have a... What's it called? The notion of backends for configuration, but the configuration API is built around writing file on disk, hit apply, write date on disk. So it's going to be quite hard to support KDE apps unless they do some changes on that configuration API. It's actually gotten worse, unfortunately. So, yeah. I would love to support the KDE realm of apps. We're going to have users who use them, even if they use the GNOME desktop. But I need to go one step of that at the time. And I have to hit the lowest... Yeah, of course. So that's a later thing. There might be a way to do it. Even if it's not ideal from a technical point of view, I want to make it happen. But again, that's something I'm going to have to work on later. But things like XFCE, they use deconf all across, and Mate uses deconf. So it's not just GNOME. You could have a VM using Mate, and it'll just work. If you install the right packages, it'll just work. So it's not GNOME specific. Obviously, we have a focus on getting the right experience around the GNOME slash rel fedora. That's our focus right now. Those are the few places where we want to make sure we have a great experience. And I'm not against, like, in the long run, trying to support a wider set of stuff. The KDE bit warms me, because it's a huge desktop community, and they have a lot of apps that even in certain organizations might be critical. So we want to support them, but it's from a technical point of view. That makes it easy. Yeah, yeah. So I did try to have a conversation with them around that API, but it wasn't too fruitful. And I don't have the capacity to work on that. Of course. So yeah, that's pretty much it. So I want to open to questions, suggestions, feedback. So it immediately comes to mind for me, is distributing the profiles through all that attribute using GSS API for mutual authentication. Rather than HTTP. Yeah, yeah, yeah. We're talking about a single attribute on the user. There's a single attribute on the group object. No, it's a different thing. So your profile itself is unbound amount of data. Right. So the distribution of the profile is what happens over this static web server. The mapping, what profile maps to what hosts is what will be likely. And that's a single or couple attributes. What's happened by that? Sorry, we're both acting developers. Yeah. So we do the same already. I mean, you're talking about a single string attribute. We can bring this up. It's not a single string attribute. Say I want to distribute the certificates. So it's a basics before lockdown right there. Or actually, we network manage it. A single string attribute if you're just stuffing all the JSON. Oh yeah, it's always strings. It's always a bunch of text. Right, so you're going to have more. But we already do this. There's already a lot of places where we're distributing fairly large chunks of string attributes. And we can stick one string attribute on the user and one string attribute on the group object. And then just distribute all of this stuff through. The problem is that you want to have this profile available differently on different posts. Yeah. So we're going to actually do that. But to be fair, we did exactly that on the eight bug days. So we did distribute the profiles through LDAP. And I remember we were able to do it without adding any schemas or anything. Yeah, I don't think it would be difficult. It is not difficult. It's just a normal scale. Consider organizations with 100,000 users. And all this data needs to be replicated over all offices because it has to. But it's mostly right once data. Why do you want to put it on the user objects that it makes no sense? Because then you get free authentication for mutual authentication for that user. Because it doesn't distribute it. You don't need to authenticate it against the self-assertive server at all. You need to authenticate it against the servers that are used. And it's purely a question of this agent authenticating against different server functions. So imagine you want to have a profile where you distribute something that's user-specific. And you need to authenticate which user is requesting a profile. You do already have this on the client because LoginD gives you the signal that the session is started. Yeah, but actually the way it works is I pull all the profile data for the network on disk. And then when I log in, I query on this which things apply. This is not a user. It is a user. Yeah. Let's talk about this one. Yeah, we can... I would assume that some organizations, some are for customers, are going to ask me that kind of thing. I think people are going online. And I know because in the April days, that's what the ask does. And the nice thing that you get about doing this is that the user has authenticated or the administrator authenticates. It gets written to the appropriate user object and then only that user object can read that data. So if you have user-specific data, that user can't go read everybody else's user's data as well. So you can put unique things like a per-user password for the Wi-Fi on that. And the amount of writes in here is quite bounded. Every time the admin does something, it's going to be per one, two, I mean. It's going to be once per user. But we have more questions. I certainly want to talk about this. So you had a question? Yes. Can you do those changes on the fly? In the example, you used the manager with 888. So if I don't want 888, because now it's slow or something, and I want to change it, but we have noticed that things are looking... No, no, like, well. So for decomp-based settings, we can set a... We mentioned it before. You can set an option to make it read-only, so that you won't have control over that. With regards to networking, what we do is we deploy... If you change the setting and after some time, there's a change in the profile from the Fleet Commander server, it will reapply the setting. So you can change it, but eventually it'll go back to what the sysadmin said. But I mean, we're talking about setups where the sysadmin is in control on the kind of thing. If your DNS is slow, you're going to have to talk to your sysadmin. If your machine is managed. I mean, we can look into ways for that to be handled in the network manager-specific case. In the deconf case, that's solved because if the key is not enforced and you've written something, it always will read the value that you've written. And if there's no value written, it'll pick up the one in the profile and if there's no value in the profile, it'll just read the default value from the schema. So in the deconf case, that kind of use case is better covered. But with network manager, it's trickier to do that kind of fine-grained. So in the case of network manager, you will have to fall back on sysadmin to do the right thing. But you could clone that configuration by hand like this. So this is something that is meant to be used to be deployed in environments where most of your users don't know how to configure the network. If you're savvy enough to configure the network by yourself, you might as well, you know... There's another problem that we have been... applications of Linux. Nipsey Resolve is pretty... Resolve.com for the once-per-process. Yes. If you change Resolve.com, it changes and will apply until we restart the process. If you have network manager writing a cache on DNS server locally, like DNSMOSC, then the changes you do in the profile will be applied in the DNSMOSC configuration and it will work. But they will not work for other cases. Yeah. And then the other part is also if you have DNS2 enabled, then those changes will be... We just thought of... It's a candle. I just implemented the basic support. This is something that... Our main customer is Red Hat's own IT department, and they wanted this because setting up a bunch of the things we have internally is hard and cumbersome for a new guy in finance, for example. Their strength is finance, not networking, so they want something that just works. And so solving that problem first is my focus, eventually doing the fine tuning where we cover the corner cases where things are not exactly... Where users or this assignment thing, they're losing control of what they want to do. That's something we're going to have to figure out and a lot of it will have to be handled by the app streams. So if network manager doesn't quite allow what we need, we're going to have to talk to them and match the use case with an implementation. So... Yeah, like a desktop background, for example. So... So my take on this is that on principle, most times, if you want certain content that is not the setting itself to be delivered, deploy on RPM or something like that through another channel, like have the image, have all the data that it needs. That's on principle because always each use case is different. I'm not quite sure what to do in every case, but we don't have something right now to deploy content as opposed to the setting values. That's one option. The thing that worries me about uncivil is what about the users that are behind an app? So you have a lot of, for example, my company that has 100,000 users, a lot of them work from home behind or something. So then you use an RPM in that case, so... Or anything other than the unknown software That's something that worries me again, but it's something I cannot be worried about that right now. I cannot get busy on that kind of those kinds of concerns, but that's something that I have in mind as we design the thing forward, so... Could you please come on and tell the software to install the specific software, or is that anti-all? It will be... I'm still recording, but now, basically, I don't want to... So that kind of thing is kind of a foreman-slash-satellite realm and I'm a bit hesitant to step into... to overlap into what they do. On one hand, for practical reasons, because I don't want to implement everything that CISAT means want to do, and on the other hand, for more like from a portfolio point of view, I don't want to have two tools that do the same job. On the other hand, I do recognize that there's going to be... like CISAT means that are focused on desktop-related stuff, they're going to get a lot more value with Flick Commander, and they're going to expect certain things to also come with Flick Commander because they don't want to use another tool just for that one thing. So in principle, we could have a setting in GNOME software that was called like Enforced Apps or something like that, but I'm very, very hesitant to that kind of thing. That's great. Particularly, you're going to get some admin who's like, HTTP is just fine, and then all of a sudden you get somebody injecting, must install this app that has a security problem. But if we do that, it's something that must be in the repositories, we wouldn't install this app. That doesn't mean that the software in the repository doesn't have security issues, right? So all I would need to do is... Well, you have a UPE tag. You should look at the update policy as well. Like, some distro... Some protocols might be the thing that we want to use for all apps. All right. Yeah, I'm not sure. So my take on these things is I'm going to try to get this in the hands of real deployments as soon as possible and I'm going to use that feedback to guide me on to what's important and what not. Otherwise, I can, you know, astronaut architect the hell out of everything. And then I figure out, actually, there were a lot more practical things to be focusing on. And so, yeah, all these things, they sound like something some users might want to do, but I don't want to guess on behalf of the real users out there doing real deployments. So I'm going to... In a few weeks, I hope to get this in the hand of the IT department at Red Hat see what they think now that I'm a bit more confident on the stability of the whole thing. And then the next step will be reaching out to existing customers within the Red Hat desktop organization and see what they think as well and I'll use that feedback to kind of figure out these decisions. But right now, like, I don't want to guess all the possible things that can go wrong. I mean, with regards to security, yes, but with regards to the use cases that we don't cover that might be nice to have, like I could implement the whole world and I don't want to do that. And that's kind of what I'm coming from, with regards to those kind of things. So I'm trying to bound the amount of work I do. Anything else? Okay, thanks a lot for coming. Thank you.