service iptables save, systemctl, and unhelpful error messages
Emanuel Rietveld
codehotter at gmail.com
Wed Feb 15 13:15:16 UTC 2012
Currently, on Fedora 16, service iptables save prints the following:
# service iptables save
Redirecting to /bin/systemctl save iptables.service
Unknown operation save
The service iptables save command is documented in a number of places
and has been recommended to users for years. See, for example, the
security guide:
http://docs.fedoraproject.org/en-US/Fedora/16/html/Security_Guide/sect-Security_Guide-Using_IPTables-Saving_and_Restoring_IPTables_Rules.html
This breaking with the systemctl move is expected, but the unhelpful
error message is a usability bug. Executing services iptables save
should print "This is no longer supported. Please execute
/usr/libexec/iptables.init save" (See:
https://bugzilla.redhat.com/show_bug.cgi?id=748134 )
From a technical perspective, that would mean the /sbin/service wrapper
would need to be rewritten check a file for the command that is being
asked to do, and print different error messages depending on the situation.
Of course that makes the currently simple wrapper script more complex,
but if we want to keep moving forward as fast as Fedora is, we should
make the extra effort to stay friendly to our users too.
Emanuel
More information about the devel
mailing list