F18 : from iptables to firewalld

Ranjan Maitra maitra.mbox.ignored at inbox.com
Thu Jan 31 21:04:26 UTC 2013 

On Thu, 31 Jan 2013 21:20:58 +0100 Reindl Harald
<h.reindl at thelounge.net> wrote:

> 
> 
> Am 31.01.2013 19:43, schrieb Ranjan Maitra:
> > Sorry, but I get the following error:
> >> systemctl stop iptables.service ip6tables.service; systemctl start firewalld.service
> >>
> > $ sudo systemctl start firewalld.service
> > Job for firewalld.service failed. See 'systemctl status
> > firewalld.service' and 'journalctl -xn' for details.
> > 
> > $ sudo systemctl status firewalld.service
> > firewalld.service - firewalld - dynamic firewall daemon
> > 	  Loaded: loaded (/usr/lib/systemd/system/firewalld.service;
> > enabled) Active: failed (Result: exit-code) since Thu 2013-01-31
> > 12:41:52 CST; 2s ago Process: 25777 ExecStart=/usr/sbin/firewalld
> > --nofork $FIREWALLD_ARGS (code=exited, status=1/FAILURE)
> > 
> > Jan 31 12:41:52 localhost.localdomain systemd[1]: Starting firewalld ...
> > Jan 31 12:41:52 localhost.localdomain firewalld[25777]: 2013-01-31 12...
> > Jan 31 12:41:52 localhost.localdomain firewalld[25777]: 2013-01-31 12...
> > Jan 31 12:41:52 localhost.localdomain systemd[1]: firewalld.service: ...
> > Jan 31 12:41:52 localhost.localdomain systemd[1]: Failed to start fir...
> > Jan 31 12:41:52 localhost.localdomain systemd[1]: Unit firewalld.serv...
> 
> this output is crippled by systemctl (thanks to systemd-guys for
> a very bad usability at all with their strip and pagers all the time)
> 
> "systemctl status firewalld.service | cat" should bring better output
> 


Thanks! I get this:


$ sudo systemctl status firewalld.service | cat
firewalld.service - firewalld - dynamic firewall daemon
	  Loaded: loaded (/usr/lib/systemd/system/firewalld.service;
enabled) Active: failed (Result: exit-code) since Thu 2013-01-31
12:41:52 CST; 2h 18min ago Process: 25777 ExecStart=/usr/sbin/firewalld
--nofork $FIREWALLD_ARGS (code=exited, status=1/FAILURE)

Jan 31 12:41:52 localhost.localdomain systemd[1]: Starting firewalld -
dynamic firewall daemon... Jan 31 12:41:52 localhost.localdomain
firewalld[25777]: 2013-01-31 12:41:52 FATAL ERROR: [Errno 13]
Permission denied: '/var/run/firewalld.pid' Jan 31 12:41:52
localhost.localdomain firewalld[25777]: 2013-01-31 12:41:52 ERROR:
Traceback (most recent call last): Jan 31 12:41:52
localhost.localdomain systemd[1]: firewalld.service: main process
exited, code=exited, status=1/FAILURE Jan 31 12:41:52
localhost.localdomain systemd[1]: Failed to start firewalld - dynamic
firewall daemon. Jan 31 12:41:52 localhost.localdomain systemd[1]: Unit
firewalld.service entered failed state



> additionally /var/log/messages is normally the place to look



Jan 31 15:01:35 localhost systemd[1]: Starting firewalld - dynamic
firewall daemon... 
Jan 31 15:01:35 localhost firewalld: 2013-01-31
15:01:35 FATAL ERROR: [Errno 13] Permission denied:
'/var/run/firewalld.pid' 
Jan 31 15:01:35 localhost firewalld: 2013-01-31 15:01:35 ERROR:
Traceback (most recent call last): 
Jan 31 15:01:35 localhost systemd
[1]: firewalld.service: main process exited, code=exited,
status=1/FAILURE 
Jan 31 15:01:35 localhost systemd[1]: Failed to start
firewalld - dynamic firewall daemon. 
Jan 31 15:01:35 localhost systemd
[1]: Unit firewalld.service entered failed state 
Jan 31 15:01:36 localhost setroubleshoot: SELinux is
preventing /usr/bin/python2.7 from getattr access on the
file /run/firewalld.pid. For complete SELinux messages. run sealert -l
6da93ecc-b84a-4d14-bc3f-0f8d06af82a2 Jan 31 15:01:37 localhost
setroubleshoot: SELinux is preventing /usr/bin/python2.7 from write
access on the file firewalld.pid. For complete SELinux messages. run
sealert -l d6eea039-e995-4e5e-a6f3-57048fc05bae 
Jan 31 15:01:37 localhost
setroubleshoot: SELinux is preventing /usr/bin/python2.7 from unlink
access on the file firewalld.pid. For complete SELinux messages. run
sealert -l 689b4650-7ccb-4ca7-a2db-2ec6c5f18b6f


Not sure what to do with all this.

Many thanks!
Ranjan

-- 
Important Notice: This mailbox is ignored: e-mails are set to be
deleted on receipt. For those needing to send personal or professional
e-mail, please use appropriate addresses.

____________________________________________________________
FREE ONLINE PHOTOSHARING - Share your photos online with your friends and family!
Visit http://www.inbox.com/photosharing to find out more!

More information about the users mailing list