Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 106340
| Summary: | Selecting "no firewall" in install is ignored, very restrictive firewall installed | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | John Powell <jp> | ||||
| Component: | anaconda | Assignee: | Jeremy Katz <katzj> | ||||
| Status: | CLOSED DUPLICATE | QA Contact: | Mike McLean <mikem> | ||||
| Severity: | high | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | rawhide | ||||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | i686 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2006-02-21 18:58:57 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Created attachment 94942 [details]
This is the anaconda-ks.cfg file auto-created by the install.
I forgot to note. Though the situation is different, this bug is likely closely related to 105998. In that bug the ports are ignored, in my case the overall on/off is ignored. In both cases the end result is a simple "firewall --enabled" in anaconda-ks.cfg where entered configuration was ignored. *** This bug has been marked as a duplicate of 105048 *** Changed to 'CLOSED' state since 'RESOLVED' has been deprecated. |
Description of problem: Selecting "no firewall" during the normal graphical install is ignored. I selected "no firewall" and the firewall was installed with no open ports. I was so surprised, I re-installed from scratch just to be sure I did not make a mistake the first time around. I was very careful the second time, ensured I selected no, got the nag message and clicked on "proceed". I checked /root/anaconda-ks.cfg and it showed "firewall --enable". I guess my selection in the GUI was ignored. Version-Release number of selected component (if applicable): Not sure. ISOs just downloaded the other day, I believe it is fedora 0.9.4, test 2, build name is "Severn" How reproducible: 100% on 2 tries. Steps to Reproduce: 1. Install Severn 2. Select Server install (not sure if that is required to reproduce) 3. Select "no firewall" and click on proceed after the nag screen. Actual results: After rebooting twice (to be sure) I could not connect to the box from a RH9 box on the same network for both ssh and httpd (yes, I started httpd). I COULD connect from the same box ("ssh localhost" and "lynx http://localhost"). Did a "service iptables stop" and could now connect ssh and to the web server from remote machines. I also did a "chkconfig iptables off" and rebooted. I could connect no problem after this. Expected results: No firewall installed, should have been able to connect ssh and http without disabling iptables. Additional info: Yes, I know, I should always install the firewall ;)