Bug 106340
| Summary: | Selecting "no firewall" in install is ignored, very restrictive firewall installed | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | John Powell <jp> | ||||
| Component: | anaconda | Assignee: | Jeremy Katz <katzj> | ||||
| Status: | CLOSED DUPLICATE | QA Contact: | Mike McLean <mikem> | ||||
| Severity: | high | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | rawhide | ||||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | i686 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2006-02-21 18:58:57 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Created attachment 94942 [details]
This is the anaconda-ks.cfg file auto-created by the install.
I forgot to note. Though the situation is different, this bug is likely closely related to 105998. In that bug the ports are ignored, in my case the overall on/off is ignored. In both cases the end result is a simple "firewall --enabled" in anaconda-ks.cfg where entered configuration was ignored. *** This bug has been marked as a duplicate of 105048 *** Changed to 'CLOSED' state since 'RESOLVED' has been deprecated. |
Description of problem: Selecting "no firewall" during the normal graphical install is ignored. I selected "no firewall" and the firewall was installed with no open ports. I was so surprised, I re-installed from scratch just to be sure I did not make a mistake the first time around. I was very careful the second time, ensured I selected no, got the nag message and clicked on "proceed". I checked /root/anaconda-ks.cfg and it showed "firewall --enable". I guess my selection in the GUI was ignored. Version-Release number of selected component (if applicable): Not sure. ISOs just downloaded the other day, I believe it is fedora 0.9.4, test 2, build name is "Severn" How reproducible: 100% on 2 tries. Steps to Reproduce: 1. Install Severn 2. Select Server install (not sure if that is required to reproduce) 3. Select "no firewall" and click on proceed after the nag screen. Actual results: After rebooting twice (to be sure) I could not connect to the box from a RH9 box on the same network for both ssh and httpd (yes, I started httpd). I COULD connect from the same box ("ssh localhost" and "lynx http://localhost"). Did a "service iptables stop" and could now connect ssh and to the web server from remote machines. I also did a "chkconfig iptables off" and rebooted. I could connect no problem after this. Expected results: No firewall installed, should have been able to connect ssh and http without disabling iptables. Additional info: Yes, I know, I should always install the firewall ;)