Bug 119403
Summary: | iptables & SE Linux Enabled , even after disabling them in graphical installer on X86-64 | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Jerone Young <jerone2> |
Component: | anaconda | Assignee: | Jeremy Katz <katzj> |
Status: | CLOSED RAWHIDE | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | notting |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2004-04-03 09:29:06 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 114961 |
Description
Jerone Young
2004-03-30 04:12:19 UTC
That's strange... the code is exactly the same between them :) What's in /etc/sysconfig/system-config-firewall and /etc/sysconfig/selinux on the x86_64 box? (And note that turning off SELinux isn't quite the same as selinux=0) /etc/sysconfig/system-config-firewall does not exist. But there is are /etc/sysconfig/system-config-securitylevel: # Configuration file for system-config-securitylevel --enabled /etc/sysconfig/iptables: # Firewall configuration written by system-config-securitylevel # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p 50 -j ACCEPT -A RH-Firewall-1-INPUT -p 51 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT The iptables init script has to be reading from this file. Once I run it I can no longer reach ssh. Things have changed somwhere. /etc/sysconfig/selinux: SELINUX=disabled This is resolved in the Development tree. Did an install based on the April 2nd Development tree and this problem is now gone. |