Bug 1495506
| Summary: | Can't access Cockpit UI on RHEL hosts | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Sarvesh Pandit <sapandit> |
| Component: | cockpit | Assignee: | Martin Pitt <mpitt> |
| Status: | CLOSED INSUFFICIENT_DATA | QA Contact: | qe-baseos-daemons |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 7.4 | CC: | dfediuck, mpitt, sapandit |
| Target Milestone: | pre-dev-freeze | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2018-04-23 12:00:51 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Sarvesh Pandit
2017-09-26 08:31:27 UTC
The package cockpit-ws adds
/usr/lib/firewalld/services/cockpit.xml
and then in the post section runs
test -f %{_bindir}/firewall-cmd && firewall-cmd --reload --quiet || true
Can you run that command and see if maybe there is an error that the || true suppresses.
It was beaker system. Now, I have applied the workaround and don't have fresh 7.4 host. Should I still try that command on that host? You can, but might be more useful on a system that is actually showing the problem. Here is output:
# test -f %{_bindir}/firewall-cmd && firewall-cmd --reload --quiet || true
# echo $?
0
No error :(
Did you remove the || true? that makes sure it always returns 0. But if there was no error output it probably succeeded. I didn't remove.
Now, I have removed:
# test -f %{_bindir}/firewall-cmd && firewall-cmd --reload --quiet
# echo $?
1
These 9090 port were manually added:
# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: em1
sources:
services: ssh dhcpv6-client
ports: 9090/tcp 9090/udp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
So to confirm, if you run `firewall-cmd --reload` it fails? (Please drop the --quiet). Does it show any output without the --quiet? If that fails, the bug should be reassigned to firewalld. > # test -f %{_bindir}/firewall-cmd && firewall-cmd --reload --quiet
Note: This doesn't work literally in a shell, as the `{_bindir}` is an rpm macro which is only valid in a spec file and changed during package build. So please just run "firewall-cmd ..." without the `test` command.
Hello Martin, Apology for delay in response. I don't have that setup with me to try out. Putting needsinfo back. "I don't have that setup with me" sounds like you still have access to it in general? If not, let's just close this bug. Thanks! Yes. you can close this bug, as don't have same setup. OK, closing. |