Bug 55289

Summary: Lokkit does not allow to modify security level
Product: [Retired] Red Hat Linux Reporter: Joachim Frieben <jfrieben>
Component: gnome-lokkitAssignee: Bill Nottingham <notting>
Status: CLOSED DUPLICATE QA Contact: Aaron Brown <abrown>
Severity: high Docs Contact:
Priority: medium    
Version: 7.2CC: rvokal
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2001-10-29 10:25:58 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Joachim Frieben 2001-10-29 10:25:53 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.2.1) Gecko/20010901

Description of problem:
After checkmarking "medium" for the configuration of the firewall settings
during installation, I was wondering that "ntp" didn't work out of the box
as it did with "Roswell (2)", and that furthermore, "ssh" connections from
the outside world were refused. "nmap <hostname>" confirmed for instance
that port 123 which is used by "ntp" by default was closed, so obviously
"ntp" couldn't work. I launched "lokkit" as root and set the security level
to "medium". Exiting "lokkit" and relaunching "lokkit" proved the security
level still to remain "high". Rebooting the machine didn't change anything
either. By the way, why is there no bugzilla entry for "lokkit" whereas
there is one for "gnome-lokkit"? "gnome-lokkit" is not even installed by
default!

Version-Release number of selected component (if applicable):
lokkit-0.50-6

How reproducible:
Always

Steps to Reproduce:
1. Launch "lokkit"
2. Set security level from "high" to "medium"
3. Launch "lokkit"


Actual Results:  "Lokkit" displays "high" for the actual security level,
"ntp" still doesn't work, and "ssh" connections from the outside world are
still refused. This used to work with Roswell (2).

Expected Results:  Security level should be "medium", "ntp" should be able
to use port 123 to query some remote time server, and "ssh" connections
from the outside world should be accepted.

Additional info:
Comment 1 Bill Nottingham 2001-10-29 14:47:04 UTC 

*** This bug has been marked as a duplicate of 25510 ***
Comment 2 Joachim Frieben 2001-10-29 19:20:52 UTC 
Hum, in my report, I clearly explained that it is not principally a matter of
"lokkit" not being able to -display- the previous settings, but that actually
the settings are -not- modified! Not displaying the actual settings is of course
suboptimal, however, the crucial point is: when selecting the "medium" security
level, i.e. "ssh" from the outside world are still not permitted which was
absolutely not the case of "Roswell (2)" and which shows that the security level
is still "high" (correct me if I'm wrong)! I thus find closing the bug a bit
premature. I was perfectly aware of bug #25510, but that one is simply not
relevant here!
Comment 3 Bill Nottingham 2001-10-29 19:28:03 UTC 
ssh is not allowed through in *either* medium or high, unless it's specifically
allowed as an exception.