Bug 1097765 - at_console in dbus policy makes firewalld hard to use on servers
Summary: at_console in dbus policy makes firewalld hard to use on servers
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: firewalld
Version: 7.1
Hardware: Unspecified
OS: Unspecified
Target Milestone: rc
: ---
Assignee: Thomas Woerner
QA Contact: Tomas Dolezal
Depends On: 1094745
Blocks: 1094121
TreeView+ depends on / blocked
Reported: 2014-05-14 13:31 UTC by Thomas Woerner
Modified: 2015-03-05 13:23 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of: 1094745
Last Closed: 2015-03-05 13:23:07 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2015:0520 normal SHIPPED_LIVE firewalld bug fix and enhancement update 2015-03-05 16:33:07 UTC

Description Thomas Woerner 2014-05-14 13:31:05 UTC
+++ This bug was initially created as a clone of Bug #1094745 +++

Description of problem:

Use of at_console="true" in the firewalld DBus policy file makes firewalld hard to use on servers, where users are logged in via ssh, or via Cockpit, but not at a console.

at_console="true" is a real old relic, that was never really implemented. Modern services should be using polkit.

NetworkManager moved away from it for the same reasons (want to be usable on servers): bug #979416

Version-Release number of selected component (if applicable):


[stef@stef firewalld]$ git grep at_console
config/FirewallD.conf:  <policy at_console="true">

--- Additional comment from Thomas Woerner on 2014-05-14 09:29:54 EDT ---

Fixeds upstream in 

Comment 7 errata-xmlrpc 2015-03-05 13:23:07 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.