Description of problem:
User defined service.xml files in /etc/firewalld/services are not being read.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Create a custom service file in /etc/firewalld/services/custom.xml
2. systemctl restart firewalld
3. firewall-cmd --get-services
<custom> service is not listed in the available services, making it impossible to add it to a zone.
<custom> service is listed as an available service and is able to be added to any zone.
When the custom.xml file is moved to /usr/lib/firewalld/services (and selinux context updated) the service is finally read by firewall-cmd and is available for adding to a zone.
It works for me with firewalld-0.3.10-1.fc20
Can you attach the custom.xml file ?
I'm sorry, I thought I had done this already, but noticed the tab was still open waiting for the upload.
This is a simple service file to add rsync to the firewall.
Created attachment 920994 [details]
rsync service file for firewalld
Thanks. I don't see any problems even with your service file.
- update to firewalld-0.3.10-1.fc20,
- put 'FIREWALLD_ARGS=--debug' into /etc/sysconfig/firewalld
- systemctl restart firewalld
- firewall-cmd --get-services
- attach /var/log/firewalld
I added the rsyncd service upstream
It'll be part of next release, i.e. 0.3.13.
This message is a reminder that Fedora 20 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 20. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as EOL if it remains open with a Fedora 'version'
Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version'
to a later Fedora version.
Thank you for reporting this issue and we are sorry that we were not
able to fix it before Fedora 20 is end of life. If you would still like
to see this bug fixed and are able to reproduce it against a later version
of Fedora, you are encouraged change the 'version' to a later Fedora
version prior this bug is closed as described in the policy above.
Although we aim to fix as many bugs as possible during every release's
lifetime, sometimes those efforts are overtaken by events. Often a
more recent Fedora release includes newer upstream software that fixes
bugs or makes them obsolete.
I am not able to verify this. The use of the custom service is working for me using the file name rsyncd.xml and also after renaming to custom.xml as custom.
This issue was cleared up somewhere along the way. I tested this with a Fedora 20 KDE Live image that has firewalld-0.3.10-1.fc20.noarch and on a CentOS 7.1 system with firewalld-0.3.9-11.el7.noarch and could not replicate the error.
# firewall-cmd --get-services
# cat <<EOF >> rsyncd.xml
<?xml version="1.0" encoding="utf-8"?>
<description>rsynce is an efficient file synchronization utility.</description>
<port protocol="tcp" port="873"/>
<port protocol="udp" port="873"/>
# firewall-cmd --reload
# firewall-cmd --get-services
After the reload, rsyncd is displayed as an available service.