$ systemctl status firewalld.service firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled) Active: failed (Result: exit-code) since dom 2014-10-12 18:21:16 ART; 9h ago Process: 564 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS (code=exited, status=1/FAILURE) Main PID: 564 (code=exited, status=1/FAILURE) CGroup: /system.slice/firewalld.service oct 12 18:21:08 infinity systemd[1]: Starting firewalld - dynamic firewall ..... oct 12 18:21:14 infinity python[564]: detected unhandled Python exception i...d' oct 12 18:21:16 infinity systemd[1]: firewalld.service: main process exited...RE oct 12 18:21:16 infinity systemd[1]: Failed to start firewalld - dynamic fi...n. oct 12 18:21:16 infinity systemd[1]: Unit firewalld.service entered failed ...e. Hint: Some lines were ellipsized, use -l to show in full. sometimes happen, sometimes don't, I fix this restarting the service (systemctl restart firewalld.service).
I have a very strange bug that systemd I think: I had a bug with audit too, it failed at start, every single boot, but everything ok with firewalld, I had this bug with firewall and I saw that auditd.service was running ok, it seems that when firewalld works auditd doesn't and when auditd does firewald doesn't. See: https://bugzilla.redhat.com/show_bug.cgi?id=1151794 after complete systemd's script without plymouth, I go directly too tty because I start my X session with a startx and xinitrc script, but I need to wait a couple of seconds, because I see that my hardisk is working on something maybe writing. (cause the led on my laptop 4328 (lenovo g470) said so) so I see that it stops after mess my tty console with some kernel messages about my broadcom 43xx wifi card, then I log in and then I start out my session (to be honest, its really slow, I don't know if its normal, I don't use any display manager only on Fedora, I use the: if [[ ! ${DISPLAY} && ${XDG_VTNR} == 8 ]]; then exec startx fi bash script and it takes from 3 to 10 seconds to show cinnamon DE)
Sorry I had a lot of errors in my drafting, I'm on some aggressive "medication".
Try checking /var/log/firewalld for some errors. If you don't see any problem there, add 'FIREWALLD_ARGS=--debug' into /etc/sysconfig/firewalld and check it next time you see this issue.
(In reply to Jiri Popelka from comment #3) > Try checking /var/log/firewalld for some errors. > If you don't see any problem there, > add 'FIREWALLD_ARGS=--debug' into /etc/sysconfig/firewalld > and check it next time you see this issue. systemctl status firewalld.service -l firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled) Active: active (running) since lun 2014-10-13 17:12:20 ART; 11min ago Main PID: 562 (firewalld) CGroup: /system.slice/firewalld.service └─562 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid oct 13 17:12:08 infinity systemd[1]: Starting firewalld - dynamic firewall daemon... oct 13 17:12:20 infinity systemd[1]: Started firewalld - dynamic firewall daemon. oct 13 17:12:24 infinity python[616]: SELinux is preventing firewalld from write access on the directory . ***** Plugin catchall (100. confidence) suggests ************************** If you believe that firewalld should be allowed write access on the directory by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep firewalld /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp It seems to be right?
Logging: (In reply to Duff Padmasana from comment #4) > oct 13 17:12:24 infinity python[616]: SELinux is preventing firewalld from > write access on the directory . ... > /var/log/audit/audit.log | audit2allow -M mypol > # semodule -i mypol.pp > > It seems to be right? Yes. But as a simpler solution, you might add 'enforcing=0' on the kernel command line. -- Original problem: apparently python throws an exception: oct 12 18:21:08 infinity systemd[1]: Starting firewalld - dynamic firewall ..... oct 12 18:21:14 infinity python[564]: detected unhandled Python exception i...d' oct 12 18:21:16 infinity systemd[1]: firewalld.service: main process exited...RE so this doesn't seem systemd related at this point. Reassigning.
(In reply to Duff Padmasana from comment #4) > oct 13 17:12:24 infinity python[616]: SELinux is preventing firewalld from > write access on the directory . Add 'FIREWALLD_ARGS=--debug=2' into /etc/sysconfig/firewalld then run 'systemctl restart firewalld' and when you see the problem again please attach: - /var/log/firewalld - the SELinux denial, you can use sealert (from setroubleshoot-server package) to see the denials
Created attachment 951135 [details] /var/log/firewalld
This message is a reminder that Fedora 20 is nearing its end of life. Approximately 4 (four) weeks from now Fedora will stop maintaining and issuing updates for Fedora 20. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '20'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 20 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.