Description of problem:
It seems that the script syntax generated by redhat-config-kickstart
for enabling the firewall and customizing the port(s) allowed is not
understood by the anaconda installer on the CD.
I used redhat-config-kickstart to generate an example with the
firewall enabled with http, ssh, ports 53/tcp, 53/udp and 443/tcp
opened. The generated firewall line is:
firewall --enable --http --ssh --port=53:tcp,53:udp,443:tcp
I then used this example to modify the anaconda-ks.cfg generated
during the install of my 'prototype'. This is the error that I get
Version-Release number of selected component (if applicable):
kickstart rpm: redhat-config-kickstart-2.3.22-3
installation CD: rhel-3-U2-i386-as-disc1
Use a kickstart file with 'firewall --enable ... --port=...'
Steps to Reproduce:
1. Edit an existing kickstart file or create a new one
2. For the firewall entry use firewall --enable --port=443:tcp and any
other valid arguments
3. Use the file to automate an install
Install aborts with the following error:
Traceback (most recent call last):
File "/usr/bin/anaconda", line 1042, in ?
File "/usr/lib/naconda/kickstart.py", line 1218, in setInstallData
File "/usr/lib/anaconda/kickstart.py", line 677, in readKickstart
File "/usr/lib/anaconda/kickstart.py", line 100 in doFirewall
['dhcp', 'ssh', 'telnet', 'smtp', 'http', 'ftp', 'enabled',
File "/usr/lib/anaconda/isys.py", line 443, in getopt
return apply(_isys.getopt, args)
TypeError: bad argument --port=443:tcp: unknown option
install exited abnormally
It seems obvious that the scripts on the installation media don't know
about the --port option.
Please attach the kickstart file that you created.
Created attachment 101363 [details]
The working ks file, with the offending firewall line commented
This is the working version with the offending firewall line commented out and
my root password removed as noted.
I'm going to change the component of this bug to anaconda since the
kickstart file looks ok to me.
This is the line that is causing the problem:
firewall --enabled --http --ftp --ssh --smtp --port=443:tcp
However, this line looks ok to me according to the RHEL3 documentation
Either this is an anaconda bug or the kickstart docs are wrong.
There was a typo in U2, fixed for U3.
Mass-closing lots of old bugs which are in MODIFIED (and thus presumed to be
fixed). If any of these are still a problem, please reopen or file a new bug
against the release which they're occurring in so they can be properly tracked.