Bug 126550 - kickstart firewall --port syntax not recognized by anaconda
Summary: kickstart firewall --port syntax not recognized by anaconda
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: anaconda   
(Show other bugs)
Version: 3.0
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Jeremy Katz
QA Contact: Mike McLean
Depends On:
TreeView+ depends on / blocked
Reported: 2004-06-23 01:43 UTC by George Lancina
Modified: 2007-11-30 22:07 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-04-24 19:05:38 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
The working ks file, with the offending firewall line commented (1.50 KB, text/plain)
2004-06-23 21:18 UTC, George Lancina
no flags Details

Description George Lancina 2004-06-23 01:43:41 UTC
Description of problem:

It seems that the script syntax generated by redhat-config-kickstart
for enabling the firewall and customizing the port(s) allowed is not
understood by the anaconda installer on the CD.

I used redhat-config-kickstart to generate an example with the
firewall enabled with http, ssh, ports 53/tcp, 53/udp and 443/tcp
opened.  The generated firewall line is:
firewall --enable --http --ssh --port=53:tcp,53:udp,443:tcp

I then used this example to modify the anaconda-ks.cfg generated
during the install of my 'prototype'.  This is the error that I get

Version-Release number of selected component (if applicable):
kickstart rpm: redhat-config-kickstart-2.3.22-3
installation CD: rhel-3-U2-i386-as-disc1

How reproducible:
Use a kickstart file with 'firewall --enable ... --port=...'

Steps to Reproduce:
1. Edit an existing kickstart file or create a new one
2. For the firewall entry use firewall --enable --port=443:tcp and any
other valid arguments
3. Use the file to automate an install
Actual results:
Install aborts with the following error:

Traceback (most recent call last):
  File "/usr/bin/anaconda", line 1042, in ?
  File "/usr/lib/naconda/kickstart.py", line 1218, in setInstallData
    self.readKickstart(id, self.file)
  File "/usr/lib/anaconda/kickstart.py", line 677, in readKickstart
    handlers[args[0]](id, args[1:])
  File "/usr/lib/anaconda/kickstart.py", line 100 in doFirewall
    ['dhcp', 'ssh', 'telnet', 'smtp', 'http', 'ftp', 'enabled',
  File "/usr/lib/anaconda/isys.py", line 443, in getopt
    return apply(_isys.getopt, args)
TypeError: bad argument --port=443:tcp: unknown option

  install exited abnormally

Expected results:

Additional info:

It seems obvious that the scripts on the installation media don't know
about the --port option.

Comment 1 Brent Fox 2004-06-23 18:19:17 UTC
Please attach the kickstart file that you created.

Comment 2 George Lancina 2004-06-23 21:18:54 UTC
Created attachment 101363 [details]
The working ks file, with the offending firewall line commented

This is the working version with the offending firewall line commented out and
my root password removed as noted.

Comment 3 Brent Fox 2004-06-23 22:10:33 UTC
I'm going to change the component of this bug to anaconda since the
kickstart file looks ok to me.  

This is the line that is causing the problem:
firewall --enabled --http --ftp --ssh --smtp --port=443:tcp

However, this line looks ok to me according to the RHEL3 documentation

Either this is an anaconda bug or the kickstart docs are wrong.

Comment 4 Jeremy Katz 2004-06-24 19:12:50 UTC
There was a typo in U2, fixed for U3.

Comment 5 Jeremy Katz 2006-04-24 19:05:38 UTC
Mass-closing lots of old bugs which are in MODIFIED (and thus presumed to be
fixed).  If any of these are still a problem, please reopen or file a new bug
against the release which they're occurring in so they can be properly tracked.

Note You need to log in before you can comment on or make changes to this bug.