Red Hat Bugzilla – Bug 1301258
Rolekit startup brings up firewalld which conflicts with shorewall
Last modified: 2016-01-25 08:27:55 EST
Description of problem:
The latest version of rolekit's systemd configuration file includes a requirement for firewalld. This conflicts with other firewall products, such as shorewall, and causes incorrect iptable rules to be applied
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. systemctl disable firewalld.service
2. systemctl stop firewalld.service (if going)
3. systemctl restart rolekit.service
firewalld is restarted
firewalld not running
This appears to only have occurred in the latest RPM.
This is intentional. Rolekit has a very tight dependency on firewalld. If you are using shorewall or another firewall service, then you should disable rolekit. The fact that we were missing this explicit dependency previously was a bug; rolekit would not have worked properly without it.