Bug 1313023 - command "systemctl reload firewalld" stops firewalld
command "systemctl reload firewalld" stops firewalld
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: firewalld (Show other bugs)
noarch Linux
high Severity high
: rc
: ---
Assigned To: Thomas Woerner
Tomas Dolezal
Depends On:
  Show dependency treegraph
Reported: 2016-02-29 13:35 EST by Richard D Alloway
Modified: 2016-11-03 17:02 EDT (History)
2 users (show)

See Also:
Fixed In Version: firewalld-0.4.2-1.el7
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2016-11-03 17:02:36 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Proposed patch which resolves this bug (737 bytes, patch)
2016-02-29 13:49 EST, Richard D Alloway
no flags Details | Diff

External Trackers
Tracker ID Priority Status Summary Last Updated
CentOS 9054 None None None 2016-02-29 13:35 EST

  None (edit)
Description Richard D Alloway 2016-02-29 13:35:18 EST
Description of problem:
Original bug reporter submitted:  
I've noticed a very strange behaviour which resulted in me not having a firewall running for quite a few hours. 
If I run:
"systemctl reload firewalld"
firewalld stops instead of being reloaded.
The console doesn't return a message and it all looks like the reload action is carried out successfully.
Indeed, my earlier command had stopped firewalld altogether!
I've reproduced this behaviour all the time.

Version-Release number of selected component (if applicable):
7.1-1503, 7.2-1511

How reproducible:

Steps to Reproduce:
1. Check firewalld is running with "systemctl status firewalld". Result: active
2. Run "systemctl reload firewalld"
3. Check firewalld is running with "systemctl status firewalld". Result: active
4. Run "systemctl reload firewalld"
5. Check status with "systemctl status firewalld". Result is: inactive

Actual results:
firewalld exits after the 2nd SIGHUP because the signal handler is not set back up after the 1st time it is handled

Expected results:
Upon SIGHUP, firewalld should execute the firewall reload and set the SIGHUP signal handler back up 

Additional info:
I resolved this issue within the CentOS Bug Tracker under bug 9054 (https://bugs.centos.org/view.php?id=9054) and was told I needed to submit the bug and fix here.
Comment 2 Richard D Alloway 2016-02-29 13:49 EST
Created attachment 1131667 [details]
Proposed patch which resolves this bug
Comment 3 Thomas Woerner 2016-04-12 10:44:24 EDT
This has been fixed upstream: https://github.com/t-woerner/firewalld/commit/0912fc66fbfe81007a00ff2b453cf83bc880a245
Comment 9 errata-xmlrpc 2016-11-03 17:02:36 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.