Bug 1729287 - Error running install command for nf_conntrack
Summary: Error running install command for nf_conntrack
Keywords:
Status: NEW
Alias: None
Product: Fedora
Classification: Fedora
Component: firewalld
Version: 30
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Eric Garver
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-07-11 18:55 UTC by Gregory Lee Bartholomew
Modified: 2019-07-11 18:55 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:


Attachments (Terms of Use)

Description Gregory Lee Bartholomew 2019-07-11 18:55:13 UTC
Description of problem:

When booting my system, I see the following error messages on my screen:

Jul 11 13:06:26 example.edu systemd-modules-load[264]: Error running install command for nf_conntrack
Jul 11 13:06:26 example.edu systemd-modules-load[264]: Failed to insert module 'nf_conntrack_pptp': Key has expired
Jul 11 13:06:26 example.edu systemd-modules-load[264]: sh: /sbin/sysctl: No such file or directory

Version-Release number of selected component (if applicable):

firewalld-0.6.4-1.fc30.noarch

How reproducible:

Always

Steps to Reproduce:
1. Boot the system with rhgb disabled

Actual results:

Error message displayed

Expected results:

No error should occur

Additional info:

I see a reference to /sbin/sysctl in /etc/modprobe.d/firewalld-sysctls.conf, and this conf file is present in my initramfs, but the /sbin/sysctl binnary is not. I believe the "Key has expired" message is erroneous. The real problem is that /sbin/sysctl is not present in the initramfs:

$ lsinitrd initramfs-5.1.16-300.fc30.x86_64.img | awk '/sysctl/ {print $9}'
etc/modprobe.d/firewalld-sysctls.conf
etc/sysctl.conf
etc/sysctl.d
etc/sysctl.d/50-libreswan.conf
etc/sysctl.d/99-sysctl.conf
etc/sysctl.d/my.conf
usr/lib/sysctl.d
usr/lib/sysctl.d/10-default-yama-scope.conf
usr/lib/sysctl.d/20-pptpd.conf
usr/lib/sysctl.d/50-coredump.conf
usr/lib/sysctl.d/50-default.conf
usr/lib/sysctl.d/50-libkcapi-optmem_max.conf
usr/lib/sysctl.d/60-libvirtd.conf
usr/lib/systemd/systemd-sysctl
usr/lib/systemd/system/sysinit.target.wants/systemd-sysctl.service
usr/lib/systemd/system/systemd-sysctl.service

In fact, I can get rid of the error message with the following:

# sed -i 's/ &&.*//' /etc/modprobe.d/firewalld-sysctls.conf
# dracut -f

I'm sure that isn't the right solution though.


Note You need to log in before you can comment on or make changes to this bug.