Description of problem: I kickstart installed a Fedora 10 i386 system with the following firewall configuration specified in the kickstart file to enable SSH and NRPE: firewall --enabled --port=22:tcp --port=5666:tcp Following the install I looked at /etc/sysconfig/iptables and it had two entries for port 22: -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 5666 -j ACCEPT And iptables status reports: $ sudo /sbin/service iptables status Table: filter Chain INPUT (policy ACCEPT) num target prot opt source destination 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 5 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 6 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:5666 7 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) num target prot opt source destination 1 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) num target prot opt source destination Version-Release number of selected component (if applicable): How reproducible: I haven't had a chance to reinstall the system using the same kickstart file. Steps to Reproduce: 1. Create a kickstart file with the firewall config line listed above 2. Kickstart the system 3. Check /etc/sysconfig/iptables following the install Actual results: Duplicate entries for SSH in the firewall script Expected results: A single entry for port 22 Additional info:
Can you attach /var/log/anaconda.log from your running system to this bug report? That ought to tell us exactly which lokkit command was run so we can see where the problem here lies. Thanks.
Created attachment 326634 [details] anaconda.log from the Fedora 10 i386 kickstart install Added the anaconda.log file as requested.
This will be fixed in the next build of anaconda. Thanks for the bug report.