Bug 734992 - Why is iptables config file missing after using kickstart build for RHEL 5.7?
Summary: Why is iptables config file missing after using kickstart build for RHEL 5.7?
Keywords:
Status: CLOSED INSUFFICIENT_DATA
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: anaconda
Version: 5.7
Hardware: x86_64
OS: Linux
medium
medium
Target Milestone: rc
: 5.8
Assignee: Anaconda Maintenance Team
QA Contact: Release Test Team
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-09-01 06:02 UTC by Kamal Maiti
Modified: 2018-11-14 11:03 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-10-11 19:23:55 UTC


Attachments (Terms of Use)

Description Kamal Maiti 2011-09-01 06:02:45 UTC
Description of problem:

It's missing iptables config after using kickstart build for RHEL 5.7

Version-Release number of selected component (if applicable):

system-config-securitylevel-tui
Installing RHEL 5.7 using kickstart

How reproducible:

The iptables config file is missing after completing the installation while customer uses following options at kickstart file :

----
. . . .
firewall --enabled --port=22:tcp
## open Firewall Ports for TSM
firewall --enabled --port=1500:tcp
firewall --enabled --port=1501:tcp
firewall --enabled --port=1502:tcp

authconfig --enableshadow --enablemd5
selinux --enforcing

. . . . 
%packages
. . . . 
-system-config-securitylevel-tui
----

Note that he excluded package system-config-securitylevel-tui here. And I have just mentioned important fireall related options from their kickstart file.

Steps to Reproduce:
1. As described above.
2. Also when they specify "selinux --permissive" in the command section, but the machines comes up in enforcing mode. This may be another issue. 
3.
  
Actual results:

It's missing iptables config after using kickstart build for RHEL 5.7

Expected results:

Iptables config file will be present.

Additional info:

When they take out line "-system-config-securitylevel-tui" from kickstart file, it works as expected. In their own words :

"I have identified the problem. We are excluding system-config-securitylevel-tui in our packages list. When I take out the "-system-config-securitylevel-tui" line, the firewall & selinux commands are no longer ignored. I consider this to be a bug."

For more information we can check case#00517881 at sfdc.

*** Also component "system-config-securitylevel-tui" should be listed in our bugzilla component list.

Comment 1 Thomas Woerner 2011-09-01 07:44:40 UTC
This is an installation issue, therefore I am assigning this to anaconda.

There is no component system-config-securitylevel-tui, because system-config-securitylevel-tui is a sub package of the component system-config-securitylevel.

Comment 2 Kamal Maiti 2011-09-01 08:46:35 UTC
Thanks Thomas.

Comment 3 Chris Lumens 2011-09-05 19:38:29 UTC
anaconda should enforce the installation of system-config-firewall-tui regardless of what you do in your kickstart file.  Please attach /tmp/anaconda.log to this bug report so we can get some more context.  Thanks.

Comment 4 Kamal Maiti 2011-09-06 05:01:34 UTC
No problem. I shall provide that file and update you.

Comment 5 David Cantrell 2011-10-11 19:23:55 UTC
Feel free to reopen this bug if you can provide the requested information.


Note You need to log in before you can comment on or make changes to this bug.