[Bug 487870] New: SuSEfilewall2 does not search service files in /etc/sysconfig/SuSEfirewall2.d/services
https://bugzilla.novell.com/show_bug.cgi?id=487870 Summary: SuSEfilewall2 does not search service files in /etc/sysconfig/SuSEfirewall2.d/services Classification: openSUSE Product: openSUSE 11.1 Version: Final Platform: x86 OS/Version: openSUSE 11.1 Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: f.de.kruijf@hetnet.nl QAContact: qa@suse.de Found By: --- User-Agent: Mozilla/5.0 (compatible; Konqueror/4.2; Linux) KHTML/4.2.1 (like Gecko) SUSE After specifying the line FW_CONFIGURATIONS_EXT="apache2,apache2-ssl,avahi,postfix" in the file /etc/sysconfig/SuSEfirewall2 gives the error message: # SuSEfirewall2 SuSEfirewall2: Setting up rules from /etc/sysconfig/SuSEfirewall2 ... SuSEfirewall2: using default zone 'ext' for interface eth1 /sbin/SuSEfirewall2: line 1082: /usr/share/SuSEfirewall2/services/apache2,apache2-ssl,avahi,postfix: No such file or directory SuSEfirewall2: Warning: config 'apache2,apache2-ssl,avahi,postfix' not available SuSEfirewall2: batch committing... SuSEfirewall2: Firewall rules successfully set # Obviously the services files are not searched in /etc/sysconfig/SuSEfirewall2.d/services/ but in /usr/share/SuSEfirewall2/services/ which is not according to the comment in the SuSEfirewall2 configuration file. Reproducible: Always Steps to Reproduce: 1. 2. 3. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=487870 User lnussel@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=487870#c1 Ludwig Nussel <lnussel@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID --- Comment #1 from Ludwig Nussel <lnussel@novell.com> 2009-03-24 01:58:30 MST --- as will all lists in the SuSEfirewall2 config the values are space separated -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=487870 User f.de.kruijf@hetnet.nl added comment https://bugzilla.novell.com/show_bug.cgi?id=487870#c2 Freek de Kruijf <f.de.kruijf@hetnet.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|INVALID | --- Comment #2 from Freek de Kruijf <f.de.kruijf@hetnet.nl> 2009-03-24 17:29:52 MST --- However the error message is not explaining that, so please consider this to be a request for enhancement of the error message. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=487870 User lnussel@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=487870#c3 Ludwig Nussel <lnussel@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution| |INVALID --- Comment #3 from Ludwig Nussel <lnussel@novell.com> 2009-03-25 03:25:05 MST --- that's what bash prints. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=487870 User f.de.kruijf@hetnet.nl added comment https://bugzilla.novell.com/show_bug.cgi?id=487870#c4 Freek de Kruijf <f.de.kruijf@hetnet.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|INVALID | --- Comment #4 from Freek de Kruijf <f.de.kruijf@hetnet.nl> 2009-03-25 05:35:34 MST --- I would suggest to change the lines 1081 and 1082 by: if [ ! -r $CONFIGURATIONSDIR_1/$config ] || ! . $CONFIGURATIONSDIR_1/$config; then warning "config file '$config' not available in '$CONFIGURATIONSDIR_0/' and '$CONFIGURATIONSDIR_1/'" -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=487870 User lnussel@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=487870#c5 Ludwig Nussel <lnussel@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution| |INVALID --- Comment #5 from Ludwig Nussel <lnussel@novell.com> 2009-03-25 06:09:43 MST --- I'd rather silence the bash error. anyways, bug is still invalid -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=487870 User f.de.kruijf@hetnet.nl added comment https://bugzilla.novell.com/show_bug.cgi?id=487870#c6 --- Comment #6 from Freek de Kruijf <f.de.kruijf@hetnet.nl> 2009-03-25 09:25:06 MST --- Using my proposal silences the bash error and gives a better warning message. I agree that that it is not a bug. The SuSEfirewall2 script does search the directory /etc/sysconfig/SuSEfirewall2.d/services/ but in the comment in /etc/sysconfig/SuSEfirewall2 there is no mentioning that the services files are also search for in /usr/share/SuSEfirewall2/services/ if they are not found in the previous directory. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com