This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SMT 2.0 re-enabling firewall

Hi Community,

On SMT 2.0, I noticed the following:

When firewall is disable (stopped + "Do not start", in YaST), (same if I : systemctl disable + systemctl stop)

This is automatically changed when launching "yast smt" or "yast smt-server", this is starting firewall and changing to "start on boot", even if I do "nothing" within yast smt and exit with "Cancel"

This is new behaviour  in SMT 2.

SMT 1 didn't behave like this.

Any idea, how to disable that behaviour ?

Thanks,

Pascal

Everyone is a genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is stupid. [A. Einstein]

Tags:

Parents
  • 0  

    Sounds like a YaST level thing, rather than SMT.   I would test if just running YaST for other things does the same thing.

    A workaround until you get to the root problem with SMT with the firewall running could be a cron job at least once a day to run systemctl disable + systemctl stop

    If it is only with those two YaST commands, perhaps then use a short script to start it, ending with the systemctl disable + systemctl stop

    ________________________

    Andy of KonecnyConsulting.ca in Toronto
    Please use the "Like" and/or "Verified Answers" as appropriate as that helps us all.

Reply
  • 0  

    Sounds like a YaST level thing, rather than SMT.   I would test if just running YaST for other things does the same thing.

    A workaround until you get to the root problem with SMT with the firewall running could be a cron job at least once a day to run systemctl disable + systemctl stop

    If it is only with those two YaST commands, perhaps then use a short script to start it, ending with the systemctl disable + systemctl stop

    ________________________

    Andy of KonecnyConsulting.ca in Toronto
    Please use the "Like" and/or "Verified Answers" as appropriate as that helps us all.

Children
  • 0 in reply to   

    Hi Andy,

    Thanks, indeed, this is definitely related to YaST. And only with "smt" and "smt-server" modules, the other ones  do not behave like this.

    I have tried to debug YaST withY2DEBUG=1, checking /var/log/YaST2/y2log content, it is rather complex for me (no experience with .rb scripts) but I  can see both systemctl enable and start command call for firewalld.

    For the moment I have "chmod -x /usr/sbin/firewalld", I know this is wild thing, but at least it does the job.

    Everyone is a genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is stupid. [A. Einstein]

  • 0 in reply to   

    FYI, I made a small lab and was able to reproduce it

    Everyone is a genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is stupid. [A. Einstein]