FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 11-17-2011, 04:24 PM
Michael Schwendt
 
Default iptables systemd services fail

Fedora 16 x86_64 plus updates-testing

Some time ago systemd has started with reporting that both the iptables4
and iptables6 services fail at boot time. For example:

| Starting IPv4 firewall with iptables...
| Starting IPv4 firewall with iptables failed, see 'systemctl status iptables.service' for details.
|

# systemctl status iptables.service
#iptables.service - IPv4 firewall with iptables
Loaded: loaded (/lib/systemd/system/iptables.service; enabled)
Active: failed since Thu, 17 Nov 2011 18:19:23 +0100; 2min 31s ago
Process: 1003 ExecStart=/usr/libexec/iptables.init start (code=exited, status=1/FAILURE)
CGroup: name=systemd:/system/iptables.service

Once logged in, I can start it manually without problems. SELinux is not
the culprit. The services fail also when running permissive mode. It seems
as if it's another race between systemd services.

Anyone has seen this, too?

--
Fedora release 16 (Verne) - Linux 3.1.1-2.fc16.x86_64
loadavg: 1.36 0.44 0.15
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 11-17-2011, 04:26 PM
Itamar Reis Peixoto
 
Default iptables systemd services fail

On Thu, Nov 17, 2011 at 3:24 PM, Michael Schwendt <mschwendt@gmail.com> wrote:
> Fedora 16 x86_64 plus updates-testing
>
> Some time ago systemd has started with reporting that both the iptables4
> and iptables6 services fail at boot time. For example:
>
> | Starting IPv4 firewall with iptables...
> | Starting IPv4 firewall with iptables failed, see 'systemctl status iptables.service' for details.
> |
>
> # systemctl status iptables.service
> #iptables.service - IPv4 firewall with iptables
> * * * * *Loaded: loaded (/lib/systemd/system/iptables.service; enabled)
> * * * * *Active: failed since Thu, 17 Nov 2011 18:19:23 +0100; 2min 31s ago
> * * * * Process: 1003 ExecStart=/usr/libexec/iptables.init start (code=exited, status=1/FAILURE)
> * * * * *CGroup: name=systemd:/system/iptables.service
>
> Once logged in, I can start it manually without problems. SELinux is not
> the culprit. The services fail also when running permissive mode. It seems
> as if it's another race between systemd services.
>
> Anyone has seen this, too?
>
> --

also if I upgrade from fedora 15 to 16 iptables becomes active.





--
------------

Itamar Reis Peixoto
msn, google talk: itamar@ispbrasil.com.br
+55 11 4063 5033 (FIXO SP)
+55 34 9158 9329 (TIM)
+55 34 8806 3989 (OI)
+55 34 3221 8599 (FIXO MG)
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 11-17-2011, 04:59 PM
Michael Cronenworth
 
Default iptables systemd services fail

Michael Schwendt wrote:
> Anyone has seen this, too?

My iptables is starting normally without user-intervention.

Do you have customized iptables rules? If you do, try it without them?
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 11-17-2011, 05:13 PM
Deron Meranda
 
Default iptables systemd services fail

On Thu, Nov 17, 2011 at 12:24 PM, Michael Schwendt <mschwendt@gmail.com> wrote:
> Fedora 16 x86_64 plus updates-testing
...
> Once logged in, I can start it manually without problems. SELinux is not
> the culprit. The services fail also when running permissive mode. It seems
> as if it's another race between systemd services.
>
> Anyone has seen this, too?


I have a lot of customized iptables rules and everything is working fine for me.

I am not running with the updates-testing repo though.

How exactly are you starting it manually?

--
Deron Meranda
http://deron.meranda.us/
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 11-17-2011, 05:27 PM
Michael Schwendt
 
Default iptables systemd services fail

On Thu, 17 Nov 2011 13:13:01 -0500, DM (Deron) wrote:

> > Fedora 16 x86_64 plus updates-testing
> ...
> > Once logged in, I can start it manually without problems. SELinux is not
> > the culprit. The services fail also when running permissive mode. It seems
> > as if it's another race between systemd services.
> >
> > Anyone has seen this, too?
>
>
> I have a lot of customized iptables rules and everything is working fine for me.
>
> I am not running with the updates-testing repo though.
>
> How exactly are you starting it manually?

Once the system has booted, either on a virtual console or in a terminal
in GNOME Shell:

# systemctl start iptables.service

Afterwards, a "status" query says it is active and exited without error.
Stuff in /var/log/boot.log after the failure is:

[...]
Starting IPv4 firewall with iptables ESC[1;31mfailedESC[0m, see 'systemctl status iptables.service' for details.
Starting IPv6 firewall with ip6tables ESC[1;31mfailedESC[0m, see 'systemctl status ip6tables.service' for details.
Started Security Auditing Service.
Started ACPI Event Daemon.
Started irqbalance daemon.
Started Machine Check Exception Logging Daemon.
Started SSH server keys generation..
Started Install ABRT coredump hook.
Starting Command Scheduler...
Started Command Scheduler.
Starting LSB: Mount and unmount network filesystems....
Started /etc/rc.local Compatibility.
Starting Wait for Plymouth Boot Screen to Quit...
Started D-Bus System Message Bus.
Started Login Service.
Started Avahi mDNS/DNS-SD Stack.
Started ABRT Automated Bug Reporting Tool.
Starting Harvest vmcores for ABRT...
Stopping Syslog Kernel Log Buffer Bridge...
Stopped Syslog Kernel Log Buffer Bridge.
Started Harvest vmcores for ABRT.
Started System Logging Service.
Started Network Manager.
Starting RPC bind service...
Starting Samba NMB Daemon...
Starting OpenSSH server daemon....
Started OpenSSH server daemon..
Starting NFSv4 ID-name mapping daemon...
Starting Sendmail Mail Transport Agent...
Started LSB: Mount and unmount network filesystems..
Started RPC bind service.
Started Samba NMB Daemon.
Started NFSv4 ID-name mapping daemon.
Starting Samba SMB Daemon...
Starting Plague server daemon for build-system master machines...
Starting NFS file locking service....
Starting Plague builder daemon for build-system slave machines...


I haven't started debugging it. Just want to raise awareness and find
out whether anyone else is affected, too.

--
Fedora release 16 (Verne) - Linux 3.1.1-2.fc16.x86_64
loadavg: 0.31 0.41 0.22
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 11-18-2011, 01:52 AM
"T.C. Hollingsworth"
 
Default iptables systemd services fail

On Thu, Nov 17, 2011 at 10:24 AM, Michael Schwendt <mschwendt@gmail.com> wrote:
> Fedora 16 x86_64 plus updates-testing
>
> Some time ago systemd has started with reporting that both the iptables4
> and iptables6 services fail at boot time. For example:
>
> | Starting IPv4 firewall with iptables...
> | Starting IPv4 firewall with iptables failed, see 'systemctl status iptables.service' for details.
> |
>
> # systemctl status iptables.service
> #iptables.service - IPv4 firewall with iptables
> * * * * *Loaded: loaded (/lib/systemd/system/iptables.service; enabled)
> * * * * *Active: failed since Thu, 17 Nov 2011 18:19:23 +0100; 2min 31s ago
> * * * * Process: 1003 ExecStart=/usr/libexec/iptables.init start (code=exited, status=1/FAILURE)
> * * * * *CGroup: name=systemd:/system/iptables.service
>
> Once logged in, I can start it manually without problems. SELinux is not
> the culprit. The services fail also when running permissive mode. It seems
> as if it's another race between systemd services.

What does syslog say around the time iptables.service is started on
boot? You should get some sort of error out of iptables.init.

-T.C.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 11-18-2011, 08:46 AM
Michael Schwendt
 
Default iptables systemd services fail

On Thu, 17 Nov 2011 19:52:00 -0700, TCH (T.C.) wrote:

> > # systemctl status iptables.service
> > #iptables.service - IPv4 firewall with iptables
> > * * * * *Loaded: loaded (/lib/systemd/system/iptables.service; enabled)
> > * * * * *Active: failed since Thu, 17 Nov 2011 18:19:23 +0100; 2min 31s ago
> > * * * * Process: 1003 ExecStart=/usr/libexec/iptables.init start (code=exited, status=1/FAILURE)
> > * * * * *CGroup: name=systemd:/system/iptables.service
> >
> > Once logged in, I can start it manually without problems. SELinux is not
> > the culprit. The services fail also when running permissive mode. It seems
> > as if it's another race between systemd services.
>
> What does syslog say around the time iptables.service is started on
> boot? You should get some sort of error out of iptables.init.

None. Else I wouldn't be asking.

boot.log says "Started System Logging Service." only after the failed
iptables start.

Guess I'll need to compare carefully with another F16 installation
if I find the time. And perhaps turn off updates-testing on my main
desktop. Too many test updates again and not enough time to test
them painstakingly before they get pushed to stable.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 11-19-2011, 01:25 PM
Claude Jones
 
Default iptables systemd services fail

On 11/17/2011 12:24 PM, Michael Schwendt wrote:
> Fedora 16 x86_64 plus updates-testing
>
> Some time ago systemd has started with reporting that both the iptables4
> and iptables6 services fail at boot time. For example:
>
> | Starting IPv4 firewall with iptables...
> | Starting IPv4 firewall with iptables failed, see 'systemctl status iptables.service' for details.
> |
>
> # systemctl status iptables.service
> #iptables.service - IPv4 firewall with iptables
> Loaded: loaded (/lib/systemd/system/iptables.service; enabled)
> Active: failed since Thu, 17 Nov 2011 18:19:23 +0100; 2min 31s ago
> Process: 1003 ExecStart=/usr/libexec/iptables.init start (code=exited, status=1/FAILURE)
> CGroup: name=systemd:/system/iptables.service
>
> Once logged in, I can start it manually without problems. SELinux is not
> the culprit. The services fail also when running permissive mode. It seems
> as if it's another race between systemd services.
>
> Anyone has seen this, too?
>

Yes, I'm getting something similar, but it gets crazier! Running this
produces the following:
************************************************** *****************
status iptables.service
status: Unable to connect to Upstart: Failed to connect to socket
/com/ubuntu/upstart: Connection refused
************************************************** *****************
What is that reference to an Ubuntu folder about??? It doesn't exist on
my system.

If I run systemctl start iptables.service the service starts up normally...

--
Claude Jones
Brunswick, MD, USA
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 11-19-2011, 01:46 PM
Claude Jones
 
Default iptables systemd services fail

On 11/19/2011 09:25 AM, Claude Jones wrote:
>> > Anyone has seen this, too?
>> >
> Yes, I'm getting something similar, but it gets crazier! Running this
> produces the following:
> ************************************************** *****************
> status iptables.service
> status: Unable to connect to Upstart: Failed to connect to socket
> /com/ubuntu/upstart: Connection refused
> ************************************************** *****************
> What is that reference to an Ubuntu folder about??? It doesn't exist on
> my system.
>
> If I run systemctl start iptables.service the service starts up normally...

update: after running some updates just now, I restarted, and iptables
appears to have started - "iptables --list" produces a list of rules as
opposed to the three lines of "allow all" I saw fifteen minutes ago, and
boot.log indicates that iptables started

--
Claude Jones
Brunswick, MD, USA
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 11-19-2011, 05:43 PM
Deron Meranda
 
Default iptables systemd services fail

> status: Unable to connect to Upstart: Failed to connect to socket
> /com/ubuntu/upstart: Connection refused
> ************************************************** *****************
> What is that reference to an Ubuntu folder about??? It doesn't exist on
> my system.

Upstart is a different implementation of a system"init" process. It
was developed by the Ubuntu community, and it was used in Fedora
recently, until systemd replaced it.

See http://en.wikipedia.org/wiki/Upstart and http://upstart.ubuntu.com/

--
Deron Meranda
http://deron.meranda.us/
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 

Thread Tools




All times are GMT. The time now is 07:19 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org