784246 – yast do not start/stop properly the firewall

Bug 784246 - yast do not start/stop properly the firewall

Summary: yast do not start/stop properly the firewall

Status:	RESOLVED DUPLICATE of bug 779455

Alias:	None

Product:	openSUSE 12.2
Classification:	openSUSE
Component:	YaST2 (show other bugs)
Version:	Final
Hardware:	PC openSUSE 12.2

Priority:	P5 - None Severity: Normal (vote)
Target Milestone:	---
Assignee:	Lukas Ocilka
QA Contact:	Jiri Srain

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2012-10-09 15:26 UTC by Giacomo Comes
Modified:	2012-10-15 12:41 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Giacomo Comes 2012-10-09 15:26:31 UTC

User-Agent:       Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20100101 Firefox/15.0.1

If I have the firewall enabled the output of 
systemctl status SuSEfirewall2_setup.service is:
SuSEfirewall2_setup.service - LSB: SuSEfirewall2 phase 2
          Loaded: loaded (/etc/init.d/SuSEfirewall2_setup)
          Active: active (exited) since Tue, 09 Oct 2012 11:04:10 -0400; 1min 18s ago
         Process: 2411 ExecStart=/etc/init.d/SuSEfirewall2_setup start (code=exited, status=0/SUCCESS)
          CGroup: name=systemd:/system/SuSEfirewall2_setup.service

and the output of /etc/init.d/SuSEfirewall2_setup status is:
Checking the status of SuSEfirewall2 ..            running
Now i run yast firewall and from the Switch On and Off panel I select Stop Firewall Now. At this point the firewall is stopped. I can access from the outside the PC.
But the output of systemctl status SuSEfirewall2_setup.service is still:
SuSEfirewall2_setup.service - LSB: SuSEfirewall2 phase 2
          Loaded: loaded (/etc/init.d/SuSEfirewall2_setup)
          Active: active (exited) since Tue, 09 Oct 2012 11:04:10 -0400; 5min ago
         Process: 2411 ExecStart=/etc/init.d/SuSEfirewall2_setup start (code=exited, status=0/SUCCESS)
          CGroup: name=systemd:/system/SuSEfirewall2_setup.service

and the output of /etc/init.d/SuSEfirewall2_setup status is:
Checking the status of SuSEfirewall2 ..            unused

If I run again yast firewall it still says that the firewall is running and offers me the option to stop the firewall.

If I run systemctl stop SuSEfirewall2_setup.service then
systemctl status SuSEfirewall2_setup.service, /etc/init.d/SuSEfirewall2_setup status and yast firewall all agrees that the firewall is stopped.

The same is true in the opposite direction: if the firewall is stopped and I start it in yast firewall, then systemctl and /etc/init.d/SuSEfirewall2_setup
do not agree on the status of the firewall and yast firewall still thinks that the firewall is disabled.

Reproducible: Always

Steps to Reproduce:
1.run yast firewall and start or stop the firewall
2.
3.
Actual Results:  
yast firewall still says that the firewall has not been started or stopped,
the output of systemctl status SuSEfirewall2_setup.service and /etc/init.d/SuSEfirewall2_setup status are not consistent

Expected Results:  
firewall properly started or stopped

Comment 1 Christian Boltz 2012-10-14 23:16:27 UTC

No idea how YaST starts and stops the firewall, but systemd's "I started it, so it must still be running" behaviour doesn't make it better ;-)  (this affects various things that don't have/need a process running)

Comment 2 Lukas Ocilka 2012-10-15 12:41:50 UTC

It was recommended that YaST Firewall should use a different approach
to starting and stopping the service. Anyway, it's been changed from 12.1
a bit and the old approach doesn't work anymore.

I have this patch https://github.com/kobliha/yast-yast2/commit/cd53fea494f79dc0cb3031ab8a8dcdc971d4669c ready at github and will be
sent to build service soon.

*** This bug has been marked as a duplicate of bug 779455 ***