Bugzilla – Bug 7338
sshd firewall configuration fails on SLE 15
Last modified: 2019-08-06 10:11:38
You need to
before you can comment on or make changes to this bug.
Seen in the log:
> 2019-04-25 13:42:11,407: Creating firewall service 'tlwebaccess' using ports 300:TCP
> 2019-04-25 13:42:13,746: Enable firewall service 'tlwebaccess'
> 2019-04-25 13:42:15,071: Creating firewall service 'tlwebadm' using ports 1010:TCP
> 2019-04-25 13:42:17,501: Enable firewall service 'tlwebadm'
> 2019-04-25 13:42:18,834: Creating firewall service 'tlmaster' using ports 9000:TCP
> 2019-04-25 13:42:20,944: Enable firewall service 'tlmaster'
> 2019-04-25 13:42:22,315: Creating firewall service 'tlagent' using ports 904:TCP
> 2019-04-25 13:42:24,435: Enable firewall service 'tlagent'
> 2019-04-25 13:42:25,761: Enable system firewall service 'sshd'
> 2019-04-25 13:42:26,442: Failed to enable firewall service sshd
> 2019-04-25 13:42:26,443: Error: INVALID_SERVICE: 'sshd' not among existing services
> 2019-04-25 13:42:26,443: failed to configure firewall.
The current system wasn't very flexible and had a hard coded connection between
the distribution and what the SSH service should be called. It seems likely
that the choice of firewall software also affects the naming.
Let's try to be more flexible and let the system check for several likely names
no matter the distribution.
Works well now. Unfortunately this meant changing all four firewall backends
(firewalld, SuSEFirewall2, lokkit, ufw) so all need to be checked.
* Verified "FirewallBackendFirewalld" on SUSE 15
* Verified "FirewallBackendSuse" on SUSE 12
* Verified "FirewallBackendFirewalld" on Fedora 30
* Verified "FirewallBackendLokkit" on RHEL 6
* Verified "FirewallBackendUfw" on Ubuntu 18.04
Seems like this bug also fixed firewalld running on Ubuntu 18.04.