Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-52329

[ansible-freeipa] Permission denied when configuring firewalld during ansible-freeipa deployment

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Undefined Undefined
    • None
    • rhel-10.0.beta
    • ansible-freeipa
    • Yes
    • Critical
    • rhel-sst-idm-ipa
    • ssg_idm
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None

      A fatal error occurs during the ansible-freeipa deployment when attempting to configure firewalld. The command fails with a "Permission denied" error when trying to access /etc/firewalld/zones/public.xml

      Please provide the package NVR for which bug is seen:

      ansible-freeipa-1.13.2-1.el10.noarch

      ipa-server-4.12.1-3.el10.x86_64
      firewalld-2.2.0-2.el10.noarch

      Error:

      DEBUG    pytest_multihost.host.Host.ansible.cmd4:transport.py:563 TASK [freeipa.ansible_freeipa.ipaserver : Install - Configure firewalld] *******
DEBUG    pytest_multihost.host.Host.ansible.cmd4:transport.py:563 task path: /usr/share/ansible/collections/ansible_collections/freeipa/ansible_freeipa/roles/ipaserver/tasks/install.yml:444
DEBUG    pytest_multihost.host.Host.ansible.cmd4:transport.py:563 fatal: [master.ipadomain.test]: FAILED! => {"changed": true, "cmd": ["firewall-cmd", "--permanent", "--zone=", "--add-service=freeipa-ldap", "--add-service=freeipa-ldaps", "--add-service=dns", "--add-service=ntp"], "delta": "0:00:00.222334", "end": "2024-08-01 03:17:41.296056", "msg": "non-zero return code", "rc": 254, "start": "2024-08-01 03:17:41.073722", "stderr": "Warning: [Errno 13] Permission denied: '/etc/firewalld/zones/public.xml'\nWarning: [Errno 13] Permission denied: '/etc/firewalld/zones/public.xml'\nWarning: [Errno 13] Permission denied: '/etc/firewalld/zones/public.xml'\nWarning: [Errno 13] Permission denied: '/etc/firewalld/zones/public.xml'", "stderr_lines": ["Warning: [Errno 13] Permission denied: '/etc/firewalld/zones/public.xml'", "Warning: [Errno 13] Permission denied: '/etc/firewalld/zones/public.xml'", "Warning: [Errno 13] Permission denied: '/etc/firewalld/zones/public.xml'", "Warning: [Errno 13] Permission denied: '/etc/firewalld/zones/public.xml'"], "stdout": "", "stdout_lines": []}

      Expected results

      The task should configure firewalld without any errors

      Additional info:
      deployment was working fine with ipa-server-4.12.1-2

              twoerner Thomas Woerner
              mvarun@redhat.com Varun Mylaraiah
              Thomas Woerner Thomas Woerner
              IPA QE Bot IPA QE Bot
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: