Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-88425

firewall role does not work in bootc container builds

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Task Task
    • Resolution: Done
    • Icon: Major Major
    • None
    • rhel-10.0
    • rhel-system-roles
    • rhel-system-roles
    • System Roles Sprint 10, Sprint 11, Sprint 12
    • 15
    • False
    • Hide

      None

      Show
      None
    • None

      Running the role during a bootc container build fails with

        TASK [fedora.linux_system_roles.firewall : Enable and start firewalld service] ***
        task path: /home/runner/work/cockpit/cockpit/.tox/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:28
        fatal: [sut]: FAILED! => {"changed": false, "msg": "Service is in unknown state", "status": {}}
      

      This was detected as part of running in the cockpit role in https://github.com/linux-system-roles/cockpit/pull/212 , but ought to also fail its own tests. I did not set these up yet, but will soon.

      That failure is trivial to fix. The more "interesting" part is that the role currently wants to talk to D-Bus to collect the runtime facts. This needs to be rewritten to collect the permanent (on-disk) facts, without D-Bus. This needs research up to which degree firewall-cmd works during a container build without D-Bus.

              rhn-engineering-mpitt Martin Pitt
              rhn-engineering-mpitt Martin Pitt
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: