Le 09/01/2017 00:17, Ed Greshko a écrit : > > > On 01/09/17 06:30, François Patte wrote: >> For this reason, it is impossible to change any settings in firewall on >> fedora 24. >> >> So, I can't ssh machines running f24, I can't set printers on machines >> running f24... >> >> Is there a solution? > > I have a fully updated F24 system except for the packages with the dependency issues: > > root@f24 ~]# dnf --best update > Last metadata expiration check: 0:34:16 ago on Mon Jan 9 06:41:24 2017. > Error: package firewalld-0.4.4.2-2.fc24.noarch conflicts with selinux-policy < > 3.13.1-191.23 provided by selinux-policy-3.13.1-191.21.fc24.noarch. > package selinux-policy-targeted-3.13.1-191.21.fc24.noarch requires selinux-policy = > 3.13.1-191.21.fc24, but none of the providers can be installed. > package firewall-applet-0.4.4.2-2.fc24.noarch requires firewalld = 0.4.4.2-2.fc24, but > none of the providers can be installed. > package selinux-policy-targeted-3.13.1-191.21.fc24.noarch requires selinux-policy = > 3.13.1-191.21.fc24, but none of the providers can be installed > > But the currently installed packages work fine and I can make changes to my firewall. > > So, what exactly are you seeing? Thank you for answering. 1- If I want to update my system using dnf update, I get this message: Paquets ignorés suite à des dépendances cassées: (ignored packages because of broken dependencies) firewall-config noarch 0.4.4.2-2.fc24 updates 153 k firewalld noarch 0.4.4.2-2.fc24 updates 454 k firewalld-filesystem noarch 0.4.4.2-2.fc24 updates 68 k python3-firewall noarch 0.4.4.2-2.fc24 updates 351 k 2- At boot time (journalctl -b) I have these error messages: /firewalld[1325]: ERROR: Failed to flush eb firewall: '/usr/sbin/ebtables-restore --noflush' failed: /firewalld[1325]: ERROR: INVALID_ZONE (2 times) 3- If I want to set the firewall (Applications->Administration->Firewall In public, I tick ipp and ssh and reload firewalld, I get these messages in journalctl: janv. 09 12:32:59 bhaskara dbus-daemon[1339]: [system] Activating via systemd: service name='net.reactivated.Fprint' unit='fprintd.service' requested by ':1.59' (uid=0 pid=3557 comm="/usr/lib/polkit-1/polkit-agent-helper-1 root " label="unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023") janv. 09 12:32:59 bhaskara systemd[1]: Starting Fingerprint Authentication Daemon... janv. 09 12:32:59 bhaskara dbus-daemon[1339]: [system] Successfully activated service 'net.reactivated.Fprint' janv. 09 12:32:59 bhaskara audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=fprintd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' janv. 09 12:32:59 bhaskara systemd[1]: Started Fingerprint Authentication Daemon. janv. 09 12:33:14 bhaskara audit[3557]: USER_AUTH pid=3557 uid=3025 auid=3025 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=pam_unix acct="root" exe="/usr/lib/polkit-1/polkit-agent-helper-1" hostname=? addr=? terminal=? res=success' janv. 09 12:33:14 bhaskara audit[3557]: USER_ACCT pid=3557 uid=3025 auid=3025 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="root" exe="/usr/lib/polkit-1/polkit-agent-helper-1" hostname=? addr=? terminal=? res=success' janv. 09 12:33:14 bhaskara polkitd[1370]: Operator of unix-session:2 successfully authenticated as unix-user:root to gain TEMPORARY authorization for action org.fedoraproject.FirewallD1.all for system-bus-name::1.57 [/usr/bin/python3 -Es /usr/bin/firewall-config] (owned by unix-user:fp) janv. 09 12:33:29 bhaskara audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=fprintd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=filter family=2 entries=41 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=mangle family=2 entries=27 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=raw family=2 entries=9 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=security family=2 entries=13 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=filter family=10 entries=41 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=mangle family=10 entries=27 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=raw family=10 entries=9 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=security family=10 entries=13 janv. 09 12:33:43 bhaskara /firewalld[1363]: ERROR: Failed to set policy of eb firewall: '/usr/sbin/ebtables-restore --noflush' failed: Bad argument : 'COMMIT'. janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=filter family=2 entries=41 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=mangle family=2 entries=27 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=nat family=2 entries=26 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=raw family=2 entries=9 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=security family=2 entries=13 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=filter family=10 entries=41 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=mangle family=10 entries=27 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=nat family=10 entries=26 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=raw family=10 entries=9 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=security family=10 entries=13 janv. 09 12:33:43 bhaskara /firewalld[1363]: ERROR: Failed to flush eb firewall: '/usr/sbin/ebtables-restore --noflush' failed: Bad argument : 'COMMIT'. janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=filter family=2 entries=4 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=mangle family=2 entries=6 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=nat family=2 entries=5 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=raw family=2 entries=3 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=security family=2 entries=4 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=filter family=10 entries=4 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=mangle family=10 entries=6 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=nat family=10 entries=5 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=raw family=10 entries=3 janv. 09 12:33:43 bhaskara audit: NETFILTER_CFG table=security family=10 entries=4 janv. 09 12:34:03 bhaskara wpa_supplicant[1536]: wlp12s0: WPA: Group rekeying completed with 00:1d:6a:69:e0:74 [GTK=TKIP] Then the network is totaly blocked on the computer, I have to stop firewalld. -- François Patte UFR de mathématiques et informatique Laboratoire CNRS MAP5, UMR 8145 Université Paris Descartes 45, rue des Saints Pères F-75270 Paris Cedex 06 Tél. +33 (0)1 8394 5849 http://www.math-info.univ-paris5.fr/~patte
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx