Bug 25889 - Firewalld + Libvirt
Summary: Firewalld + Libvirt
Status: NEW
Alias: None
Product: Mageia
Classification: Unclassified
Component: RPM Packages (show other bugs)
Version: 7
Hardware: All Linux
Priority: Normal major
Target Milestone: ---
Assignee: All Packagers
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-12-17 08:03 CET by Muhammad Tailounie
Modified: 2019-12-18 07:54 CET (History)
3 users (show)

See Also:
Source RPM: firewalld-0.6.3-1.mga7.src.rpm, libvirt-5.3.0-2.mga7.src.rpm
CVE:
Status comment:


Attachments

Description Muhammad Tailounie 2019-12-17 08:03:42 CET
Firewald provided by Mageia fails to load zone file /usr/lib/firewalld/zones/libvirt.xml.

The version of FirewallD in Mageia is 0.6.3



Please refer to:

https://bugzilla.redhat.com/show_bug.cgi?id=1692188

Which recommends building libvirt '--without-firewalld-zone' until a newer version of the package is provided.
Comment 1 Lewis Smith 2019-12-17 14:21:17 CET
Thank you for the report and the valuable reference, which includes:
"Until your distro has a firewalld that supports rule priorities, you should build the libvirt packages with "configure --without-firewalld-zone ....""

For an immediate but temporary fix:
"(or just remove /usr/lib/firewalld/zones/libvirt.xml to immediately solve the problem on your host (until the next time you update the libvirt packages)"

Two possibilities:
1. update firewalld https://www.firewalld.org, currently at 0.7.1.
The notes for 0.7.0 say:
"New features:
    Rich Rule Priorities"      [link]
which seems right.
 OR
2. In the meantime, re-build libvirt as described. I cannot find any pkg or SRPM which corresponds, although libvirt is listed - no maintainer; Nearest
 libvirt-sandbox-0.8.0-2.mga7.src.rpm.
CC'ing Thierry & DavidG as most recent committers, otherwise assigning globally.

CC: (none) => geiger.david68210, thierry.vignaud
Source RPM: (none) => firewalld-0.6.3-1.mga7.src.rpm, libvirt-sandbox-0.8.0-2.mga7.src.rpm
Assignee: bugsquad => pkg-bugs

Comment 2 Lewis Smith 2019-12-17 17:07:05 CET
Found the libvirt package at last, noted above in SRPM. No official maintainer, but Thierry has been the active maintainer. Ignore libvirt-sandbox in previous comment.
DavidG is OK for firewalld; neoclust official maintainer now CC'd.

Source RPM: firewalld-0.6.3-1.mga7.src.rpm, libvirt-sandbox-0.8.0-2.mga7.src.rpm => firewalld-0.6.3-1.mga7.src.rpm, libvirt-5.3.0-2.mga7.src.rpm
CC: (none) => mageia

Comment 3 David GEIGER 2019-12-18 07:54:39 CET
Should be fixed with firewalld-0.7.2-1.mga7 in Core/Updates_testing repo!

Note You need to log in before you can comment on or make changes to this bug.