Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1056927 - [engine-setup] - standalone value (iptables) is not considered as usable value CentOS6 [NEEDINFO]
Summary: [engine-setup] - standalone value (iptables) is not considered as usable valu...
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: oVirt
Classification: Retired
Component: ovirt-engine-installer
Version: 3.4
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
: 3.4.0
Assignee: Yedidyah Bar David
QA Contact: sefi litmanovich
URL:
Whiteboard: integration
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-01-23 08:01 UTC by Pavel Stehlik
Modified: 2015-09-09 09:18 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-02-17 14:51:30 UTC
oVirt Team: ---
didi: needinfo?


Attachments (Terms of Use)
iptables.png (deleted)
2014-01-23 08:01 UTC, Pavel Stehlik
no flags Details
setup-log.tgz (deleted)
2014-01-23 08:04 UTC, Pavel Stehlik
no flags Details

Description Pavel Stehlik 2014-01-23 08:01:49 UTC
Created attachment 854243 [details]
iptables.png

Description of problem:
 During installation on CentOS6 is configuration of firewall offered, however the only value is in parentheses '(iptables)' instead offering default brackets '[iptables]' - so after hitting Enter value was considered as an error. 
See att scrnsht (sry had issue with copying on my workstation so used visual method).
 
Log:
...
2014-01-23 02:09:40 DEBUG otopi.plugins.otopi.dialog.human human.queryString:153 query OVESETUP_CONFIG_FIREWALL_MANAGER
2014-01-23 02:09:40 DEBUG otopi.plugins.otopi.dialog.human dialog.__logString:215 DIALOG:SEND                 Firewall manager to configure (iptables):
2014-01-23 02:09:42 ERROR otopi.plugins.otopi.dialog.human human.queryString:177 Invalid value
2014-01-23 02:09:42 DEBUG otopi.plugins.otopi.dialog.human dialog.__logString:215 DIALOG:SEND                 Firewall manager to configure (iptables):
2014-01-23 02:09:50 DEBUG otopi.plugins.otopi.dialog.human dialog.__logString:215 DIALOG:RECEIVE    iptables
2014-01-23 02:09:50 INFO otopi.plugins.ovirt_engine_setup.base.network.firewall_manager firewall_manager._customization:191 iptables will be configured as firewall manager.
...


Version-Release number of selected component (if applicable):
ovirt-engine-setup-3.4.0-0.5.beta1.el6.noarch

How reproducible:


Steps to Reproduce:
1. install ovirt on cent6
2.
3.

Actual results:


Expected results:


Additional info:

Comment 1 Pavel Stehlik 2014-01-23 08:04:15 UTC
Created attachment 854244 [details]
setup-log.tgz

Comment 2 Yedidyah Bar David 2014-02-16 12:39:55 UTC
This happens if the iptables service is not active on the machine prior to running setup. The logic was that activating it (rather than just changing the configuration) is a significant change that the user should not accept by merely pressing 'Enter'.

Current behavior is:
1. We support as firewall managers 'iptables' and 'firewalld'.
2. If one of them is active, it's selected automatically
3. Otherwise we let the user choose among those found on the system.

So on RHEL/Centos 6 there is only one choice by default (unless user installed firewalld, which is actually possible) - 'iptables'.

So what you actually want is that if there is no active manager, and only one is found on the system, it will be selected automatically (just as if it was found active)?

Comment 3 Alon Bar-Lev 2014-02-16 13:51:39 UTC
(In reply to Yedidyah Bar David from comment #2)
> So what you actually want is that if there is no active manager, and only
> one is found on the system, it will be selected automatically (just as if it
> was found active)?

Selecting to enable firewall automatically is something that I would like to avoid, this is why we added this phase... to make sure the user knows what he is doing.

For example, at Gentoo if I have unsupported firewall firehol, and I select yes, configure my firewall, then I am prompted for iptables, I know that something bad is going to happen.

Comment 4 Ofer Schreiber 2014-02-17 14:51:30 UTC
I'm closing this bug, as this behavior works as designed.
If you still thinks this is a bug, please reopen.


Note You need to log in before you can comment on or make changes to this bug.