Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 76500 - Can not chance security level with redhat-config-securitylevel
Summary: Can not chance security level with redhat-config-securitylevel
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: redhat-config-securitylevel
Version: 8.0
Hardware: i686
OS: Linux
Target Milestone: ---
Assignee: Brent Fox
QA Contact:
: 77611 78840 78923 79581 80798 86289 86370 87611 (view as bug list)
Depends On:
TreeView+ depends on / blocked
Reported: 2002-10-22 15:18 UTC by Need Real Name
Modified: 2008-05-01 15:38 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2002-12-10 16:05:41 UTC

Attachments (Terms of Use)

Description Need Real Name 2002-10-22 15:18:44 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003

Description of problem:
I press:

The Hat -> System Settings -> Security Level

And in the nice little GUI tool I select:

Security level: No firewall

Then I press OK and Yes. Fine! Now it should be gone.

But it is still running on security level High.

I try writing (as root):

Same thing happens. This little utility tool simply doesn't work. I can not make
any changes to the security level.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.Run redhat-config-securitylevel. Change security level. Press OK and YES.
2.Run redhat-config-securitylevel again. All the changes you did before are gone.
3.Cry in dispair

Actual Results:  Nothing. My httpd server still does not accept any incomming
HTTP. All incomming HTTP is blocked by the firewall and I can not change the
firewall settings.

Expected Results:  I expected the firewall to let incomming HTTP traffic go
through after I had changed the security level settings to allow this. 

Additional info:

Comment 1 Brent Fox 2002-10-22 15:40:58 UTC
redhat-config-securitylevel is simply a frontend to lokkit.  Unfortunately,
lokkit does not currently have a way of remembering the security level settings
that it has written out in the past.  In other words, it can write out an
/etc/sysconfig/iptables file, but it does not read it in.  This has been filed
as a request for enhancement for gnome-lokkit at:

As for being unable to turn off the firewall, I have not seen this behavior
before.  All redhat-config-securitylevel should be doing is calling 'lokkit
--disabled --quiet'

Try this:
1)  Run '/sbin/service iptables status' and attach the output to this bug report.
2)  Run redhat-config-securitylevel and set the firewall setting to "No
firewall" and click ok.
3)  Run /sbin/service iptables status' again and attach the output.

Comment 2 Brent Fox 2002-11-14 20:13:17 UTC
*** Bug 77611 has been marked as a duplicate of this bug. ***

Comment 3 Brent Fox 2002-12-10 16:05:34 UTC
*** Bug 78840 has been marked as a duplicate of this bug. ***

Comment 4 Brent Fox 2002-12-11 03:57:19 UTC
I have added some code to redhat-config-securitylevel that will allow it to
remember the settings that it last wrote out.  This problem should be fixed now.
 redhat-config-securitylevel-1.1.0-1 should appear in Rawhide in the next day or so.

Comment 5 Brent Fox 2002-12-16 17:12:41 UTC
*** Bug 79581 has been marked as a duplicate of this bug. ***

Comment 6 Brent Fox 2003-01-02 17:31:53 UTC
*** Bug 80798 has been marked as a duplicate of this bug. ***

Comment 7 Brent Fox 2003-01-09 19:22:59 UTC
*** Bug 78923 has been marked as a duplicate of this bug. ***

Comment 8 Brent Fox 2003-03-20 20:10:37 UTC
*** Bug 86370 has been marked as a duplicate of this bug. ***

Comment 9 Brent Fox 2003-03-25 16:48:00 UTC
*** Bug 86289 has been marked as a duplicate of this bug. ***

Comment 10 Brent Fox 2003-03-31 16:55:21 UTC
*** Bug 87611 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.