-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Wed, May 16, 2018 at 06:11:26AM -0700, Elias Mårtenson wrote: > After my most recently upgrade of dom0 and all templates on my Qubes 4 > installation (two days ago), I started facing the following problem: > > After booting the system, all networking is down. I traced the problem to > sys-firewall failing to start qubes-iptables: > > ===================== > [user@sys-firewall ~]$ systemctl status qubes-iptables > ● qubes-iptables.service - Qubes base firewall settings > Loaded: loaded (/usr/lib/systemd/system/qubes-iptables.service; enabled; > vend > Active: failed (Result: exit-code) since Wed 2018-05-16 20:44:47 +08; 2min > 42
It failed at 20:44:47, but... > Process: 417 ExecStart=/usr/lib/qubes/init/qubes-iptables start > (code=exited, > Main PID: 417 (code=exited, status=1/FAILURE) > ===================== > > The interesting thing is that I don't see anything in the log. When looking > at the log, everything seems to have started correctly, and there is no > further message suggesting it failed later: > > ===================== > May 16 20:47:38 sys-firewall audit[1023]: USER_START pid=1023 uid=0 auid=1000 > ses=1 msg='op=PAM:session_open > grantors=pam_keyinit,pam_limits,pam_keyinit,pam_limits,pam_systemd,pam_unix > acct="root" exe="/usr/bin/ > sudo" hostname=? addr=? terminal=/dev/pts/0 res=success' > May 16 20:47:38 sys-firewall systemd[1]: Starting Qubes base firewall > settings... > May 16 20:47:38 sys-firewall audit: NETFILTER_CFG table=nat family=2 entries=5 > May 16 20:47:38 sys-firewall audit: NETFILTER_CFG table=filter family=2 > entries=4 > May 16 20:47:38 sys-firewall qubes-iptables[1026]: iptables: Applying > firewall rules: OK > May 16 20:47:38 sys-firewall audit: NETFILTER_CFG table=filter family=10 > entries=0 > May 16 20:47:38 sys-firewall audit: NETFILTER_CFG table=filter family=10 > entries=4 > May 16 20:47:38 sys-firewall qubes-iptables[1026]: ip6tables: Applying > firewall rules: OK > May 16 20:47:38 sys-firewall systemd[1]: Started Qubes base firewall settings. ... this log is from 20:47:38. See for earlier log entries. > ===================== > > If restart the service by calling “systemctl start qubes-iptables” everything > works correctly. > > Is this a known problem? > > Regards, > Elias > - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAlr8LqAACgkQ24/THMrX 1ywaQgf+JA+R7lKRoOeoCK1xfKbYZ8oIwFMgWHghi0kSJ6UEZ0H5OksgdT/VIaLJ Z7qJzGkpMzB63HIkchxMjUow3jAIUO+6bA08Izp4GYqPbYm4RtiK6lI5OBUU7Dp3 424Y/oP6QToKNg8mqegKJ9BSqfhFIeBV2Tyg+FRWXbVBN7xGIUvbYv3sDS228iwl umppuKz6s3Coa8PqqHvqw/piWf9QTi4Ub2bOmVbJmWpEjt1iI+SESyTLpXXmBaHO q727GU3GBoK13oGLCxqC1/39OxzIsnJpUa4IX/bqVc689Wroz8hOFy174HrSdiWQ LopwGlPtjeQqsmLv/06UllaQdR8RgQ== =IzBP -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To post to this group, send email to qubes-devel@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/20180516131408.GJ1291%40mail-itl. For more options, visit https://groups.google.com/d/optout.
