On 04/30/2013 05:01 PM, Dave Green wrote: > Starting Shorewall using systemctl fails with the error message as > below. Starting from command line succeeds. I've tried changing the > permissions on the /var/lib/shorewall folder to 777 but no change. The > temp file isn't present after the error so I don't know if the > permission issue is related to that. Selinux is disabled. > > I'm new to FC18 and systemctl so apologies if this is not a Shorewall > issue as such, but I can't see where to go next. > > Thanks, > > shorewall.service - Shorewall IPv4 firewall > Loaded: loaded (/usr/lib/systemd/system/shorewall.service; enabled) > Active: failed (Result: exit-code) since Wed, 2013-05-01 11:33:16 > NZST; 1min 27s ago > Process: 5178 ExecStart=/sbin/shorewall $OPTIONS start > (code=exited, status=13) > CGroup: name=systemd:/system/shorewall.service > > May 01 11:33:16 spare-millgate.wpi-international.co.nz shorewall[5178]: > Applying Policies... > May 01 11:33:16 spare-millgate.wpi-international.co.nz shorewall[5178]: > Compiling /usr/share/shorewall/action.Drop for chain Drop... > May 01 11:33:16 spare-millgate.wpi-international.co.nz shorewall[5178]: > Compiling /usr/share/shorewall/action.Broadcast for chain Broadcast... > May 01 11:33:16 spare-millgate.wpi-international.co.nz shorewall[5178]: > Generating Rule Matrix... > May 01 11:33:16 spare-millgate.wpi-international.co.nz shorewall[5178]: > Creating iptables-restore input... > May 01 11:33:16 spare-millgate.wpi-international.co.nz shorewall[5178]: > ERROR: Cannot Rename /var/lib/shorewall/tempfileN4TP to > /var/lib/shorewall/.start: Permission denied > May 01 11:33:16 spare-millgate.wpi-international.co.nz logger[5446]: > ERROR:Shorewall start failed > May 01 11:33:16 spare-millgate.wpi-international.co.nz systemd[1]: > shorewall.service: main process exited, code=exited, status=13/n/a > May 01 11:33:16 spare-millgate.wpi-international.co.nz systemd[1]: > Failed to start Shorewall IPv4 firewall. > May 01 11:33:16 spare-millgate.wpi-international.co.nz systemd[1]: Unit > shorewall.service entered failed state
This is undoubtedly an SELINUX issue, not a Shorewall issue. Use the SELINUX troubleshooting app to remedy. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
