Page 1 of 1

[SOLVED] firewall-cmd fails in cloud-init

Posted: 2015/04/17 18:40:10
by matobinder
So I'm trying to build some CentOS7 machines via OpenStack 5. I cannot get firewall-cmd to work from within the cloud-init file. The error seems to be more CentOS related than cloud-init. But here goes. I have a real simple cloud-init file. Basically this

..
runcmd:
- /bin/yum install firewalld -y
- /bin/systemctl enable firewalld
- /bin/systemctl start firewalld
- /bin/firewall-cmd --permanent --zone=public --add-port=12345/tcp

The first 3 commands work fine, but the firewall-cmd errors out with this message

"
cloud-init: ERROR:dbus.proxies:Introspect error on :1.9:/org/fedoraproject/FirewallD1/config: dbus.exceptions.DBusException: org.freedesktop.DBus.Error.NoReply: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken.
"

I did a bit of searching, and it sounds like in some cases this is because its not ran as root? I thought all cloud-init files ran as root. I really want to be able to configure cert ports while spinning up a lot of VMs.

Re: firewall-cmd fails in cloud-init

Posted: 2015/04/17 19:32:20
by AlanBartlett
If you do not receive a reply to your request, here in the forum, it might be best to ask for help on the main CentOS mailing list.

Re: firewall-cmd fails in cloud-init

Posted: 2015/04/19 16:56:36
by matobinder
Good suggestion to post in the main forum, got an answer almost immediately. I just needed to use firewall-offline-cmd.

Here's a link to that thread, so if some one finds this one, they can see the other quickly.
viewtopic.php?f=47&t=52162&p=220915#p220915

Re: [SOLVED] firewall-cmd fails in cloud-init

Posted: 2015/04/19 19:26:30
by AlanBartlett
Thank you for updating this thread with the news of a successful conclusion. :)