Project

General

Profile

Actions

Bug #22857

open

Service enabled test doesn't seem to work for service iptables on Debian 11

Added by Michel BOUISSOU over 1 year ago. Updated 5 months ago.

Status:
Discussion
Priority:
N/A
Category:
Generic methods
Target version:
Severity:
UX impact:
User visibility:
Operational - other Techniques | Rudder settings | Plugins
Effort required:
Priority:
0
Name check:
To do
Fix check:
To do
Regression:
No

Description

Hello,

Both methods : “Service enabled at boot” and “Service action” with the “is-enabled” action seem to return “success” for service “iptables” (which loads iptables rules previously saved into /etc/iptables) on Debian 11, even though the service has been manually disabled.

After disabling the service and rebooting the machine, iptables rules will not be restored (which is expected), but Rudder still believes the service is enabled.

root@lab_test_1_agent1:/# systemctl disable iptables
Removed

root@lab_test_1_agent1:/# rudder agent run -I

2023-06-08T08:33:49+00:00 R: [INFO] Executing is-enabled on iptables using the systemctl method
A| compliant iptables_basic Enable iptables service iptables Ensure service iptables is enabled at boot was correct

Please also see attached image and relevant parts of a Rudder agent run log.


Files

Screenshot_20230608_103308.png (57.6 KB) Screenshot_20230608_103308.png iptables service is disabled Michel BOUISSOU, 2023-06-08 10:39
runlog.txt (87 KB) runlog.txt Relevant parts of verbose agent execution log Michel BOUISSOU, 2023-06-08 10:41
clipboard-202307061635-xtez2.png (187 KB) clipboard-202307061635-xtez2.png Alexis Mousset, 2023-07-06 16:35
Actions

Also available in: Atom PDF