View Issue Details

IDProjectCategoryView StatusLast Update
0018128CentOS-7firewalldpublic2021-03-26 20:41
Reporterlinuxdan Assigned To 
PriorityhighSeveritymajorReproducibilityalways
Status newResolutionopen 
PlatformDellOSCentOSOS Version1.9
Product Version7.9.2009 
Summary0018128: firewall-cmd fails and blanks zone file
Description[root@hostname zones]# firewall-cmd --permanent --add-icmp-block-inversion
Error: IO_Object_XMLGenerator instance has no attribute '_out'
[root@hostname zones]# firewall-cmd --permanent --add-icmp-block=echo-request
Error: IO_Object_XMLGenerator instance has no attribute '_out'
[root@hostname zones]# firewall-cmd --reload
success
[root@hostname zones]# firewall-cmd --list-all
drop (active)
  target: DROP
  icmp-block-inversion: no
  interfaces: enp0s31f6
  sources:
  services:
  ports:
  protocols:
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:
Steps To Reproduce[root@hostname zones]# firewall-cmd --permanent --add-icmp-block-inversion
Error: IO_Object_XMLGenerator instance has no attribute '_out'
[root@hostname zones]# firewall-cmd --permanent --add-icmp-block=echo-request
Error: IO_Object_XMLGenerator instance has no attribute '_out'
[root@hostname zones]# firewall-cmd --reload
success
[root@hostname zones]# firewall-cmd --list-all
drop (active)
  target: DROP
  icmp-block-inversion: no
  interfaces: enp0s31f6
  sources:
  services:
  ports:
  protocols:
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:
Additional InformationAnd the zone file, drop.xml, was wiped -- zero bytes

Started happening a few days ago
From logs:
```
2021-03-24 15:36:42 ERROR: Failed to load zone file '/etc/firewalld/zones/drop.xml': INVALID_ZONE: not a valid zone file: no element found: line 1, column 0
2021-03-24 15:36:56 ERROR: Failed to load zone file 'drop.xml': INVALID_ZONE: not a valid zone file: no element found: line 1, column 0
2021-03-24 16:06:55 ERROR: Failed to load zone file 'drop.xml': INVALID_ZONE: not a valid zone file: no element found: line 1, column 0
```
==> because it is a zero byte file

Adding debug to the config got:
```
2021-03-26 09:58:42 DEBUG1: Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/firewall/server/decorators.py", line 68, in dbus_handle_exceptions
    return func(*args, **kwargs)
  File "/usr/lib/python2.7/site-packages/firewall/server/config_zone.py", line 227, in update
    self.obj = self.config.set_zone_config(self.obj, settings)
  File "/usr/lib/python2.7/site-packages/firewall/core/fw_config.py", line 739, in set_zone_config
    zone_writer(x)
  File "/usr/lib/python2.7/site-packages/firewall/core/io/zone.py", line 735, in zone_writer
    handler.startDocument()
  File "/usr/lib64/python2.7/site-packages/_xmlplus/sax/saxutils.py", line 239, in startDocument
    self._out.write('<?xml version="1.0" encoding="%s"?>\n' %
AttributeError: IO_Object_XMLGenerator instance has no attribute '_out'
```
Environment:
Linux hostname 3.10.0-1160.15.2.el7.x86_64 #1 SMP Wed Feb 3 15:06:38 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

CentOS Linux release 7.9.2009 (Core)
```
[root]# yum list installed | grep firewall
firewall-config.noarch 0.6.3-12.el7 @updates
firewalld.noarch 0.6.3-12.el7 @updates
firewalld-filesystem.noarch 0.6.3-12.el7 @updates
python-firewall.noarch 0.6.3-12.el7 @updates
system-config-firewall-base.noarch 1.2.29-10.el7 @base
system-config-firewall-tui.noarch 1.2.29-10.el7 @base
```
TagsNo tags attached.
abrt_hash
URL

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2021-03-26 20:40 linuxdan New Issue