Ask Your Question
1

F26: firewalld stops shutdown

asked 2017-10-27 05:37:01 -0500

黃健毅 gravatar image

updated 2017-10-29 04:19:09 -0500

Installed F26 on a MacBook and firewalld doesn't shutdown cleanly (it shows as "a stop job is running for firewalld") during shutdown and when the timeout expires, it tries to some more actions then just stops.

Not sure why. This is a clean install from USB.

Journalctl

Here's the journalctl

-- Reboot --
Oct 24 06:54:16 fedora-mac systemd[1]: Starting firewalld - dynamic firewall daemon...
Oct 24 06:54:17 fedora-mac systemd[1]: Started firewalld - dynamic firewall daemon.
Oct 24 06:54:18 fedora-mac firewalld[886]: WARNING: FedoraServer: INVALID_SERVICE: cockpit
Oct 24 15:20:17 fedora-mac systemd[1]: Stopping firewalld - dynamic firewall daemon...
Oct 24 15:21:47 fedora-mac systemd[1]: firewalld.service: State 'stop-sigterm' timed out. Killing.
Oct 24 15:21:47 fedora-mac systemd[1]: firewalld.service: Killing process 886 (firewalld) with signal SIGKILL.
Oct 24 15:21:47 fedora-mac systemd[1]: firewalld.service: Killing process 27616 (rmmod) with signal SIGKILL.
Oct 24 15:21:47 fedora-mac systemd[1]: firewalld.service: Main process exited, code=killed, status=9/KILL
Oct 24 15:21:47 fedora-mac systemd[1]: firewalld.service: Killing process 27616 (rmmod) with signal SIGKILL.
Oct 24 15:23:17 fedora-mac systemd[1]: firewalld.service: Processes still around after final SIGKILL. Entering failed mode.
Oct 24 15:23:17 fedora-mac systemd[1]: Stopped firewalld - dynamic firewall daemon.
Oct 24 15:23:17 fedora-mac systemd[1]: firewalld.service: Unit entered failed state.
Oct 24 15:23:17 fedora-mac systemd[1]: firewalld.service: Failed with result 'timeout'.
Oct 24 15:23:27 fedora-mac systemd[1]: Starting firewalld - dynamic firewall daemon...
Oct 24 15:23:27 fedora-mac systemd[1]: Started firewalld - dynamic firewall daemon.
Oct 24 15:23:28 fedora-mac firewalld[28274]: WARNING: '/usr/sbin/iptables-restore --wait=2 -n' failed:
Oct 24 15:23:29 fedora-mac firewalld[28274]: WARNING: '/usr/sbin/ip6tables-restore --wait=2 -n' failed:
Oct 24 15:23:29 fedora-mac firewalld[28274]: ERROR: '/usr/sbin/ebtables-restore --noflush' failed:
Oct 24 15:23:29 fedora-mac firewalld[28274]: ERROR: COMMAND_FAILED
Oct 24 15:23:29 fedora-mac firewalld[28274]: ERROR: INVALID_ZONE
Oct 24 15:23:29 fedora-mac firewalld[28274]: ERROR: INVALID_ZONE
Oct 24 15:23:29 fedora-mac firewalld[28274]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table mangle --delete POSTROUTING --out-interface virbr0 --protocol udp --destination-port 68 --jump CHECKSUM --
Oct 24 15:23:29 fedora-mac firewalld[28274]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table nat --delete POSTROUTING --source 192.168.124.0/24 --destination 224.0.0.0/24 --jump RETURN' failed:
Oct 24 15:23:29 fedora-mac firewalld[28274]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table nat --delete POSTROUTING --source 192.168.124.0/24 --destination 255.255.255.255/32 --jump RETURN' failed:
Oct 24 15:23:29 fedora-mac firewalld[28274]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table nat --delete POSTROUTING --source 192.168.124.0/24 -p tcp ! --destination 192.168.124.0/24 --jump MASQUERA
Oct 24 15:23:29 fedora-mac firewalld[28274]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table nat --delete POSTROUTING --source ...
(more)
edit retag flag offensive close merge delete

Comments

Are there more details errors or messages within Journal? journalctl -u firewalld.service

masteroman gravatar imagemasteroman ( 2017-10-27 08:04:59 -0500 )edit

Actually, I found a solution (though I still don't know the cause)

I had some updates to apply but read that someone (on F22 I believe) had the same problem and they found the problem disappeared once they did an update of Fedora from within the UI and not via dnf/yum. So I did the same thing - had to hard reboot though, but seems like this has fixed the problem.

黃健毅 gravatar image黃健毅 ( 2017-10-27 17:14:23 -0500 )edit

journalctl added to question post

黃健毅 gravatar image黃健毅 ( 2017-10-28 14:55:51 -0500 )edit

Do you mean that using a GUI software installer and updater (which is only a front end for dnf/yum) worked, but using dnf/yum directly either from a terminal or a text console didn't?

sideburns gravatar imagesideburns ( 2017-10-28 16:17:08 -0500 )edit

Correct, after clean install, if I used dnf/yum from the console then tried to shutdown, it wouldn't shutdown.

If I used the gui software, which then rebooted (still required a hard reboot), but then shutdown successfully.

Although this only seems to be for a while. It's started happening again.

Added that journalctl entry to the question post also

黃健毅 gravatar image黃健毅 ( 2017-10-29 04:18:10 -0500 )edit

1 Answer

Sort by » oldest newest most voted
0

answered 2017-11-15 05:19:03 -0500

黃健毅 gravatar image

Not able to get a solid answer or resolution to this, so instead, I disabled firewalld and installed ufw instead.

Not ideal, but at least I have a firewall that doesn't stop my machine from shutting down.

edit flag offensive delete link more

Question Tools

1 follower

Stats

Asked: 2017-10-27 05:37:01 -0500

Seen: 1,400 times

Last updated: Nov 15 '17