ambari-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Masahiro Tanaka (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (AMBARI-17047) Firewall check returns WARNING even if iptables and firewalld are stopped on CentOS7
Date Tue, 05 Jul 2016 18:19:11 GMT

    [ https://issues.apache.org/jira/browse/AMBARI-17047?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15362928#comment-15362928
] 

Masahiro Tanaka commented on AMBARI-17047:
------------------------------------------

Hi [~u39kun], [~dsen], [~aonishuk], [~fbarca], could you please review this?

> Firewall check returns WARNING even if iptables and firewalld are stopped on CentOS7
> ------------------------------------------------------------------------------------
>
>                 Key: AMBARI-17047
>                 URL: https://issues.apache.org/jira/browse/AMBARI-17047
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-agent, ambari-server
>    Affects Versions: trunk
>         Environment: CentOS7.2
>            Reporter: Masahiro Tanaka
>            Assignee: Masahiro Tanaka
>              Labels: patch
>         Attachments: AMBARI-17047.patch
>
>
> In firewall.py, {{"systemctl is-active iptables || systemctl is-active firewalld"}} is
passed to {{run_in_shell}} function, which splits cmd string by using {{shlex.split}}.
> {{run_in_shell}} function finally calls {{subprocess.Popen}} with {{shell=True}}, so
the cmd string is evaluated like {{Popen(['/bin/sh', '-c', 'systemctl', 'is-active', 'iptables',
'||', 'systemctl', 'is-active', 'firewalld'])}}. This doesn't returns values as expected,
because after args[1] (in this case, after the first {{is-active}}) are evaluated as sh arguements.
> {{systemctl is-active}} can take multiple arugments, so we can use it.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message