![Hideki A. Ikeda (HidekiAI) [池田英紀] ["Tony" Ikeda] – BLog](http://www.codemonkeyninja.com/blog/wp-content/themes/pixeled/images/rss-trans.png){kind=small}
Tag: iptables
FireHOL + Ubuntu + gpconv|pwconv
by HidekiAI on Aug.30, 2009, under Technology Opinions
Have you ever ran into an issue like this:
-------------------------------------------------------------------------------- ERROR : # 1. WHAT : A runtime command failed to execute (returned error 2). SOURCE : line 16 of /etc/firehol/firehol.conf COMMAND : /sbin/iptables -t filter -A in_interface1_syslog_s7 -p udp --sport syslog --dport 514 -m state --state NEW\,ESTABLISHED -j ACCEPT OUTPUT : iptables v1.3.8: invalid port/service `syslog' specified Try `iptables -h' or 'iptables --help' for more information.
You’d get similar errors for “ftp”, “ftp-data”, and I’d imagine other random ones. You probably won’t see it if you have “START_FIREHOL=YES” not set (or commented out) in your firehol.conf file either…
Contrary to the beliefs that it is a problem with FireHOL or older bash, it’s actually (at least for me) a permission issue…
A simple test might be to do “whoami” and you might see this:
root@localhost ~ # whoami whoami: cannot find name for user ID 0
I seem to get this whenever I run nscd daemon and have my ldap configured incorrectly.
In any case, try the following:
root@localhost ~ # grpconv root@localhost ~ # pwconv
Now try restarting FireHOL again (or try “whoami”). If that works, a possible “temporary” fix until you resolve it is to run a cron hourly of grpconv & pwconv (and of course disable other services such as nscd – at least for me).
Related posts
-
Hideki A. Ikeda
E-mail me at HidekiAI (at) CodeMonkeyNinja (dot) com P/S: Yes, I am aware that the tsuba of the katana is at the wrong end, but my "Programmer's Art" skills are so poor that I cannot fix it.
LinkedIn profile
Recent Comments