今天发现了一个问题,就是在我进行firewalld防火墙增加指定端口访问的策略时 出现了报错问题,firewalld命令用不了,提示什么没有GI模块:
Traceback (most recent call last): File "/usr/bin/firewall-cmd", line 24, in <module>
from gi.repository import GObject
ImportError: No module named repository
咱也不知道是什么原因 使用了systemctl status firewalld.service 命令提示让我使用"journalctl -xe"查看具体的报错信息
[root@local ~]# systemctl restart firewalld.service
Job for firewalld.service failed because the control process exited with error code. See "systemctl status firewalld.service" and "journalctl -xe" for details.
于是我使用journalctl -xe查看了一下信息:
[root@local ~]# journalctl -xe
--
-- Unit session-739379.scope has begun starting up.
2月 23 11:42:01 local CROND[139925]: (root) CMD ( python /usr/sbin/qemu-ga_check.py)
2月 23 11:42:03 local node_exporter[85654]: level=error ts=2021-02-23T03:42:03.119Z caller=collector.go:161 msg="collector failed" name=pressure duration_seconds=3.9051e-05 err="failed to retrieve pressure s
2月 23 11:42:18 local node_exporter[85654]: level=error ts=2021-02-23T03:42:18.118Z caller=collector.go:161 msg="collector failed" name=pressure duration_seconds=4.5741e-05 err="failed to retrieve pressure s
2月 23 11:42:33 local node_exporter[85654]: level=error ts=2021-02-23T03:42:33.116Z caller=collector.go:161 msg="collector failed" name=pressure duration_seconds=0.000106178 err="failed to retrieve pressure
2月 23 11:42:48 local node_exporter[85654]: level=error ts=2021-02-23T03:42:48.117Z caller=collector.go:161 msg="collector failed" name=pressure duration_seconds=4.5471e-05 err="failed to retrieve pressure s
2月 23 11:43:01 local systemd[1]: Started Session 739380 of user root.
-- Subject: Unit session-739380.scope has finished start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit session-739380.scope has finished starting up.
--
-- The start-up result is done.
2月 23 11:43:01 local systemd[1]: Starting Session 739380 of user root.
-- Subject: Unit session-739380.scope has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit session-739380.scope has begun starting up.
2月 23 11:43:01 local CROND[140519]: (root) CMD ( python /usr/sbin/qemu-ga_check.py)
2月 23 11:43:03 local node_exporter[85654]: level=error ts=2021-02-23T03:43:03.116Z caller=collector.go:161 msg="collector failed" name=pressure duration_seconds=2.5102e-05 err="failed to retrieve pressure s
2月 23 11:43:18 local node_exporter[85654]: level=error ts=2021-02-23T03:43:18.119Z caller=collector.go:161 msg="collector failed" name=pressure duration_seconds=6.0881e-05 err="failed to retrieve pressure s
2月 23 11:43:31 local polkitd[937]: Registered Authentication Agent for unix-process:140847:3963471907 (system bus name :1.1480956 [/usr/bin/pkttyagent --notify-fd 5 --fallback], object path /org/freedesktop
2月 23 11:43:31 local systemd[1]: Starting firewalld - dynamic firewall daemon...
-- Subject: Unit firewalld.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit firewalld.service has begun starting up.
2月 23 11:43:31 local systemd[1]: firewalld.service: main process exited, code=exited, status=1/FAILURE
2月 23 11:43:31 local systemd[1]: Failed to start firewalld - dynamic firewall daemon.
-- Subject: Unit firewalld.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit firewalld.service has failed.
--
-- The result is failed.
2月 23 11:43:31 local systemd[1]: Unit firewalld.service entered failed state.
2月 23 11:43:31 local systemd[1]: firewalld.service failed.
2月 23 11:43:31 local polkitd[937]: Unregistered Authentication Agent for unix-process:140847:3963471907 (system bus name :1.1480956, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale zh_CN
2月 23 11:43:33 local node_exporter[85654]: level=error ts=2021-02-23T03:43:33.117Z caller=collector.go:161 msg="collector failed" name=pressure duration_seconds=2.6909e-05 err="failed to retrieve pressure s
lines 3909-3952/3952 (END)
里面有一行提示Failed to start firewalld - dynamic firewall daemon.
翻译出来为:无法启动firewalld-动态防火墙守护程序。
这是为啥呢???
看到了网上的人说和系统本地的Python有关,网上说CentOS7的firewalld防火墙默认指向的是Python2的版本,于是我查看了一下我的电脑本身的Python版本,发现有Python2.7和Python3.7两种:
[root@local ~]# python
python python2.7 python2-config python3.7 python3.7m python3-config python-config
python2 python2.7-config python3 python3.7-config python3.7m-config python.bak
诶?
是不是因为firewalld本身的python指向有问题了?
我查看了一下firewalld的启动文件查看了一下第一行的python指向路径:
[root@local ~]# vim /usr/sbin/firewalld
#!/usr/bin/python -Es
# -*- coding: utf-8 -*-
#
# Copyright (C) 2010-2016 Red Hat, Inc.
# Authors:
# Thomas Woerner <twoerner@redhat.com>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# python fork magic derived from setroubleshoot
# Copyright (C) 2006,2007,2008,2009 Red Hat, Inc.
# Authors:
# John Dennis <jdennis@redhat.com>
# Dan Walsh <dwalsh@redhat.com>
import os
import sys
import dbus
import traceback
import argparse
from firewall import config
from firewall.functions import firewalld_is_active
from firewall.core.logger import log, FileLog
def parse_cmdline():
parser = argparse.ArgumentParser()
parser.add_argument('--debug',
nargs='?', const=1, default=0, type=int,
choices=range(1, log.DEBUG_MAX+1),
help="""Enable logging of debug messages.
Additional argument in range 1..%s can be used
to specify log level.""" % log.DEBUG_MAX,
"/usr/sbin/firewalld" 176L, 6310C 1,1 顶端
发现了第一行的Python指向的路径,我查看了该路径下的Python版本发现为3.7版本:
发现不对了 网上说的firewalld应当指向Python2.0版本而不是3.0版本,于是我到/usr/bin/下查看相关的Python版本,找到了Python2.7
这次需要VIM工具修改/usr/bin/firewall-offline-cmd和/usr/sbin/firewalld 里面的第一行Python指向,将两个文件第一行的 #!/usr/bin/python -Es 改成 #!/usr/bin/python2.7 -Es
#!/usr/bin/python2.7 -Es
# -*- coding: utf-8 -*-
然后执行 systemctl status firewalld.service 命令 还是提示错误,我已经修改了Python了 还是出错?
我直接敲firewalld命令 看看是什么意思:
[root@local ~]# firewalld
Traceback (most recent call last):
File "/usr/sbin/firewalld", line 29, in <module>
import dbus
ImportError: No module named dbus
他跟我说没有什么什么DBUS的模块。
????
没有?那我就还得安装这个模块呗?
于是我就网上继续找,发现应该是需要安装python-gobject
有位老哥说安装了python-gobject后还需要再安装python-firewall
于是乎我就 yum install python-gobject -y 和yum install python-firewall -y
[root@local ~]# yum install python-firewall
===========================================================================================================
Package 架构 版本 源 大小
===========================================================================================================
正在安装:
python-firewall noarch 0.4.4.4-6.el7 LocalISO 325 k
为依赖而安装:
dbus-python x86_64 1.1.1-9.el7 LocalISO 206 k
libselinux-python x86_64 2.5-11.el7 LocalISO 234 k
python-decorator noarch 3.4.0-3.el7 LocalISO 27 k
python-slip noarch 0.4.0-2.el7 LocalISO 30 k
python-slip-dbus noarch 0.4.0-2.el7 LocalISO 31 k
事务概要
===========================================================================================================
安装 1 软件包 (+5 依赖软件包)
已安装:
python-gobject.x86_64 0:3.22.0-1.el7
作为依赖被安装:
cairo.x86_64 0:1.14.8-2.el7 cairo-gobject.x86_64 0:1.14.8-2.el7
libXdamage.x86_64 0:1.1.4-4.1.el7 libXfixes.x86_64 0:5.0.3-1.el7
libXxf86vm.x86_64 0:1.1.4-1.el7 libxshmfence.x86_64 0:1.2-1.el7
mesa-libEGL.x86_64 0:17.0.1-6.20170307.el7 mesa-libGL.x86_64 0:17.0.1-6.20170307.el7
mesa-libgbm.x86_64 0:17.0.1-6.20170307.el7 mesa-libglapi.x86_64 0:17.0.1-6.20170307.el7
pycairo.x86_64 0:1.8.10-8.el7 python-gobject-base.x86_64 0:3.22.0-1.el7
完毕!
[root@local ~]# yum install python-firewall -y
===========================================================================================================
Package 架构 版本 源 大小
===========================================================================================================
正在安装:
python-firewall noarch 0.4.4.4-6.el7 LocalISO 325 k
为依赖而安装:
dbus-python x86_64 1.1.1-9.el7 LocalISO 206 k
libselinux-python x86_64 2.5-11.el7 LocalISO 234 k
python-decorator noarch 3.4.0-3.el7 LocalISO 27 k
python-slip noarch 0.4.0-2.el7 LocalISO 30 k
python-slip-dbus noarch 0.4.0-2.el7 LocalISO 31 k
事务概要
===========================================================================================================
安装 1 软件包 (+5 依赖软件包)
已安装:
python-firewall.noarch 0:0.4.4.4-6.el7
作为依赖被安装:
dbus-python.x86_64 0:1.1.1-9.el7 libselinux-python.x86_64 0:2.5-11.el7
python-decorator.noarch 0:3.4.0-3.el7 python-slip.noarch 0:0.4.0-2.el7
python-slip-dbus.noarch 0:0.4.0-2.el7
完毕!
再次重启firewalld防火墙试试:
[root@local ~]# firewall
firewall-cmd firewalld firewall-offline-cmd
[root@local ~]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since 二 2021-02-23 11:43:31 CST; 21min ago
Docs: man:firewalld(1)
Process: 140855 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS (code=exited, status=1/FAILURE)
Main PID: 140855 (code=exited, status=1/FAILURE)
2月 23 11:43:31 local systemd[1]: Starting firewalld - dynamic firewall daemon...
2月 23 11:43:31 local systemd[1]: firewalld.service: main process exited, code=exited, status=1/FAILURE
2月 23 11:43:31 local systemd[1]: Failed to start firewalld - dynamic firewall daemon.
2月 23 11:43:31 local systemd[1]: Unit firewalld.service entered failed state.
2月 23 11:43:31 local systemd[1]: firewalld.service failed.
[root@local ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since 二 2021-02-23 11:43:31 CST; 22min ago
Docs: man:firewalld(1)
Process: 140855 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS (code=exited, status=1/FAILURE)
Main PID: 140855 (code=exited, status=1/FAILURE)
2月 23 11:43:31 local systemd[1]: Starting firewalld - dynamic firewall daemon...
2月 23 11:43:31 local systemd[1]: firewalld.service: main process exited, code=exited, status=1/FAILURE
2月 23 11:43:31 local systemd[1]: Failed to start firewalld - dynamic firewall daemon.
2月 23 11:43:31 local systemd[1]: Unit firewalld.service entered failed state.
2月 23 11:43:31 local systemd[1]: firewalld.service failed.
[root@local ~]# systemctl restart firewalld
[root@local ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since 二 2021-02-23 12:05:37 CST; 3s ago
Docs: man:firewalld(1)
Main PID: 7159 (firewalld)
CGroup: /system.slice/firewalld.service
└─7159 /usr/bin/python2.7 -Es /usr/sbin/firewalld --nofork --nopid
2月 23 12:05:37 local systemd[1]: Starting firewalld - dynamic firewall daemon...
2月 23 12:05:37 local systemd[1]: Started firewalld - dynamic firewall daemon.
2月 23 12:05:37 local firewalld[7159]: WARNING: ICMP type 'beyond-scope' is not supported by the ke...pv6.
2月 23 12:05:37 local firewalld[7159]: WARNING: beyond-scope: INVALID_ICMPTYPE: No supported ICMP t...ime.
2月 23 12:05:37 local firewalld[7159]: WARNING: ICMP type 'failed-policy' is not supported by the k...pv6.
2月 23 12:05:37 local firewalld[7159]: WARNING: failed-policy: INVALID_ICMPTYPE: No supported ICMP ...ime.
2月 23 12:05:37 local firewalld[7159]: WARNING: ICMP type 'reject-route' is not supported by the ke...pv6.
2月 23 12:05:37 local firewalld[7159]: WARNING: reject-route: INVALID_ICMPTYPE: No supported ICMP t...ime.
Hint: Some lines were ellipsized, use -l to show in full.
OK!解决了!我的天! 就是这样本地Python指向出现了问题。
3748
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
