Resolution: Won't Fix
Affects Version/s: None
Fix Version/s: None
Template:MODULES Bug Template customfield_10700 277771
Method Found:Needs Assessment
QA Risk Assessment:Needs Assessment
Module Version: 1.12.0
Puppet Version: 5.5.6
OS Name/Version: CentOS 7.5 (official minimal image for AWS that had iptables but not firewalld installed)
When declaring a defined resource "firewall", the module attempts to execute /usr/libexec/iptables/iptables.init, but it is doesn't necessarily exists when package "iptables-services" is not installed, for example on a new EC2 instance created on AWS.
For example I have something like this in one of my manifests:
Upon running puppet, I get the following warning:
Warning: Firewall[__001 ssh__](provider=iptables): Unable to persist firewall rules: Execution of '/usr/libexec/iptables/iptables.init save' returned 1: Error: Could not execute posix command: No such file or directory - /usr/libexec/iptables/iptables.init
The module to ensure that package "iptables-services" is installed before applying the firewall rule.
The module attempts to execute /usr/libexec/iptables/iptables.init unsucessfully when package "iptables-services" is not already installed, for example on a new EC2 instance created on AWS.
Add package "iptables-services" resource before using the firewall module:
puppet resource package iptables-services ensure=installed