search

dsglaser / cis-security

Playbooks to implement Center for Internet Security (CIS) controls for RHEL (7-9), RHEL Clones, Ubuntu (18.04-22.04), and Microsoft Windows (10, Server 2019)
Other
90 stars 63 forks source link

Running into masked firewalld error on RHEL9 #76

Open da0ist opened 1 year ago

da0ist commented 1 year ago

I deployed a minimal RHEL9 images and ran the task against it. It fails here:

RUNNING HANDLER [cis : Reboot] *** changed: [rhel9base] RUNNING HANDLER [cis : Restart sshd] * changed: [rhel9base] RUNNING HANDLER [cis : Restart chronyd] **** changed: [rhel9base] RUNNING HANDLER [cis : Restart journald] * changed: [rhel9base] RUNNING HANDLER [cis : Start firewalld] **** fatal: [rhel9base]: FAILED! => {"changed": false, "msg": "Unable to start service firewalld: Failed to start firewalld.service: Unit firewalld.service is masked.\n"} PLAY RECAP *** rhel9base : ok=220 changed=100 unreachable=0 failed=1 skipped=87 rescued=0 ignored=0

dsglaser commented 1 year ago

Thanks for opening the issue. Can you provide the firewall section of stdout, the command line that you ran, and any variables you may have set outside of the --extra-vars at the command line?

Thanks, Dave