agent fails to detect active firewalld.service on Fedora 40

[mjg]

Title says it all and possibly affects everyone with similar systemd versions.

.../Inventory/Generic/Firewall/Systemd.pm runs systemctl status firewalld.service and matches with this regexp: /^\s*Loaded: loaded [^;]+firewalld[^;]*; [^;]*;[^\n]*\n\s*Active: active \(running\)/

Over here (Fedora Linux 40 with systemd-255.10 and firewalld-2.1.3), the status output is the following:

● firewalld.service - firewalld - dynamic firewall daemon
     Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; preset: enabled)
    Drop-In: /usr/lib/systemd/system/service.d
             └─10-timeout-abort.conf
     Active: active (running) since Tue 2024-08-13 15:17:30 CEST; 2 days ago
       Docs: man:firewalld(1)
   Main PID: 847 (firewalld)
      Tasks: 2 (limit: 8997)
     Memory: 46.4M (peak: 46.6M)
        CPU: 887ms
     CGroup: /system.slice/firewalld.service
             └─847 /usr/bin/python3 -sP /usr/sbin/firewalld --nofork --nopid

My limited regexp fu seems to tell me that the expression expects "Loaded" and "Active" lines to be consecutive (while they are not). My limitations keep me from submitting a better regexp, though. Maybe we want check for those two lines with two regexps?

Alternatively, firewall-cmd --state might give the best check (to the extent that this just as the above says nothing about the config being tight, of course).

[ddurieux]

Hi,

the regex will be:

[^;]+firewalld[^;]; [^;];[^\n]\n\s(Active: active|Loaded: loaded) (running)/

I will fix it in version 3.0 currently in development.