Closed corzel closed 2 years ago
Hello thanks for the feedback @corzel
It sounds like perhaps your stack is outdated, because we no longer have the ss-purge
parent script. Instead we now have only the child scripts, and the shortcut command ss purge
instead. We've been doing some thinking on how best to organize the bash scripts so if you have feedback on this change please let us know here or in Discord.
About UFW we had updated some of the configuration a few months back and it caused some issues for some, you can simply reinstall that module again to fix it e.g. ss install ufw
should do the trick.
Hi! I run ss install ufw but there is a problem, it seems that the script does not install ufw correctly.
Running ss-install-ufw: Reinstalls the entire UFW firewall module for SlickStack servers (idempotent)...
ERROR: Missing policy for 'input'
Reading package lists...
Building dependency tree...
Reading state information...
The following packages will be REMOVED:
ufw*
0 upgraded, 0 newly installed, 1 to remove and 1 not upgraded.
After this operation, 846 kB disk space will be freed.
(Reading database ... 129625 files and directories currently installed.)
Removing ufw (0.36-6) ...
Could not find /etc/default/ufw (aborting)
Processing triggers for man-db (2.9.1-1) ...
(Reading database ... 129534 files and directories currently installed.)
Purging configuration files for ufw (0.36-6) ...
Processing triggers for systemd (245.4-4ubuntu3.6) ...
Processing triggers for rsyslog (8.2001.0-1ubuntu1.1) ...
Get:1 http://security.ubuntu.com/ubuntu focal-security InRelease [109 kB]
Hit:2 http://us-central-1a.clouds.archive.ubuntu.com/ubuntu focal InRelease
Get:3 http://us-central-1a.clouds.archive.ubuntu.com/ubuntu focal-updates InRelease [114 kB]
Get:4 http://us-central-1a.clouds.archive.ubuntu.com/ubuntu focal-backports InRelease [101 kB]
Get:5 http://us-central-1a.clouds.archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages [956 kB]
Get:6 http://us-central-1a.clouds.archive.ubuntu.com/ubuntu focal-updates/universe amd64 Packages [772 kB]
Fetched 2051 kB in 1s (2719 kB/s)
Reading package lists...
Building dependency tree...
Reading state information...
1 package can be upgraded. Run 'apt list --upgradable' to see it.
Reading package lists...
Building dependency tree...
Reading state information...
0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.
Reading package lists...
Building dependency tree...
Reading state information...
0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.
Reading package lists...
Building dependency tree...
Reading state information...
sudo: ufw: command not found
Running ss-perms-ufw: Resets all file and user permissions across the entire UFW module...
sudo: ufw: command not found
Hmm I ran a test on an SS machine and could repeat your error, I'm not sure why but seems that the Ubuntu version is not being properly detected in ss-install-ufw-core
via the ss-functions
file for some reason.
For now I've commented out that version detection.
Ref: https://github.com/littlebizzy/slickstack/commit/fdbdeb144cdc5024f1438fa721072a4e0f42bcfd
I've also added a new script ss-restart-ufw
which didn't exist before, and fixed the reference to ss-perms-ufw-core
(but that shouldn't be causing any of the issues that you mention on this thread):
Ref: https://github.com/littlebizzy/slickstack/commit/60331fd44f5a731ca174518465553218a654c6d5
An update on the UFW situation:
Over the last several months we had some detailed discussions on Discord about UFW configuration, and it lead us to create better UFW boilerplates for each LTS version of Ubuntu (now on GitHub).
Ref: https://github.com/littlebizzy/slickstack/tree/master/modules/ufw-firewall
Long story short... there have been multiple Issues opened about UFW the past few years, and many different discussions about configuration, but I think it's in a much more stable place now.... and since there are way too many commits to reference on the topic, I'm going to close this for now.
For any future UFW problems please open a new Issue on GitHub... minor comments are fine below. Thanks!
Hello! I have 2 issues in terminal.
$>sudo journalctl -xe May 08 22:13:56 server-one systemd[1]: Starting Uncomplicated firewall... -- Subject: A start job for unit ufw.service has begun execution -- Defined-By: systemd -- Support: http://www.ubuntu.com/support
-- A start job for unit ufw.service has begun execution.
-- The job identifier is 968. May 08 22:13:56 server-one ufw-init[23929]: Could not find /etc/default/ufw (aborting) May 08 22:13:56 server-one systemd[1]: ufw.service: Main process exited, code=exited, status=1/FAILURE -- Subject: Unit process exited -- Defined-By: systemd -- Support: http://www.ubuntu.com/support
-- An ExecStart= process belonging to unit ufw.service has exited.
-- The process' exit code is 'exited' and its exit status is 1. May 08 22:13:56 server-one systemd[1]: ufw.service: Failed with result 'exit-code'. -- Subject: Unit failed -- Support: http://www.ubuntu.com/support
-- The unit ufw.service has entered the 'failed' state with result 'exit-code'. May 08 22:13:56 server-one systemd[1]: Failed to start Uncomplicated firewall. -- Subject: A start job for unit ufw.service has failed -- Defined-By: systemd -- Support: http://www.ubuntu.com/support
-- A start job for unit ufw.service has finished with a failure.
-- The job identifier is 968 and the job result is failed. May 08 22:13:56 server-one sudo[23733]: pam_unix(sudo:session): session closed for user root May 08 22:14:01 server-one CRON[23937]: pam_unix(cron:session): session opened for user root by (uid=0) May 08 22:14:01 server-one CRON[23938]: (root) CMD (/usr/bin/flock -w 0 /tmp/02-cron-regular.lock /var/www/crons/02-cron-regular > /dev/null 2>&1) May 08 22:14:01 server-one CRON[23937]: pam_unix(cron:session): session closed for user root May 08 22:15:01 server-one CRON[23952]: pam_unix(cron:session): session opened for user root by (uid=0) May 08 22:15:01 server-one CRON[23953]: pam_unix(cron:session): session opened for user root by (uid=0) May 08 22:15:01 server-one CRON[23954]: (root) CMD (/usr/bin/flock -w 0 /tmp/01-cron-often.lock /var/www/crons/01-cron-often > /dev/null 2>&1) May 08 22:15:01 server-one CRON[23955]: (root) CMD (/usr/bin/flock -w 0 /tmp/03-cron-quarter-hourly.lock /var/www/crons/03-cron-quarter-hourly > /dev/null 2>&1) May 08 22:15:01 server-one CRON[23953]: pam_unix(cron:session): session closed for user root May 08 22:15:01 server-one CRON[23952]: pam_unix(cron:session): session closed for user root May 08 22:15:15 server-one sudo[23966]: master : TTY=pts/0 ; PWD=/var/www ; USER=root ; COMMAND=/usr/bin/journalctl -xe May 08 22:15:15 server-one sudo[23966]: pam_unix(sudo:session): session opened for user root by master(uid=0)