sosreport is starting iptables even when the modules are not loaded
Environment
- Red Hat Enterprise Linux (RHEL) 6
- Red Hat Enterprise Linux (RHEL) 7
- sos-3.2-28.el6_7.2.noarch
- sos-3.2-40.el6.noarch
- sos-3.2-54.el6.noarch
- sos-3.4-6.el7.noarch
Issue
If iptable_filter kernel module is not loaded and sosreport with enabled networking plugin is run, it loads the kernel module.
Steps to Reproduce:
# rmmod iptable_filter; rmmod ip6table_filter
# lsmod | grep filter
# sosreport -o networking --batch
# lsmod | grep filter
iptable_filter 2793 0
ip_tables 17895 1 iptable_filter
No iptables related modules are expected to be loaded since sosreport is not supposed to affect the system any how.
Resolution
- For RHEL 7 update
sosreportto versionsos-3.5-6.el7released with Advisory RHEA-2018:0963 or higher. - For RHEL 6 update
sosreportto versionsos-3.2-63.el6released with Advisory RHBA-2018:1920 or higher.
Root Cause
Prior to sos-3.5-6.el7 / sos-3.2-63.el6 check of loaded iptables related modules before executing iptables listing was missing.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments