When the daemon is compiled with firewalld support but the DBus message
bus isn't started in the system, the initialization of the nwfilter
driver fails even if there are fallback options.
---
src/nwfilter/nwfilter_driver.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c
index 9bb4b4e..ac28dc9 100644
--- a/src/nwfilter/nwfilter_driver.c
+++ b/src/nwfilter/nwfilter_driver.c
@@ -175,7 +175,7 @@ nwfilterStateInitialize(bool privileged,
DBusConnection *sysbus = NULL;
#if WITH_DBUS
- sysbus = virDBusGetSystemBus();
+ sysbus = virDBusHasSystemBus();
#endif /* WITH_DBUS */
if (VIR_ALLOC(driverState) < 0)
@@ -184,6 +184,7 @@ nwfilterStateInitialize(bool privileged,
if (virMutexInit(&driverState->lock) < 0)
goto err_free_driverstate;
+ /* remember that we are going to use firewalld */
driverState->watchingFirewallD = (sysbus != NULL);
driverState->privileged = privileged;
@@ -208,7 +209,8 @@ nwfilterStateInitialize(bool privileged,
* startup the DBus late so we don't get a reload signal while
* initializing
*/
- if (nwfilterDriverInstallDBusMatches(sysbus) < 0) {
+ if (sysbus &&
+ nwfilterDriverInstallDBusMatches(sysbus) < 0) {
VIR_ERROR(_("DBus matches could not be installed. Disabling nwfilter "
"driver"));
/*
@@ -216,6 +218,8 @@ nwfilterStateInitialize(bool privileged,
* may have caused the ebiptables driver to use the firewall tool
* but now that the watches don't work, we just disable the nwfilter
* driver
+ *
+ * This may only happen if the system bus is available.
*/
goto error;
}
--
1.8.3.2