I am trying to get firewalld running on a centos 7 machine. I know the service is installed from yum:
yum install firewalld
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirror.linuxfix.com
* epel: mirrors.develooper.com
* extras: mirror.sjc02.svwh.net
* remi: repo1.sea.innoscale.net
* remi-php56: repo1.sea.innoscale.net
* remi-safe: repo1.sea.innoscale.net
* updates: repos.lax.quadranet.com
Package firewalld-0.4.4.4-14.el7.noarch already installed and latest version
Nothing to do
But when I try to start it I get
Failed to start firewalld.service: Unit is masked.
Which usually means it is not installed. So I run this command:
systemctl list-units --type=service
And it is not listed (it should be right after fail2ban)
avahi-daemon.service loaded active running Avahi mDNS/DNS-SD Stack
chronyd.service loaded active running NTP client/server
crond.service loaded active running Command Scheduler
dbus.service loaded active running D-Bus System Message Bus
fail2ban.service loaded active running Fail2Ban Service
getty@tty1.service loaded active running Getty on tty1
httpd.service loaded active running The Apache HTTP Server
iptables.service loaded active exited IPv4 firewall with iptables
irqbalance.service loaded active running irqbalance daemon
I have uninstalled and re-installed several times, rebooted and same result. What could possibly be causing firewalld to not be recognized? I am running 13 VMs and this is the only one with this problem. I also turned of selinux but that didn't help. Any diagnostic suggestions are welcome.
Best Answer
Did you try to
systemctl unmask firewalld
? That's the first step to getting a masked service going.If you still have trouble, check for the existence of an empty override directory
/etc/systemd/system/firewalld.service.d
. If an override directory exists but has no override files in it, the service cannot start. Delete the directory in this case.