Hi list,
I have some "firewall box" that have / mounted in read-only. When I
try
to restart shorewall, it say that can''t create temporary directory in
/var/lib/shorewall. Looking inside configuration I don''t find a
directive where I can specify an alternative writable directory ( /tmp
or /var/tmp ?) where shorewall can do what it want.
Is there a solution?
Thanks,
Michele
My test:
fw:~# shorewall version
4.4.10
fw:~# shorewall restart
Compiling...
ERROR: Unable to create temporary file in directory /var/lib/shorewall/
------------------------------------------------------------------------------
This SF.net email is sponsored by Sprint
What will you do first with EVO, the first 4G phone?
Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
Michele Petrazzo - Unipex: You should be able to mount tmpfs under /var/lib/shorewall: mount -t tmpfs tmpfs /var/lib/shorewall You get a writable in-memory filesystem. Well, it would be reasonable to mount whole /var from tmpfs, since it is *meant* to contain files variable with time! Write an initscript for that, just remember to move files around before and after.> Hi list, > I have some "firewall box" that have / mounted in read-only. When I try > to restart shorewall, it say that can''t create temporary directory in > /var/lib/shorewall. Looking inside configuration I don''t find a > directive where I can specify an alternative writable directory ( /tmp > or /var/tmp ?) where shorewall can do what it want. > Is there a solution? > > Thanks, > Michele > > My test: > > fw:~# shorewall version > 4.4.10 > fw:~# shorewall restart > Compiling... > ERROR: Unable to create temporary file in directory /var/lib/shorewall/ > > > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Sprint > What will you do first with EVO, the first 4G phone? > Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
Michele Petrazzo - Unipex
2010-Jul-16 10:30 UTC
Re: shorewall restart without writable dir
Robert Kawecki ha scritto:> Michele Petrazzo - Unipex: > > You should be able to mount tmpfs under /var/lib/shorewall: mount -t > tmpfs tmpfs /var/lib/shorewall >So, inside /var/lib/shorewall, there is only volatile and not important files?> You get a writable in-memory filesystem. Well, it would be reasonable > to mount whole /var from tmpfs, since it is *meant* to contain files > variable with time! Write an initscript for that, just remember to > move files around before and after. >Sure. I have already some tmpfs directory around var (dhcp3 for example), but a "DIR_TEMP=/var/lib/shorewall" should be the best! :) Thanks, Michele>> Hi list, I have some "firewall box" that have / mounted in >> read-only. When I try to restart shorewall, it say that can''t >> create temporary directory in /var/lib/shorewall. Looking inside >> configuration I don''t find a directive where I can specify an >> alternative writable directory ( /tmp or /var/tmp ?) where >> shorewall can do what it want. Is there a solution? >> >> Thanks, Michele >> >> My test: >> >> fw:~# shorewall version 4.4.10 fw:~# shorewall restart >> Compiling... ERROR: Unable to create temporary file in directory >> /var/lib/shorewall/ >>------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
On 7/16/10 2:08 AM, Michele Petrazzo - Unipex wrote:> Hi list, > I have some "firewall box" that have / mounted in read-only. When I try > to restart shorewall, it say that can''t create temporary directory in > /var/lib/shorewall. Looking inside configuration I don''t find a > directive where I can specify an alternative writable directory ( /tmp > or /var/tmp ?) where shorewall can do what it want. > Is there a solution? > > Thanks, > Michele > > My test: > > fw:~# shorewall version > 4.4.10 > fw:~# shorewall restart > Compiling... > ERROR: Unable to create temporary file in directory /var/lib/shorewall/ >man shorewall-vardir. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
On 7/16/10 3:30 AM, Michele Petrazzo - Unipex wrote:> Robert Kawecki ha scritto: >> Michele Petrazzo - Unipex: >> >> You should be able to mount tmpfs under /var/lib/shorewall: mount -t >> tmpfs tmpfs /var/lib/shorewall >>As I mentioned on anyther post, the architected way to assign a different directory is to use /etc/shorewall/vardir. What you are trying to do should work, but you won''t be able to use the new shorewall-init package; that package requires that the contents of $VARDIR (normally /var/lib/shorewall) persist across reboots. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first