After my most recently upgrade of dom0 and all templates on my Qubes 4 installation (two days ago), I started facing the following problem:
After booting the system, all networking is down. I traced the problem to sys-firewall failing to start qubes-iptables: ===================== [user@sys-firewall ~]$ systemctl status qubes-iptables ● qubes-iptables.service - Qubes base firewall settings Loaded: loaded (/usr/lib/systemd/system/qubes-iptables.service; enabled; vend Active: failed (Result: exit-code) since Wed 2018-05-16 20:44:47 +08; 2min 42 Process: 417 ExecStart=/usr/lib/qubes/init/qubes-iptables start (code=exited, Main PID: 417 (code=exited, status=1/FAILURE) ===================== The interesting thing is that I don't see anything in the log. When looking at the log, everything seems to have started correctly, and there is no further message suggesting it failed later: ===================== May 16 20:47:38 sys-firewall audit[1023]: USER_START pid=1023 uid=0 auid=1000 ses=1 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/ sudo" hostname=? addr=? terminal=/dev/pts/0 res=success' May 16 20:47:38 sys-firewall systemd[1]: Starting Qubes base firewall settings... May 16 20:47:38 sys-firewall audit: NETFILTER_CFG table=nat family=2 entries=5 May 16 20:47:38 sys-firewall audit: NETFILTER_CFG table=filter family=2 entries=4 May 16 20:47:38 sys-firewall qubes-iptables[1026]: iptables: Applying firewall rules: OK May 16 20:47:38 sys-firewall audit: NETFILTER_CFG table=filter family=10 entries=0 May 16 20:47:38 sys-firewall audit: NETFILTER_CFG table=filter family=10 entries=4 May 16 20:47:38 sys-firewall qubes-iptables[1026]: ip6tables: Applying firewall rules: OK May 16 20:47:38 sys-firewall systemd[1]: Started Qubes base firewall settings. ===================== If restart the service by calling “systemctl start qubes-iptables” everything works correctly. Is this a known problem? Regards, Elias -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To post to this group, send email to qubes-devel@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/1fdc2b79-c0b2-4627-8f67-c65471fbcae4%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
