Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

[SOLVED] Using Buster, ufw fails to enable on reboot.

New to Debian (Or Linux in general)? Ask your questions here!
Post Reply
Message
Author
jaja
Posts: 53
Joined: 2016-01-25 00:20
Has thanked: 1 time

[SOLVED] Using Buster, ufw fails to enable on reboot.

#1 Post by jaja »

Hello, and thanks for the help.
In a fresh install of Debian Buster, "ufw" fails to enable on bootup.
Also, "ufw enable" gives the message: "ERROR: Could not load logging rules".

Updates don't fix the problem.

I've tested two different computers (one Intel based, the other AMD based), and I've gotten the same failure.
So it's not hardware specific.

Web searches show that this ufw problem appeared in 2013, but nothing within the last year (2018).
2013: github.com/sovereign/sovereign/issues/73
2013: superuser.com/questions/590600/ufw-is-active-but-not-enabled-why
I tried these older suggested fixes, but they failed.

Below is a synopses of what I've tried:
1) Fresh install of Debian Buster & KDE.
2) Install ufw and reboot.
3) ufw does not enable on bootup:

Code: Select all

me@Test:~$ su -
Password: 
root@Test:~# ufw status
Status: inactive
4) Enabling ufw gives an error message (does not enable on reboot):

Code: Select all

me@Test:~$ su -
Password: 
root@Test:~# ufw status
Status: inactive
root@Test:~# ufw enable
ERROR: Could not load logging rules
root@Test:~# ufw status
Status: active
root@Test:~# reboot
<reboot and login> 
me@Test:~$ su -
Password: 
root@Test:~# ufw status
Status: inactive
5) First suggested fix: disabling logging (does not enable on reboot):

Code: Select all

me@Test:~$ su -
Password: 
root@Test:~# ufw status
Status: inactive
root@Test:~# ufw logging off
Logging disabled
root@Test:~# ufw status
Status: inactive
root@Test:~# ufw enable
ERROR: Could not load logging rules
root@Test:~# ufw status
Status: active
root@Test:~# reboot
<reboot and login>
me@Test:~$ su -
Password: 
root@Test:~# ufw status
Status: inactive
6) Second suggested fix: manually force enable (if disabled/enabled before reboot, then does not enable on reboot):

Code: Select all

me@Test:~$ su -
Password: 
root@Test:~# ufw status
Status: inactive
root@Test:~# vi /etc/ufw/ufw.conf
<change "ENABLED=no" to "ENABLED=yes">
<change "LOGLEVEL=low" to "LOGLEVEL=off">
root@Test:~# ufw status
Status: inactive
root@Test:~# ufw enable
Firewall is active and enabled on system startup
root@Test:~# ufw status
Status: active
root@Test:~# ufw disable
Firewall stopped and disabled on system startup
root@Test:~# ufw status
Status: inactive
root@Test:~# ufw enable
ERROR: Could not load logging rules
root@Test:~# ufw status
Status: active
root@Test:~# reboot 
<reboot and login>
me@Test:~$ su -
Password: 
root@Test:~# ufw status
Status: inactive
How can I fix this problem of ufw failing to enable on bootup?
Again, thanks for the help.
Last edited by jaja on 2018-11-04 03:04, edited 1 time in total.

User avatar
Head_on_a_Stick
Posts: 14114
Joined: 2014-06-01 17:46
Location: London, England
Has thanked: 81 times
Been thanked: 132 times

Re: Using Buster, ufw fails to enable on reboot.

#2 Post by Head_on_a_Stick »

jaja wrote:a fresh install of Debian Buster
How did you install buster?

Are you aware that it is still under development at the moment?
jaja wrote:"ufw" fails to enable on bootup.
Please post the output of

Code: Select all

systemctl status ufw
journalctl -u ufw
You may have to run the second command as root.
deadbang

jaja
Posts: 53
Joined: 2016-01-25 00:20
Has thanked: 1 time

Re: Using Buster, ufw fails to enable on reboot.

#3 Post by jaja »

Hello Head_on_a_Stick,
Thank you for your response.
"How did you install Buster?"
<download: "debian-buster-DI-alpha3-amd64-netinst.iso" from "https://www.debian.org/devel/debian-installer/">
<download: "firmware.zip" from "https://cdimage.debian.org/cdimage/unof ... r/current/">
<dd "debian-buster-DI-alpha3-amd64-netinst.iso" onto a USB stick>
<unzip and copy "/firmware/" onto the USB stick>
<boot from USB stick, using defaults except for partitioning and software selection (see below)>
Partition disk:
1GB EXT4 /boot
900GB EXT4 /
16GB SWAP /swap
Software selection:
Choose software to install: [UNCHECK] <everything> <- clean/minimal install
<on first boot into CLI: login as root>
Configure "sources.list" for "testing/Buster".

Code: Select all

vi /etc/apt/sources.list
<edit to look like this:>
# deb cdrom:[Debian GNU/Linux buster-DI-alpha3 _Buster_ - Official Snapshot amd64 NETINST 20180612-18:52]/ buster main
#deb cdrom:[Debian GNU/Linux buster-DI-alpha3 _Buster_ - Official Snapshot amd64 NETINST 20180612-18:52]/ buster main
deb http://deb.debian.org/debian/ testing main non-free contrib
deb-src http://deb.debian.org/debian/ testing main non-free contrib
#deb http://security.debian.org/debian-security buster/updates main contrib non-free
#deb-src http://security.debian.org/debian-security buster/updates main contrib non-free
Upgrade to newest "testing/Buster", and install KDE GUI

Code: Select all

apt-get update                              #update package list
apt-get         --yes dist-upgrade          #upgrade to newest testing/Buster
apt-get         --yes autoremove            #cleanup un-used residual packages (but leaves old kernels)
apt-get install --yes sddm                  #install graphics package
apt-get install --yes kde-plasma-desktop    #install KDE
apt-get install --yes firmware-amd-graphics
apt-get install --yes intel-microcode
apt-get install --yes firmware-intelwimax
reboot
<on first boot into KDE: login, then switch to root and install ufw>

Code: Select all

su -
apt-get update && apt-get install --yes ufw
reboot
"Are you aware that it is still under development at the moment?"
Yes. I've been working with Buster for several months.
I noticed this ufw problem about a week ago.
I assumed this ufw problem was due to on-going development in Buster, and would be fixed with updates.
So I waited about a week, but it didn't clear up with updates.
Then I searched the web for bug reports.
I didn't find any. With no bug reports, I suspected that it may not be a development issue.
So I did a clean/simple install of Buster & KDE (no other packages added beyond "ufw").
I didn't add any rules to ufw. I kept it simple.
The ufw problem remained, and still no bug reports.
Next, I tried the fixes that I found from 2013. They failed.
Finally, I posted here.
"Please post the output of" ...

Code: Select all

me@Test:~$ systemctl status ufw
● ufw.service - Uncomplicated firewall
   Loaded: loaded (/lib/systemd/system/ufw.service; enabled; vendor preset: enabled)
   Active: active (exited) since Sat 2018-11-03 16:39:00 MDT; 1min 6s ago
     Docs: man:ufw(8)
  Process: 223 ExecStart=/lib/ufw/ufw-init start quiet (code=exited, status=0/SUCCESS)
 Main PID: 223 (code=exited, status=0/SUCCESS)
me@Test:~$ su -
Password: 
root@Test:~# journalctl -u ufw
-- Logs begin at Sat 2018-11-03 16:39:00 MDT, end at Sat 2018-11-03 16:40:50 MDT. --
-- No entries --
Again, thank-you for your help.

User avatar
bw123
Posts: 4015
Joined: 2011-05-09 06:02
Has thanked: 1 time
Been thanked: 28 times

Re: Using Buster, ufw fails to enable on reboot.

#4 Post by bw123 »

Looked like maybe one or two recent issues here that might be relevant? #911986
https://bugs.debian.org/cgi-bin/pkgrepo ... t=unstable

also, see https://duckduckgo.com/html/?q=debian+d ... a+firewall
resigned by AI ChatGPT

jaja
Posts: 53
Joined: 2016-01-25 00:20
Has thanked: 1 time

Re: Using Buster, ufw fails to enable on reboot.

#5 Post by jaja »

bw123, you nailed it with: https://bugs.debian.org/cgi-bin/bugrepo ... bug=911986
Thank-you!

My search missed it because of their misspelling. I should have caught that. I'm sorry for wasting your time.
(But thank you for getting that monkey off my back!)

Again, thank you.

Post Reply