ZCM Agent is unable to start if no value is returned while checking firewall status

  • 7006501
  • 23-Jul-2010
  • 15-Aug-2012

Environment

Novell ZENworks 10 Configuration Management with Support Pack 3 - 10.3

Situation

When a ZCM agent starts up and attempts to add exceptions to the firewall rules, that on occasion '/sbin/SuSEfirewall2 status' occasionally fails to return any data.

Install ZCM 10.3 and apply update 10.3.1.(No firewall)
Enable the firewall and refresh zcm agent/restart the server.

Result:
 [DEBUG] [06/16/2010 11:29:25.423] [28520] [ZenLinuxDaemon] [12] [] [WebServer]
[] [Quicktask WebServer Port is 7628] [] [] 
 [DEBUG] [06/16/2010 11:29:25.423] [28520] [ZenLinuxDaemon] [12] []
[ZMD_FIREWALL] [] [Attempting to get firewall handler delegate] [] [] 
 [DEBUG] [06/16/2010 11:29:25.423] [28520] [ZenLinuxDaemon] [12] []
[ZMD_FIREWALL] [] [starting process: /etc/init.d/SuSEfirewall2_setup status] []
[] 
 [DEBUG] [06/16/2010 11:29:25.444] [28520] [ZenLinuxDaemon] [12] []
[ZMD_FIREWALL] [] [waiting for process exit...] [] [] 
 [DEBUG] [06/16/2010 11:29:25.444] [28520] [ZenLinuxDaemon] [12] []
[ZMD_FIREWALL] [] [execCmd Success: 
Cmd: /etc/init.d/SuSEfirewall2_setup
Out: Checking the status of SuSEfirewall2 ..running
] [] [] 
 [DEBUG] [06/16/2010 11:29:25.444] [28520] [ZenLinuxDaemon] [12] []
[ZMD_FIREWALL] [] [got status...] [] [] 
 [DEBUG] [06/16/2010 11:29:25.444] [28520] [ZenLinuxDaemon] [12] []
[ZMD_FIREWALL] [] [Using cached contents for: /sbin/SuSEfirewall2 status] [] [] 
 [DEBUG] [06/16/2010 11:29:25.444] [28520] [ZenLinuxDaemon] [12] []
[ZMD_FIREWALL] [] [got status...] [] [] 
 [DEBUG] [06/16/2010 11:29:25.445] [28520] [ZenLinuxDaemon] [12] [] [WebServer]
[] [Unexpected exception in WebServer.InitWebServer(False)
Type: System.ArgumentOutOfRangeException
Message: Cannot be negative.
Parameter name: startIndex
Stack Trace:
      at System.String.Substring (Int32 startIndex, Int32 length) (0x00000) 
      at ZENPreAgent.FirewallHandler_sf2.getFirewallState () (0x00000) 
      at ZENPreAgent.FirewallHandler_sf2._isFirewallEnabled () (0x00000) 
      at ZENPreAgent.FirewallHandler.isFirewallEnabled () (0x00000) 
      at ZENPreAgent.FirewallHandler.openFirewallPort (Int32 port, Boolean
openTCP, Boolean openUDP) (0x00000) 
      at ZENPreAgent.FirewallHandler.openFirewallPort (Int32 port) (0x00000) 
      at Novell.Zenworks.Zmd.Refresh.WebServer.InitWebServer (Boolean
initSettings) (0x00000) 

] [] [] 
 [ERROR] [06/16/2010 11:29:25.445] [28520] [ZenLinuxDaemon] [12] [] [ZMD]
[ZMD.CouldNotBindToQuickTaskPort] [The agent failed to bind to the quick task
port.  The ZENworks server will be unable to contact the agent.] [] [] 

ZCC shows Unable to connect through IP Address or Host Name

Resolution

This is fixed in version 10.3.1 - see KB 7006265 "ZENworks Configuration Management 10.3.1 - update information and list of fixes" which can be found at https://www.novell.com/support

This is fixed in version 11.1 - see KB 7008746 "ZENworks Configuration Management 11.1 - update information and list of fixes" which can be found at https://www.novell.com/support

Additional Information

The workaround for this issue is to disable the firewall, which is unacceptable in some situations.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.