Browse code
hack/dind-systemd: enable firewalld debug logs
Signed-off-by: Albin Kerouanton <albinker@gmail.com>
Albin Kerouanton authored on 2025/08/30 16:36:43Showing 1 changed files
| ... | ... |
@@ -63,10 +63,10 @@ if [ -d /sys/kernel/security ] && ! mountpoint -q /sys/kernel/security; then |
| 63 | 63 |
} |
| 64 | 64 |
fi |
| 65 | 65 |
|
| 66 |
-# Allow connections coming from the host (through eth0). This is needed to |
|
| 67 |
-# access the daemon port (independently of which port is used), or run a |
|
| 68 |
-# 'remote' Delve session, etc... |
|
| 69 | 66 |
if [ "${FIREWALLD:-}" = "true" ]; then
|
| 67 |
+ # Allow connections coming from the host (through eth0). This is needed to |
|
| 68 |
+ # access the daemon port (independently of which port is used), or run a |
|
| 69 |
+ # 'remote' Delve session, etc... |
|
| 70 | 70 |
cat > /etc/firewalld/zones/trusted.xml << EOF |
| 71 | 71 |
<?xml version="1.0" encoding="utf-8"?> |
| 72 | 72 |
<zone target="ACCEPT"> |
| ... | ... |
@@ -76,6 +76,13 @@ if [ "${FIREWALLD:-}" = "true" ]; then
|
| 76 | 76 |
<forward/> |
| 77 | 77 |
</zone> |
| 78 | 78 |
EOF |
| 79 |
+ |
|
| 80 |
+ # Increase firewalld log verbosity to help debug issues |
|
| 81 |
+ cat > /etc/systemd/system/firewalld.service << EOF |
|
| 82 |
+[Service] |
|
| 83 |
+ExecStart= |
|
| 84 |
+ExecStart=/usr/sbin/firewalld --nofork --nopid --debug=4 |
|
| 85 |
+EOF |
|
| 79 | 86 |
fi |
| 80 | 87 |
|
| 81 | 88 |
env > /etc/docker-entrypoint-env |