[CentOS] firewalld being stupid
Dennis Jacobfeuerborn
dennisml at conversis.de
Tue Nov 17 03:26:04 UTC 2015
On 16.11.2015 22:58, Gordon Messmer wrote:
> On 11/16/2015 01:39 PM, Nick Bright wrote:
>> This is very frustrating, and not obvious. If --permanent doesn't work
>> for a command, then it should give an error - not silently fail
>> without doing anything!
>
> But --permanent *did* work.
>
> What you're seeing is the documented behavior:
> --permanent
> The permanent option --permanent can be used to set options
> permanently. These changes are not effective immediately, only
> after service restart/reload or system reboot. Without the
> --permanent option, a change will only be part of the runtime
> configuration.
>
> If you want to make a change in runtime and permanent
> configuration, use the same call with and without the
> --permanent
> option.
That's fairly annoying behavior as it creates the potential for
accidentally diverging configurations.
Why not do the same as virsh an have two options for this? When I attach
a device I can specify --config to update the persistent configuration,
--live to update the runtime configuration and both if I want to change
both. That's a much better API in my opinion.
Regards,
Dennis
More information about the CentOS
mailing list