[pkg-netfilter-team] Bug#946219: python3-nftables non-functional without libnftables-dev

Michael Biebl biebl at debian.org
Thu Dec 5 18:46:51 GMT 2019 

Package: python3-nftables
Version: 0.9.3-1
Severity: serious

Hi Arturo,

thanks for packaging 0.9.3 so promptly.

Today I wanted to update firewalld to 0.8.0, which makes use of
python3-nftables. Unfortunately, I ran into problems. At first I
suspected that firewalld is buggy, but then it turned out, that
python3-nftables is the culprit. When running firewalld 0.8.0 in debug
mode, the problem became apparent:

# /usr/sbin/firewalld --nofork --nopid --debug
2019-12-05 19:44:13 DEBUG1: Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/firewall/server/decorators.py", line 53, in handle_exceptions
    return func(*args, **kwargs)
  File "/usr/lib/python3/dist-packages/firewall/server/firewalld.py", line 77, in __init__
    self.fw = Firewall()
  File "/usr/lib/python3/dist-packages/firewall/core/fw.py", line 88, in __init__
    self.nftables_backend = nftables.nftables(self)
  File "/usr/lib/python3/dist-packages/firewall/core/nftables.py", line 173, in __init__
    self.nftables = Nftables()
  File "/usr/lib/python3/dist-packages/nftables/nftables.py", line 77, in __init__
    lib = cdll.LoadLibrary(sofile)
  File "/usr/lib/python3.7/ctypes/__init__.py", line 442, in LoadLibrary
    return self._dlltype(name)
  File "/usr/lib/python3.7/ctypes/__init__.py", line 364, in __init__
    self._handle = _dlopen(self._name, mode)
OSError: libnftables.so: cannot open shared object file: No such file or directory


It seems, that python3-nftables tries to load the .so symlink, not the
actual soversioned library.
Installing libnftables-dev, which provides the symlink, made
python3-nftables functional, but this is of course not a proper fix.

python3-nftables should load libnftables.so.1 instead.

Regards,
Michael



-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (200, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.3.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages python3-nftables depends on:
ii  libnftables1  0.9.3-1
ii  python3       3.7.5-3

python3-nftables recommends no packages.

python3-nftables suggests no packages.

-- no debconf information

More information about the pkg-netfilter-team mailing list