firewalld_info crashes with unhandled FirewallError when D-Bus is unavailable #678
Description
SUMMARY
When ansible.posix.firewalld_info is executed in an environment where the D-Bus system socket is missing or inaccessible (for example, a minimal Debian container without dbus running), the module raises firewall.errors.FirewallError and aborts with:
MODULE FAILURE: No start of json char found
This happens because firewalld_info does not catch firewall.errors.FirewallError in its try block, so the exception bubbles up instead of being handled via module.fail_json().
ISSUE TYPE
- Bug Report
COMPONENT NAME
firewalld_info
ANSIBLE VERSION
$ ansible --version
ansible [core 2.18.7]
config file = None
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.13/site-packages/ansible
ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible
python version = 3.13.5 (main, Jun 11 2025, 22:06:31) [GCC] (/usr/bin/python3.13)
jinja version = 3.1.6
libyaml = TrueCOLLECTION VERSION
Collection Version
------------- -------
ansible.posix 1.6.2
CONFIGURATION
OS / ENVIRONMENT
Debian 11 (no dbus running)
STEPS TO REPRODUCE
- hosts: localhost
gather_facts: false
tasks:
- name: Ensure firewalld + python-firewall + python-dbus installed
become: true
ansible.builtin.package:
name:
- firewalld
- python3-firewall
- python3-dbus
state: present
- name: Simulate missing D-Bus (stop dbus service if present)
become: true
ansible.builtin.systemd:
name: dbus
state: stopped
ignore_errors: true
- name: Run firewalld_info (triggers crash if D-Bus is unavailable)
ansible.posix.firewalld_info:EXPECTED RESULTS
Task fails gracefully witha message such as:
"msg": "Unable to connect to D-Bus: /run/dbus/system_bus_socket missing"
ACTUAL RESULTS
# ansible-playbook l.yml -vvvv
ansible-playbook [core 2.18.8]
config file = None
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python3.12/site-packages/ansible
ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/local/bin/ansible-playbook
python version = 3.12.2 (main, Jul 26 2025, 13:01:09) [GCC 10.2.1 20210110] (/usr/local/bin/python3.12)
jinja version = 3.1.6
libyaml = True
No config file found; using defaults
setting up inventory plugins
Loading collection ansible.builtin from
host_list declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
script declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
auto declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
yaml declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
ini declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
toml declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'
Loading collection ansible.posix from /usr/local/lib/python3.12/site-packages/ansible_collections/ansible/posix
Loading callback plugin default of type stdout, v2.0 from /usr/local/lib/python3.12/site-packages/ansible/plugins/callback/default.py
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
PLAYBOOK: l.yml ***********************************************************************************************************************
Positional arguments: l.yml
verbosity: 4
connection: ssh
become_method: sudo
tags: ('all',)
inventory: ('/etc/ansible/hosts',)
forks: 5
1 plays in l.yml
PLAY [localhost] **********************************************************************************************************************
TASK [Ensure firewalld + python-firewall + python-dbus installed] *********************************************************************
task path: /opt/l.yml:4
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: root
<127.0.0.1> EXEC /bin/sh -c 'echo ~root && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp `"&& mkdir "` echo /root/.ansible/tmp/ansible-tmp-1755279075.6314592-1957-116734243884408 `" && echo ansible-tmp-1755279075.6314592-1957-116734243884408="` echo /root/.ansible/tmp/ansible-tmp-1755279075.6314592-1957-116734243884408 `" ) && sleep 0'
Using module file /usr/local/lib/python3.12/site-packages/ansible/modules/setup.py
<127.0.0.1> PUT /root/.ansible/tmp/ansible-local-1953x3utms62/tmpv8mihkhv TO /root/.ansible/tmp/ansible-tmp-1755279075.6314592-1957-116734243884408/AnsiballZ_setup.py
<127.0.0.1> EXEC /bin/sh -c 'chmod u+rwx /root/.ansible/tmp/ansible-tmp-1755279075.6314592-1957-116734243884408/ /root/.ansible/tmp/ansible-tmp-1755279075.6314592-1957-116734243884408/AnsiballZ_setup.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '/usr/local/bin/python3.12 /root/.ansible/tmp/ansible-tmp-1755279075.6314592-1957-116734243884408/AnsiballZ_setup.py && sleep 0'
Running ansible.legacy.apt
Using module file /usr/local/lib/python3.12/site-packages/ansible/modules/apt.py
<127.0.0.1> PUT /root/.ansible/tmp/ansible-local-1953x3utms62/tmpwu6cbz_a TO /root/.ansible/tmp/ansible-tmp-1755279075.6314592-1957-116734243884408/AnsiballZ_apt.py
<127.0.0.1> EXEC /bin/sh -c 'chmod u+rwx /root/.ansible/tmp/ansible-tmp-1755279075.6314592-1957-116734243884408/ /root/.ansible/tmp/ansible-tmp-1755279075.6314592-1957-116734243884408/AnsiballZ_apt.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '/usr/local/bin/python3.12 /root/.ansible/tmp/ansible-tmp-1755279075.6314592-1957-116734243884408/AnsiballZ_apt.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-tmp-1755279075.6314592-1957-116734243884408/ > /dev/null 2>&1 && sleep 0'
ok: [localhost] => {
"cache_update_time": 1755277830,
"cache_updated": false,
"changed": false,
"invocation": {
"module_args": {
"allow_change_held_packages": false,
"allow_downgrade": false,
"allow_unauthenticated": false,
"autoclean": false,
"autoremove": false,
"cache_valid_time": 0,
"clean": false,
"deb": null,
"default_release": null,
"dpkg_options": "force-confdef,force-confold",
"fail_on_autoremove": false,
"force": false,
"force_apt_get": false,
"install_recommends": null,
"lock_timeout": 60,
"name": [
"firewalld",
"python3-firewall",
"python3-dbus"
],
"only_upgrade": false,
"package": [
"firewalld",
"python3-firewall",
"python3-dbus"
],
"policy_rc_d": null,
"purge": false,
"state": "present",
"update_cache": null,
"update_cache_retries": 5,
"update_cache_retry_max_delay": 12,
"upgrade": null
}
}
}
TASK [Simulate missing D-Bus (stop dbus service if present)] **************************************************************************
task path: /opt/l.yml:13
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: root
<127.0.0.1> EXEC /bin/sh -c 'echo ~root && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp `"&& mkdir "` echo /root/.ansible/tmp/ansible-tmp-1755279077.4989514-2006-38067314365015 `" && echo ansible-tmp-1755279077.4989514-2006-38067314365015="` echo /root/.ansible/tmp/ansible-tmp-1755279077.4989514-2006-38067314365015 `" ) && sleep 0'
Using module file /usr/local/lib/python3.12/site-packages/ansible/modules/systemd.py
<127.0.0.1> PUT /root/.ansible/tmp/ansible-local-1953x3utms62/tmpdv43v5wd TO /root/.ansible/tmp/ansible-tmp-1755279077.4989514-2006-38067314365015/AnsiballZ_systemd.py
<127.0.0.1> EXEC /bin/sh -c 'chmod u+rwx /root/.ansible/tmp/ansible-tmp-1755279077.4989514-2006-38067314365015/ /root/.ansible/tmp/ansible-tmp-1755279077.4989514-2006-38067314365015/AnsiballZ_systemd.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '/usr/local/bin/python3.12 /root/.ansible/tmp/ansible-tmp-1755279077.4989514-2006-38067314365015/AnsiballZ_systemd.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-tmp-1755279077.4989514-2006-38067314365015/ > /dev/null 2>&1 && sleep 0'
fatal: [localhost]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"daemon_reexec": false,
"daemon_reload": false,
"enabled": null,
"force": null,
"masked": null,
"name": "dbus",
"no_block": false,
"scope": "system",
"state": "stopped"
}
},
"msg": "Service is in unknown state",
"status": {}
}
...ignoring
TASK [Run firewalld_info (triggers crash if D-Bus is unavailable)] ********************************************************************
task path: /opt/l.yml:20
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: root
<127.0.0.1> EXEC /bin/sh -c 'echo ~root && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp `"&& mkdir "` echo /root/.ansible/tmp/ansible-tmp-1755279077.9479299-2032-266524741521175 `" && echo ansible-tmp-1755279077.9479299-2032-266524741521175="` echo /root/.ansible/tmp/ansible-tmp-1755279077.9479299-2032-266524741521175 `" ) && sleep 0'
Using module file /usr/local/lib/python3.12/site-packages/ansible_collections/ansible/posix/plugins/modules/firewalld_info.py
<127.0.0.1> PUT /root/.ansible/tmp/ansible-local-1953x3utms62/tmp1cxwy2l3 TO /root/.ansible/tmp/ansible-tmp-1755279077.9479299-2032-266524741521175/AnsiballZ_firewalld_info.py
<127.0.0.1> EXEC /bin/sh -c 'chmod u+rwx /root/.ansible/tmp/ansible-tmp-1755279077.9479299-2032-266524741521175/ /root/.ansible/tmp/ansible-tmp-1755279077.9479299-2032-266524741521175/AnsiballZ_firewalld_info.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '/usr/local/bin/python3.12 /root/.ansible/tmp/ansible-tmp-1755279077.9479299-2032-266524741521175/AnsiballZ_firewalld_info.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-tmp-1755279077.9479299-2032-266524741521175/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/firewall/client.py", line 3114, in __init__
self.bus = slip.dbus.SystemBus()
File "<string>", line 2, in SystemBus
File "/usr/lib/python3/dist-packages/dbus/_dbus.py", line 195, in __new__
return Bus.__new__(cls, Bus.TYPE_SYSTEM, mainloop=mainloop,
File "/usr/lib/python3/dist-packages/dbus/_dbus.py", line 102, in __new__
bus = BusConnection.__new__(subclass, bus_type, mainloop=mainloop)
File "/usr/lib/python3/dist-packages/dbus/bus.py", line 124, in __new__
bus = cls._new_for_bus(address_or_type, mainloop=mainloop)
dbus.exceptions.DBusException: org.freedesktop.DBus.Error.FileNotFound: Failed to connect to socket /run/dbus/system_bus_socket: No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/firewall/client.py", line 3118, in __init__
self.bus = dbus.SystemBus()
File "/usr/lib/python3/dist-packages/dbus/_dbus.py", line 195, in __new__
return Bus.__new__(cls, Bus.TYPE_SYSTEM, mainloop=mainloop,
File "/usr/lib/python3/dist-packages/dbus/_dbus.py", line 102, in __new__
bus = BusConnection.__new__(subclass, bus_type, mainloop=mainloop)
File "/usr/lib/python3/dist-packages/dbus/bus.py", line 124, in __new__
bus = cls._new_for_bus(address_or_type, mainloop=mainloop)
dbus.exceptions.DBusException: org.freedesktop.DBus.Error.FileNotFound: Failed to connect to socket /run/dbus/system_bus_socket: No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "<stdin>", line 15, in <module>
File "/usr/lib/python3.9/runpy.py", line 210, in run_module
return _run_module_code(code, init_globals, run_name, mod_spec)
File "/usr/lib/python3.9/runpy.py", line 97, in _run_module_code
_run_code(code, mod_globals, init_globals,
File "/usr/lib/python3.9/runpy.py", line 87, in _run_code
exec(code, run_globals)
File "/tmp/ansible_ansible.posix.firewalld_info_payload_8t3s6cvz/ansible_ansible.posix.firewalld_info_payload.zip/ansible_collections/ansible/posix/plugins/modules/firewalld_info.py", line 405, in <module>
File "/tmp/ansible_ansible.posix.firewalld_info_payload_8t3s6cvz/ansible_ansible.posix.firewalld_info_payload.zip/ansible_collections/ansible/posix/plugins/modules/firewalld_info.py", line 342, in main
File "<decorator-gen-829>", line 2, in __init__
File "/usr/lib/python3/dist-packages/firewall/client.py", line 53, in handle_exceptions
return func(*args, **kwargs)
File "/usr/lib/python3/dist-packages/firewall/client.py", line 3120, in __init__
raise FirewallError(errors.DBUS_ERROR,
firewall.errors.FirewallError: DBUS_ERROR: Failed to connect to socket /run/dbus/system_bus_socket: No such file or directory
fatal: [localhost]: FAILED! => {
"changed": false,
"module_stderr": "Traceback (most recent call last):\n File \"/usr/lib/python3/dist-packages/firewall/client.py\", line 3114, in __init__\n self.bus = slip.dbus.SystemBus()\n File \"<string>\", line 2, in SystemBus\n File \"/usr/lib/python3/dist-packages/dbus/_dbus.py\", line 195, in __new__\n return Bus.__new__(cls, Bus.TYPE_SYSTEM, mainloop=mainloop,\n File \"/usr/lib/python3/dist-packages/dbus/_dbus.py\", line 102, in __new__\n bus = BusConnection.__new__(subclass, bus_type, mainloop=mainloop)\n File \"/usr/lib/python3/dist-packages/dbus/bus.py\", line 124, in __new__\n bus = cls._new_for_bus(address_or_type, mainloop=mainloop)\ndbus.exceptions.DBusException: org.freedesktop.DBus.Error.FileNotFound: Failed to connect to socket /run/dbus/system_bus_socket: No such file or directory\n\nDuring handling of the above exception, another exception occurred:\n\nTraceback (most recent call last):\n File \"/usr/lib/python3/dist-packages/firewall/client.py\", line 3118, in __init__\n self.bus = dbus.SystemBus()\n File \"/usr/lib/python3/dist-packages/dbus/_dbus.py\", line 195, in __new__\n return Bus.__new__(cls, Bus.TYPE_SYSTEM, mainloop=mainloop,\n File \"/usr/lib/python3/dist-packages/dbus/_dbus.py\", line 102, in __new__\n bus = BusConnection.__new__(subclass, bus_type, mainloop=mainloop)\n File \"/usr/lib/python3/dist-packages/dbus/bus.py\", line 124, in __new__\n bus = cls._new_for_bus(address_or_type, mainloop=mainloop)\ndbus.exceptions.DBusException: org.freedesktop.DBus.Error.FileNotFound: Failed to connect to socket /run/dbus/system_bus_socket: No such file or directory\n\nDuring handling of the above exception, another exception occurred:\n\nTraceback (most recent call last):\n File \"<stdin>\", line 15, in <module>\n File \"/usr/lib/python3.9/runpy.py\", line 210, in run_module\n return _run_module_code(code, init_globals, run_name, mod_spec)\n File \"/usr/lib/python3.9/runpy.py\", line 97, in _run_module_code\n _run_code(code, mod_globals, init_globals,\n File \"/usr/lib/python3.9/runpy.py\", line 87, in _run_code\n exec(code, run_globals)\n File \"/tmp/ansible_ansible.posix.firewalld_info_payload_8t3s6cvz/ansible_ansible.posix.firewalld_info_payload.zip/ansible_collections/ansible/posix/plugins/modules/firewalld_info.py\", line 405, in <module>\n File \"/tmp/ansible_ansible.posix.firewalld_info_payload_8t3s6cvz/ansible_ansible.posix.firewalld_info_payload.zip/ansible_collections/ansible/posix/plugins/modules/firewalld_info.py\", line 342, in main\n File \"<decorator-gen-829>\", line 2, in __init__\n File \"/usr/lib/python3/dist-packages/firewall/client.py\", line 53, in handle_exceptions\n return func(*args, **kwargs)\n File \"/usr/lib/python3/dist-packages/firewall/client.py\", line 3120, in __init__\n raise FirewallError(errors.DBUS_ERROR,\nfirewall.errors.FirewallError: DBUS_ERROR: Failed to connect to socket /run/dbus/system_bus_socket: No such file or directory\n",
"module_stdout": "",
"msg": "MODULE FAILURE: No start of json char found\nSee stdout/stderr for the exact error",
"rc": 1
}
PLAY RECAP ****************************************************************************************************************************
localhost : ok=2 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=1