carroarmato0/ansible.posix
1
0
Fork 0
mirror of https://github.com/ansible-collections/ansible.posix.git synced 2026-01-11 23:25:28 +01:00
Code Issues Projects Releases Packages Wiki Activity
ansible.posix/changelogs/fragments
History
softwarefactory-project-zuul[bot] 8a07431bf8
Merge pull request #399 from gnfzdz/main 
Updat ZoneTransaction to support operations when firewalld is offline

SUMMARY

Fixes #398 by checking the flag self.fw_offline and calling the offline specific APIs when the flag is true.
ISSUE TYPE

Bugfix Pull Request

COMPONENT NAME
ansible.posix.firewalld
ADDITIONAL INFORMATION
When attempting to add or remove zones, the ansible.posix.firewalld module would always call APIs as if it was online.
Specifically, the ZoneTransaction class assumed that self.fw  was a FirewallClient, but when the daemon is offline, it is instead either a Firewall or Firewall_test based on the version of firewalld installed.
See #398  for additional background.

Sample task
- name: 'Zone example - Create new zone'
  ansible.posix.firewalld:
    zone: "example"
    state: "present"
    permanent: Yes
Before
The full traceback is:
  File "/tmp/ansible_ansible.posix.firewalld_payload_04lptorx/ansible_ansible.posix.firewalld_payload.zip/ansible_collections/ansible/posix/plugins/module_utils/firewalld.py", line 111, in action_handler
    return action_func(*action_func_args)
  File "/tmp/ansible_ansible.posix.firewalld_payload_04lptorx/ansible_ansible.posix.firewalld_payload.zip/ansible_collections/ansible/posix/plugins/modules/firewalld.py", line 678, in get_enabled_permanent
fatal: [boot]: FAILED! => {
    "changed": false,
    "invocation": {
        "module_args": {
            "icmp_block": null,
            "icmp_block_inversion": null,
            "immediate": false,
            "interface": null,
            "masquerade": null,
            "offline": null,
            "permanent": true,
            "port": null,
            "port_forward": null,
            "rich_rule": null,
            "service": null,
            "source": null,
            "state": "present",
            "target": null,
            "timeout": 0,
            "zone": "example"
        }
    },
    "msg": "ERROR: Exception caught: 'FirewallConfig' object is not callable"
}

After
changed: [boot] => {
    "changed": true,
    "invocation": {
        "module_args": {
            "icmp_block": null,
            "icmp_block_inversion": null,
            "immediate": false,
            "interface": null,
            "masquerade": null,
            "offline": null,
            "permanent": true,
            "port": null,
            "port_forward": null,
            "rich_rule": null,
            "service": null,
            "source": null,
            "state": "present",
            "target": null,
            "timeout": 0,
            "zone": "example"
        }
    },
    "msg": "Permanent operation, Added zone example, Changed zone example to present, (offline operation: only on-disk configs were altered)"

Reviewed-by: Gonéri Le Bouder <goneri@lebouder.net>
2023-02-03 14:12:50 +00:00
..
.keep Prepare 1.1.1 release 2020-09-02 20:55:04 +00:00
399_firewalld_create_remove_zone_when_offline.yml Update ZoneTransaction to support adding/removing zones when firewalld is offline. 2023-01-17 13:29:18 -05:00
413-synchronize-seealso.yml Add changelog fragment 2023-01-30 22:30:26 +01:00