softwarefactory-project-zuul[bot] cddfa80d84 Merge pull request #402 from gnfzdz/bugfix_offline_add_interface ... Fix adding interface to zone when firewalld is offline SUMMARY Fixes issue #357 The existing implementation had several issues which have been resolved by this PR: incorrectly assumed some zone always exists that contains the interface incorrectly included the logic to add the interface to the target zone inside of the condition checking if the interface is already assigned to a different zone (and needs to be removed) passed an invalid argument to the constructor for FirewallClientZoneSettings ISSUE TYPE Bugfix Pull Request COMPONENT NAME ansible.posix.firewalld ADDITIONAL INFORMATION - name: Add lo interface to trusted zone ansible.posix.firewalld: interface: lo zone: trusted permanent: Yes state: enabled Before TASK [firewalld : Add lo interface to trusted zone] **************************** task path: /root/ansible_collections/ansible/posix/tests/output/.tmp/integration/firewalld-gpgqwc7n-ÅÑŚÌβŁÈ/tests/integration/targets/firewalld/tasks/interface_test_cases.yml:7 Using module file /root/ansible_collections/ansible/posix/plugins/modules/firewalld.py Pipelining is enabled. <testhost> ESTABLISH LOCAL CONNECTION FOR USER: root <testhost> EXEC /bin/sh -c '/usr/bin/python3.10 && sleep 0' The full traceback is: File "/tmp/ansible_ansible.posix.firewalld_payload_2vetziz9/ansible_ansible.posix.firewalld_payload.zip/ansible_collections/ansible/posix/plugins/module_utils/firewalld.py", line 112, in action_handler return action_func(*action_func_args) File "/tmp/ansible_ansible.posix.firewalld_payload_2vetziz9/ansible_ansible.posix.firewalld_payload.zip/ansible_collections/ansible/posix/plugins/modules/firewalld.py", line 481, in set_enabled_permanent fatal: [testhost]: FAILED! => { "changed": false, "invocation": { "module_args": { "icmp_block": null, "icmp_block_inversion": null, "immediate": false, "interface": "lo", "masquerade": null, "offline": null, "permanent": true, "port": null, "port_forward": null, "rich_rule": null, "service": null, "source": null, "state": "enabled", "target": null, "timeout": 0, "zone": "trusted" } }, "msg": "ERROR: Exception caught: list index out of range Permanent operation" } After TASK [firewalld : Add lo interface to trusted zone] **************************** task path: /root/ansible_collections/ansible/posix/tests/output/.tmp/integration/firewalld-tr92i6e1-ÅÑŚÌβŁÈ/tests/integration/targets/firewalld/tasks/interface_test_cases.yml:7 Using module file /root/ansible_collections/ansible/posix/plugins/modules/firewalld.py Pipelining is enabled. <testhost> ESTABLISH LOCAL CONNECTION FOR USER: root <testhost> EXEC /bin/sh -c '/usr/bin/python3.10 && sleep 0' changed: [testhost] => { "changed": true, "invocation": { "module_args": { "icmp_block": null, "icmp_block_inversion": null, "immediate": false, "interface": "lo", "masquerade": null, "offline": null, "permanent": true, "port": null, "port_forward": null, "rich_rule": null, "service": null, "source": null, "state": "enabled", "target": null, "timeout": 0, "zone": "trusted" } }, "msg": "Permanent operation, Changed lo to zone trusted, (offline operation: only on-disk configs were altered)" } Reviewed-by: Adam Miller <admiller@redhat.com>		2023-04-12 16:59:23 +00:00
..
fragments	Merge pull request #402 from gnfzdz/bugfix_offline_add_interface	2023-04-12 16:59:23 +00:00
changelog.yaml	Release 1.5.2 commit	2023-04-10 10:43:31 +09:00
config.yaml	Release 1.3.0 commit	2021-08-11 15:51:13 +09:00