mirror of
https://github.com/ansible-collections/ansible.posix.git
synced 2026-01-11 07:05:27 +01:00
cddfa80d84
Fix adding interface to zone when firewalld is offline SUMMARY Fixes issue #357 The existing implementation had several issues which have been resolved by this PR: incorrectly assumed some zone always exists that contains the interface incorrectly included the logic to add the interface to the target zone inside of the condition checking if the interface is already assigned to a different zone (and needs to be removed) passed an invalid argument to the constructor for FirewallClientZoneSettings ISSUE TYPE Bugfix Pull Request COMPONENT NAME ansible.posix.firewalld ADDITIONAL INFORMATION - name: Add lo interface to trusted zone ansible.posix.firewalld: interface: lo zone: trusted permanent: Yes state: enabled Before TASK [firewalld : Add lo interface to trusted zone] **************************** task path: /root/ansible_collections/ansible/posix/tests/output/.tmp/integration/firewalld-gpgqwc7n-ÅÑŚÌβŁÈ/tests/integration/targets/firewalld/tasks/interface_test_cases.yml:7 Using module file /root/ansible_collections/ansible/posix/plugins/modules/firewalld.py Pipelining is enabled. <testhost> ESTABLISH LOCAL CONNECTION FOR USER: root <testhost> EXEC /bin/sh -c '/usr/bin/python3.10 && sleep 0' The full traceback is: File "/tmp/ansible_ansible.posix.firewalld_payload_2vetziz9/ansible_ansible.posix.firewalld_payload.zip/ansible_collections/ansible/posix/plugins/module_utils/firewalld.py", line 112, in action_handler return action_func(*action_func_args) File "/tmp/ansible_ansible.posix.firewalld_payload_2vetziz9/ansible_ansible.posix.firewalld_payload.zip/ansible_collections/ansible/posix/plugins/modules/firewalld.py", line 481, in set_enabled_permanent fatal: [testhost]: FAILED! => { "changed": false, "invocation": { "module_args": { "icmp_block": null, "icmp_block_inversion": null, "immediate": false, "interface": "lo", "masquerade": null, "offline": null, "permanent": true, "port": null, "port_forward": null, "rich_rule": null, "service": null, "source": null, "state": "enabled", "target": null, "timeout": 0, "zone": "trusted" } }, "msg": "ERROR: Exception caught: list index out of range Permanent operation" } After TASK [firewalld : Add lo interface to trusted zone] **************************** task path: /root/ansible_collections/ansible/posix/tests/output/.tmp/integration/firewalld-tr92i6e1-ÅÑŚÌβŁÈ/tests/integration/targets/firewalld/tasks/interface_test_cases.yml:7 Using module file /root/ansible_collections/ansible/posix/plugins/modules/firewalld.py Pipelining is enabled. <testhost> ESTABLISH LOCAL CONNECTION FOR USER: root <testhost> EXEC /bin/sh -c '/usr/bin/python3.10 && sleep 0' changed: [testhost] => { "changed": true, "invocation": { "module_args": { "icmp_block": null, "icmp_block_inversion": null, "immediate": false, "interface": "lo", "masquerade": null, "offline": null, "permanent": true, "port": null, "port_forward": null, "rich_rule": null, "service": null, "source": null, "state": "enabled", "target": null, "timeout": 0, "zone": "trusted" } }, "msg": "Permanent operation, Changed lo to zone trusted, (offline operation: only on-disk configs were altered)" } Reviewed-by: Adam Miller <admiller@redhat.com> |
||
|---|---|---|
| .. | ||
| __init__.py | ||
| acl.py | ||
| at.py | ||
| authorized_key.py | ||
| firewalld.py | ||
| firewalld_info.py | ||
| mount.py | ||
| patch.py | ||
| rhel_facts.py | ||
| rhel_rpm_ostree.py | ||
| rpm_ostree_upgrade.py | ||
| seboolean.py | ||
| selinux.py | ||
| synchronize.py | ||
| sysctl.py | ||