[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

[PATCH] 474937 - don't duplicate --dport 22

From: Chris Lumens <clumens redhat com>
To: anaconda-devel-list redhat com
Subject: [PATCH] 474937 - don't duplicate --dport 22
Date: Thu, 11 Dec 2008 15:16:48 -0500

We were writing --dport 22 to /etc/sysconfig/iptables twice beacuse ssh
was getting included both in the kickstart file and implicitly in
firewall.py.  Check for that duplication.

While I'm at it, also actually handle --service= in the kickstart file
in firewall.py.

- Chris


diff --git a/firewall.py b/firewall.py
index f3e689d..ef543e6 100644
--- a/firewall.py
+++ b/firewall.py
@@ -35,7 +35,7 @@ class Firewall:
 	self.enabled = 1
         self.trustdevs = []
 	self.portlist = []
-        self.servicelist = ["ssh"]
+        self.servicelist = []
 
     def writeKS(self, f):
 	f.write("firewall")
@@ -54,7 +54,10 @@ class Firewall:
         if not self.enabled:
             args.append("--disabled")
             return args
-        
+
+        if not "ssh" in self.servicelist and not "22:tcp" in self.portlist:
+            args += ["--service=ssh"]
+
         for dev in self.trustdevs:
             args = args + [ "--trust=%s" %(dev,) ]
 
diff --git a/kickstart.py b/kickstart.py
index 4d70d51..961da30 100644
--- a/kickstart.py
+++ b/kickstart.py
@@ -247,6 +247,9 @@ class Firewall(commands.firewall.F10_Firewall):
         for port in self.ports:
             self.handler.id.firewall.portlist.append (port)
 
+        for svc in self.services:
+            self.handler.id.firewall.servicelist.append (svc)
+
 class Firstboot(commands.firstboot.FC3_Firstboot):
     def parse(self, args):
         commands.firstboot.FC3_Firstboot.parse(self, args)

Follow-Ups:
- Re: [PATCH] 474937 - don't duplicate --dport 22
  - From: David Cantrell

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]