[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: [PATCH] 474937 - don't duplicate --dport 22
- From: David Cantrell <dcantrell redhat com>
- To: Discussion of Development and Customization of the Red Hat Linux Installer <anaconda-devel-list redhat com>
- Subject: Re: [PATCH] 474937 - don't duplicate --dport 22
- Date: Thu, 11 Dec 2008 10:36:38 -1000
Chris Lumens wrote:
> We were writing --dport 22 to /etc/sysconfig/iptables twice beacuse ssh
> was getting included both in the kickstart file and implicitly in
> firewall.py. Check for that duplication.
>
> While I'm at it, also actually handle --service= in the kickstart file
> in firewall.py.
>
> - Chris
>
>
> diff --git a/firewall.py b/firewall.py
> index f3e689d..ef543e6 100644
> --- a/firewall.py
> +++ b/firewall.py
> @@ -35,7 +35,7 @@ class Firewall:
> self.enabled = 1
> self.trustdevs = []
> self.portlist = []
> - self.servicelist = ["ssh"]
> + self.servicelist = []
>
> def writeKS(self, f):
> f.write("firewall")
> @@ -54,7 +54,10 @@ class Firewall:
> if not self.enabled:
> args.append("--disabled")
> return args
> -
> +
> + if not "ssh" in self.servicelist and not "22:tcp" in self.portlist:
> + args += ["--service=ssh"]
> +
> for dev in self.trustdevs:
> args = args + [ "--trust=%s" %(dev,) ]
>
> diff --git a/kickstart.py b/kickstart.py
> index 4d70d51..961da30 100644
> --- a/kickstart.py
> +++ b/kickstart.py
> @@ -247,6 +247,9 @@ class Firewall(commands.firewall.F10_Firewall):
> for port in self.ports:
> self.handler.id.firewall.portlist.append (port)
>
> + for svc in self.services:
> + self.handler.id.firewall.servicelist.append (svc)
> +
> class Firstboot(commands.firstboot.FC3_Firstboot):
> def parse(self, args):
> commands.firstboot.FC3_Firstboot.parse(self, args)
Looks good.
--
David Cantrell <dcantrell redhat com>
Red Hat / Honolulu, HI
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]