firewall.core.fw_config: Create backup on zone, service, ipset and ic…

…mptype removal (RHBZ#1339251)

On removal the zone, service, ipset and icmptype file X is simply renamed to
X.old to preserve it. If this fails, it gets removed.

src/firewall/core/fw_config.py

@@ -23,6 +23,7 @@
 
 import copy
 import os, os.path
+import shutil
 from firewall import config
 from firewall.core.logger import log
 from firewall.core.io.icmptype import IcmpType, icmptype_reader, icmptype_writer
@@ -299,7 +300,14 @@ def _remove_ipset(self, obj):
             raise FirewallError(errors.INVALID_DIRECTORY,
                                 "'%s' != '%s'" % (obj.path,
                                                   config.ETC_FIREWALLD_IPSETS))
-        os.remove("%s/%s.xml" % (obj.path, obj.name))
+
+        name = "%s/%s.xml" % (obj.path, obj.name)
+        try:
+            shutil.move(name, "%s.old" % name)
+        except Exception as msg:
+            log.error("Backup of file '%s' failed: %s", name, msg)
+            os.remove(name)
+
         del self._ipsets[obj.name]
 
     def check_builtin_ipset(self, obj):
@@ -465,7 +473,14 @@ def _remove_icmptype(self, obj):
             raise FirewallError(errors.INVALID_DIRECTORY,
                                 "'%s' != '%s'" % \
                                 (obj.path, config.ETC_FIREWALLD_ICMPTYPES))
-        os.remove("%s/%s.xml" % (obj.path, obj.name))
+
+        name = "%s/%s.xml" % (obj.path, obj.name)
+        try:
+            shutil.move(name, "%s.old" % name)
+        except Exception as msg:
+            log.error("Backup of file '%s' failed: %s", name, msg)
+            os.remove(name)
+
         del self._icmptypes[obj.name]
 
     def check_builtin_icmptype(self, obj):
@@ -631,7 +646,14 @@ def _remove_service(self, obj):
             raise FirewallError(errors.INVALID_DIRECTORY,
                                 "'%s' != '%s'" % \
                                 (obj.path, config.ETC_FIREWALLD_SERVICES))
-        os.remove("%s/%s.xml" % (obj.path, obj.name))
+
+        name = "%s/%s.xml" % (obj.path, obj.name)
+        try:
+            shutil.move(name, "%s.old" % name)
+        except Exception as msg:
+            log.error("Backup of file '%s' failed: %s", name, msg)
+            os.remove(name)
+
         del self._services[obj.name]
 
     def check_builtin_service(self, obj):
@@ -813,7 +835,14 @@ def _remove_zone(self, obj):
             raise FirewallError(errors.INVALID_DIRECTORY,
                                 "'%s' doesn't start with '%s'" % \
                                 (obj.path, config.ETC_FIREWALLD_ZONES))
-        os.remove("%s/%s.xml" % (config.ETC_FIREWALLD_ZONES, obj.name))
+
+        name = "%s/%s.xml" % (obj.path, obj.name)
+        try:
+            shutil.move(name, "%s.old" % name)
+        except Exception as msg:
+            log.error("Backup of file '%s' failed: %s", name, msg)
+            os.remove(name)
+
         del self._zones[obj.name]
 
     def check_builtin_zone(self, obj):