Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

This module accepts invalid config for port #119

Closed
maage opened this issue Sep 4, 2016 · 1 comment · Fixed by #181
Closed

This module accepts invalid config for port #119

maage opened this issue Sep 4, 2016 · 1 comment · Fixed by #181
Labels
bug Something isn't working

Comments

@maage
Copy link
Contributor

maage commented Sep 4, 2016

Affected Puppet, Ruby, OS and module versions/distributions

  • Puppet: Puppet v3.8.7
  • Ruby: ruby 2.0.0p598 (2014-11-13) [x86_64-linux]
  • Distribution: CentOS 7.2
  • Module version: 0.4.1

How to reproduce (e.g Puppet code you use)

ensure_resource('selinux::port', { 'foo', { context => 'syslogd_port_t', protocol => 'tcp6', port => 8514 }}
ensure_resource('selinux::port', { 'foo', { context => 'syslogd_port_t', port => 8514 }}

What are you seeing

Errors from semanage command:

ValueError: Protocol udp or tcp is required
proto option is needed for add

What behaviour did you expect instead

I'd expect manifest to catch these.

Any additional information you'd like to impart

rpm -qf /usr/sbin/semanage
policycoreutils-python-2.2.5-20.el7.x86_64

semanage port interface is the same in RedHat 6.8 policycoreutils-python-2.0.83-29.el6.x86_64.

/usr/sbin/semanage: Protocol udp or tcp is required
@maage
Copy link
Contributor Author

maage commented Sep 4, 2016

I have branch with fixes:
https://github.com/cybercom-finland/puppet-selinux/tree/port-limit-119
But I would like to have #117 fixed before.

@oranenj oranenj mentioned this issue Jan 14, 2017
Merged
@vinzent vinzent added the bug Something isn't working label Jan 17, 2017
@vinzent vinzent added this to the 1.0.0 milestone Jan 17, 2017
@vinzent vinzent mentioned this issue Jan 17, 2017
Merged
bastelfreak added a commit that referenced this issue Jan 17, 2017
@bastelfreak
Merge pull request #181 from vinzent/119_validate_port_params
75dfc59 
(GH-119) Don't accept udp6 and tcp6 as protocol name with selinux::port
@vinzent vinzent mentioned this issue Jan 18, 2017
Closed
EmRowlands pushed a commit to EmRowlands/puppet-selinux that referenced this issue Mar 29, 2023
@vinzent
(voxpupuliGH-119) Don't accept udp6 and tcp6 as protocol name with se…
cf112aa 
…linux::port

Only udp and tcp are valid. ipv4 and ipv6 would be valid options too
but it wasn't provided before.

This change closes voxpupuli#119
EmRowlands pushed a commit to EmRowlands/puppet-selinux that referenced this issue Mar 29, 2023
@bastelfreak
Merge pull request voxpupuli#181 from vinzent/119_validate_port_params
2c0e4d6 
(voxpupuliGH-119) Don't accept udp6 and tcp6 as protocol name with selinux::port
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Don't accept udp6 and tcp6 as protocol name with selinux::port
2 participants
@vinzent @maage