Merge e50e6aa into 0792132

yast · Feb 26, 2020 · 64d284b · 64d284b
2 parents 0792132 + e50e6aa
commit 64d284b
Show file tree

Hide file tree

Showing 4 changed files with 49 additions and 17 deletions.
diff --git a/package/yast2-firewall.changes b/package/yast2-firewall.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Wed Feb 26 20:23:04 UTC 2020 - Knut Anderssen <kanderssen@suse.com>
+
+- Autoyast: Added back the installation finish client for opening
+  the vnc or ssh port during the first stage when used for remote
+  installations (bsc#1161319)
+- 4.2.3
+
 -------------------------------------------------------------------
 Tue Aug 27 18:00:06 CEST 2019 - schubi@suse.de
 

diff --git a/package/yast2-firewall.spec b/package/yast2-firewall.spec
@@ -17,7 +17,7 @@
 
 
 Name:           yast2-firewall
-Version:        4.2.2
+Version:        4.2.3
 Release:        0
 Summary:        YaST2 - Firewall Configuration
 Group:          System/YaST

diff --git a/src/lib/y2firewall/clients/installation_finish.rb b/src/lib/y2firewall/clients/installation_finish.rb
@@ -24,6 +24,8 @@
 require "y2firewall/proposal_settings"
 require "installation/finish_client"
 
+Yast.import "Mode"
+
 module Y2Firewall
   module Clients
     # This is a step of base installation finish and it is responsible of write
@@ -49,7 +51,7 @@ def title
       end
 
       def modes
-        [:installation]
+        [:installation, :autoinst]
       end
 
       def write
@@ -63,14 +65,22 @@ def write
       # Modifies the configuration of the firewall according to the current
       # settings
       def configure_firewall
-        @settings.enable_firewall ? @firewalld.enable! : @firewalld.disable!
+        configure_service
+        configure_ssh
+        configure_vnc
+      end
 
-        if @settings.open_ssh
-          @firewalld.api.add_service(@settings.default_zone, "ssh")
-        else
-          @firewalld.api.remove_service(@settings.default_zone, "ssh")
-        end
+      # Convenience method to enable / disable the firewalld service depending
+      # on the proposal settings
+      def configure_service
+        return unless Yast::Mode.installation
+
+        @settings.enable_firewall ? @firewalld.enable! : @firewalld.disable!
+      end
 
+      # Convenience method to open the vnc ports in firewalld depending on the
+      # proposal settings
+      def configure_vnc
         if @settings.open_vnc
           if @firewalld.api.service_supported?("tigervnc")
             @firewalld.api.add_service(@settings.default_zone, "tigervnc")
@@ -80,6 +90,16 @@ def configure_firewall
           end
         end
       end
+
+      # Convenience method to open the ssh ports in firewalld depending on the
+      # proposal settings
+      def configure_ssh
+        if @settings.open_ssh
+          @firewalld.api.add_service(@settings.default_zone, "ssh")
+        else
+          @firewalld.api.remove_service(@settings.default_zone, "ssh")
+        end
+      end
     end
   end
 end
diff --git a/test/lib/y2firewall/clients/installation_finish_test.rb b/test/lib/y2firewall/clients/installation_finish_test.rb
@@ -21,7 +21,7 @@
 
   describe "#modes" do
     it "runs on installation and autoinstallation" do
-      expect(subject.modes).to eq([:installation])
+      expect(subject.modes).to eq([:installation, :autoinst])
     end
   end
 
@@ -69,26 +69,30 @@
     let(:api) do
       instance_double(Y2Firewall::Firewalld::Api, remove_service: true, add_service: true)
     end
+    let(:installation) { true }
 
     before do
       allow(proposal_settings).to receive("enable_firewall").and_return(enable_firewall)
       allow(firewalld).to receive("api").and_return(api)
       allow(firewalld).to receive("enable!")
       allow(firewalld).to receive("disable!")
+      allow(Yast::Mode).to receive(:installation).and_return(installation)
       allow(proposal_settings).to receive("open_ssh").and_return(false)
     end
 
-    it "enables the firewalld service if enabled in the proposal" do
-      allow(proposal_settings).to receive("enable_firewall").and_return(true)
-      expect(firewalld).to receive("enable!")
+    context "during an installation" do
+      it "enables the firewalld service if enabled in the proposal" do
+        allow(proposal_settings).to receive("enable_firewall").and_return(true)
+        expect(firewalld).to receive("enable!")
 
-      subject.send(:configure_firewall)
-    end
+        subject.send(:configure_firewall)
+      end
 
-    it "disables the firewalld service if disabled in the proposal" do
-      expect(firewalld).to receive("disable!")
+      it "disables the firewalld service if disabled in the proposal" do
+        expect(firewalld).to receive("disable!")
 
-      subject.send(:configure_firewall)
+        subject.send(:configure_firewall)
+      end
     end
 
     it "adds the ssh service to the default zone if opened in the proposal" do