diff --git a/package/yast2-firewall.changes b/package/yast2-firewall.changes index b27ee2b9..ef9643a4 100644 --- a/package/yast2-firewall.changes +++ b/package/yast2-firewall.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Wed Feb 26 20:23:04 UTC 2020 - Knut Anderssen + +- AutoYaST: Added back the installation finish client for opening + the VNC or SSH port during the first stage when used for remote + installations (bsc#1161319) +- 4.2.3 + ------------------------------------------------------------------- Tue Aug 27 18:00:06 CEST 2019 - schubi@suse.de diff --git a/package/yast2-firewall.spec b/package/yast2-firewall.spec index 3cfd5d31..ead53216 100644 --- a/package/yast2-firewall.spec +++ b/package/yast2-firewall.spec @@ -17,7 +17,7 @@ Name: yast2-firewall -Version: 4.2.2 +Version: 4.2.3 Release: 0 Summary: YaST2 - Firewall Configuration Group: System/YaST diff --git a/src/lib/y2firewall/clients/installation_finish.rb b/src/lib/y2firewall/clients/installation_finish.rb index b09f8771..6278b3c4 100644 --- a/src/lib/y2firewall/clients/installation_finish.rb +++ b/src/lib/y2firewall/clients/installation_finish.rb @@ -24,6 +24,8 @@ require "y2firewall/proposal_settings" require "installation/finish_client" +Yast.import "Mode" + module Y2Firewall module Clients # This is a step of base installation finish and it is responsible of write @@ -49,7 +51,7 @@ def title end def modes - [:installation] + [:installation, :autoinst] end def write @@ -63,14 +65,32 @@ def write # Modifies the configuration of the firewall according to the current # settings def configure_firewall + configure_firewall_service + configure_ssh + configure_vnc + end + + # Convenience method to enable / disable the firewalld service depending + # on the proposal settings + def configure_firewall_service + return unless Yast::Mode.installation + @settings.enable_firewall ? @firewalld.enable! : @firewalld.disable! + end + # Convenience method to open the ssh ports in firewalld depending on the + # proposal settings + def configure_ssh if @settings.open_ssh @firewalld.api.add_service(@settings.default_zone, "ssh") else @firewalld.api.remove_service(@settings.default_zone, "ssh") end + end + # Convenience method to open the vnc ports in firewalld depending on the + # proposal settings + def configure_vnc if @settings.open_vnc if @firewalld.api.service_supported?("tigervnc") @firewalld.api.add_service(@settings.default_zone, "tigervnc") diff --git a/test/lib/y2firewall/clients/auto_test.rb b/test/lib/y2firewall/clients/auto_test.rb index fdb85877..ad79084e 100755 --- a/test/lib/y2firewall/clients/auto_test.rb +++ b/test/lib/y2firewall/clients/auto_test.rb @@ -399,4 +399,10 @@ end end end + + describe "#packages" do + it "returns a hash with firewalld as a package to be installed" do + expect(subject.packages).to eq("install" => ["firewalld"], "remove" => []) + end + end end diff --git a/test/lib/y2firewall/clients/installation_finish_test.rb b/test/lib/y2firewall/clients/installation_finish_test.rb index 85d60aee..a3de7e62 100644 --- a/test/lib/y2firewall/clients/installation_finish_test.rb +++ b/test/lib/y2firewall/clients/installation_finish_test.rb @@ -21,7 +21,7 @@ describe "#modes" do it "runs on installation and autoinstallation" do - expect(subject.modes).to eq([:installation]) + expect(subject.modes).to eq([:installation, :autoinst]) end end @@ -30,13 +30,13 @@ let(:installed) { true } before do - allow(proposal_settings).to receive("enable_sshd").and_return(enable_sshd) - allow(firewalld).to receive("installed?").and_return(installed) - allow(proposal_settings).to receive("open_ssh").and_return(false) + allow(proposal_settings).to receive(:enable_sshd).and_return(enable_sshd) + allow(firewalld).to receive(:installed?).and_return(installed) + allow(proposal_settings).to receive(:open_ssh).and_return(false) end it "enables the sshd service if enabled in the proposal" do - allow(proposal_settings).to receive("enable_sshd").and_return(true) + allow(proposal_settings).to receive(:enable_sshd).and_return(true) expect(Yast::Service).to receive(:Enable).with("sshd") subject.write @@ -69,30 +69,34 @@ let(:api) do instance_double(Y2Firewall::Firewalld::Api, remove_service: true, add_service: true) end + let(:installation) { true } before do - allow(proposal_settings).to receive("enable_firewall").and_return(enable_firewall) - allow(firewalld).to receive("api").and_return(api) - allow(firewalld).to receive("enable!") - allow(firewalld).to receive("disable!") - allow(proposal_settings).to receive("open_ssh").and_return(false) + allow(proposal_settings).to receive(:enable_firewall).and_return(enable_firewall) + allow(firewalld).to receive(:api).and_return(api) + allow(firewalld).to receive(:enable!) + allow(firewalld).to receive(:disable!) + allow(Yast::Mode).to receive(:installation).and_return(installation) + allow(proposal_settings).to receive(:open_ssh).and_return(false) end - it "enables the firewalld service if enabled in the proposal" do - allow(proposal_settings).to receive("enable_firewall").and_return(true) - expect(firewalld).to receive("enable!") + context "during an installation" do + it "enables the firewalld service if enabled in the proposal" do + allow(proposal_settings).to receive(:enable_firewall).and_return(true) + expect(firewalld).to receive(:enable!) - subject.send(:configure_firewall) - end + subject.send(:configure_firewall) + end - it "disables the firewalld service if disabled in the proposal" do - expect(firewalld).to receive("disable!") + it "disables the firewalld service if disabled in the proposal" do + expect(firewalld).to receive(:disable!) - subject.send(:configure_firewall) + subject.send(:configure_firewall) + end end it "adds the ssh service to the default zone if opened in the proposal" do - expect(proposal_settings).to receive("open_ssh").and_return(true) + expect(proposal_settings).to receive(:open_ssh).and_return(true) expect(api).to receive(:add_service).with(proposal_settings.default_zone, "ssh") subject.send(:configure_firewall) @@ -108,7 +112,7 @@ let(:service_available) { true } before do - allow(proposal_settings).to receive("open_vnc").and_return(true) + allow(proposal_settings).to receive(:open_vnc).and_return(true) allow(api).to receive(:service_supported?).with("tigervnc").and_return(service_available) end