From ec9ebcec38041ae7f790c476b8365c4c420a525d Mon Sep 17 00:00:00 2001 From: Knut Anderssen Date: Tue, 31 Oct 2023 16:21:10 +0000 Subject: [PATCH] Sets the firewalld service state according to the profile --- src/lib/y2firewall/clients/auto.rb | 23 ++++++++++++++++------- 1 file changed, 16 insertions(+), 7 deletions(-) diff --git a/src/lib/y2firewall/clients/auto.rb b/src/lib/y2firewall/clients/auto.rb index 631ebbf..b9345aa 100644 --- a/src/lib/y2firewall/clients/auto.rb +++ b/src/lib/y2firewall/clients/auto.rb @@ -79,10 +79,10 @@ def summary # @return [Boolean] def import(profile, merge = !Yast::Mode.config) self.class.profile = profile + # It does not need to be merged with current config but could be modified + # by the AutoYaST confirm dialog. + update_service_state(profile) return false if merge && !read(force: false) - - # Obtains the default from the control file (settings) if not present. - enable if profile.fetch("enable_firewall", settings.enable_firewall) start if profile.fetch("start_firewall", false) autoyast.import(profile) check_profile_for_errors @@ -240,16 +240,25 @@ def settings ::Installation::SecuritySettings.instance end - # Set that the firewall has to be enabled when writing - def enable - self.class.enable = true + # It sets which should be the firewalld service state according to the profile + # or to the product defaults settings + # + # @param profile [Hash] firewall profile section to be imported + def update_service_state(profile) + return unless self.class.enable.nil? + + state = profile.fetch("enable_firewall", settings.enable_firewall) + + log.info("Firewall should be enabled: #{state}") + state ? settings.enable_firewall! : settings.disable_firewall! if Yast::Mode.auto + state end # Whether the firewalld service has to be enable or disable when writing # # @return [Boolean] true if has to be enabled; false otherwise def enable? - !!self.class.enable + !!(Yast::Mode.auto ? settings.enable_firewall : self.class.enable) end # Set that the firewall has to be started when writing