taking true/false value for sysctl settings

src/data/security/level1.yml

@@ -34,6 +34,6 @@ USERADD_CMD:                      "/usr/sbin/useradd.local"
 USERDEL_POSTCMD:                  "/usr/sbin/userdel-post.local"
 USERDEL_PRECMD:                   "/usr/sbin/userdel-pre.local"
 kernel.sysrq:                     '0'
-net.ipv4.ip_forward:              '0'
-net.ipv4.tcp_syncookies:          '1'
-net.ipv6.conf.all.forwarding:     '0'
+net.ipv4.ip_forward:              false
+net.ipv4.tcp_syncookies:          true
+net.ipv6.conf.all.forwarding:     false

src/data/security/level2.yml

@@ -34,6 +34,6 @@ USERADD_CMD:                      "/usr/sbin/useradd.local"
 USERDEL_POSTCMD:                  "/usr/sbin/userdel-post.local"
 USERDEL_PRECMD:                   "/usr/sbin/userdel-pre.local"
 kernel.sysrq:                     '0'
-net.ipv4.ip_forward:              '0'
-net.ipv4.tcp_syncookies:          '1'
-net.ipv6.conf.all.forwarding:     '0'
+net.ipv4.ip_forward:              false
+net.ipv4.tcp_syncookies:          true
+net.ipv6.conf.all.forwarding:     false

src/data/security/level3.yml

@@ -34,6 +34,6 @@ USERADD_CMD:                      "/usr/sbin/useradd.local"
 USERDEL_POSTCMD:                  "/usr/sbin/userdel-post.local"
 USERDEL_PRECMD:                   "/usr/sbin/userdel-pre.local"
 kernel.sysrq:                     '0'
-net.ipv4.ip_forward:              '0'
-net.ipv4.tcp_syncookies:          '1'
-net.ipv6.conf.all.forwarding:     '0'
+net.ipv4.ip_forward:              false
+net.ipv4.tcp_syncookies:          true
+net.ipv6.conf.all.forwarding:     false

src/include/security/dialogs.rb

@@ -117,7 +117,9 @@ def initialize_security_dialogs(include_target)
         "yes" => "no",
         "no" => "yes",
         "1" => "0",
-        "0" => "1"
+        "0" => "1",
+        true => false,
+        false => true
       }
 
       # mapping for "Configure" links
@@ -150,9 +152,9 @@ def SecurityStatus(option, plaintext)
       # handle the special cases at first
       if Builtins.contains(@configurable_options, option)
         ret = _("Configure")
-      elsif ["1", "yes"].include?(value)
+      elsif ["1", "yes", true].include?(value)
         ret = _("Enabled")
-      elsif ["0", "no"].include?(value)
+      elsif ["0", "no", false].include?(value)
         ret = _("Disabled")
       else
         return @UNKNOWN_STATUS
@@ -257,23 +259,15 @@ def OverviewText(type)
         },
         {
           "id"        => "net.ipv4.tcp_syncookies",
-          "is_secure" => Ops.get(
-            Security.Settings,
-            "net.ipv4.tcp_syncookies",
-            ""
-          ) == "1"
+          "is_secure" => Security.Settings[ "net.ipv4.tcp_syncookies" ]
         },
         {
           "id"        => "net.ipv4.ip_forward",
-          "is_secure" => Ops.get(Security.Settings, "net.ipv4.ip_forward", "") == "0"
+          "is_secure" => !Security.Settings["net.ipv4.ip_forward"]
         },
         {
           "id"        => "net.ipv6.conf.all.forwarding",
-          "is_secure" => Ops.get(
-            Security.Settings,
-            "net.ipv6.conf.all.forwarding",
-            ""
-          ) == "0"
+          "is_secure" => !Security.Settings["net.ipv6.conf.all.forwarding"]
         },
         {
           "id"        => "MANDATORY_SERVICES",
@@ -481,12 +475,7 @@ def OverviewDialog
           Builtins.y2milestone("Clicked %1 link", ret)
 
           current_value = Ops.get(Security.Settings, Convert.to_string(ret), "")
-
-          new_value = Ops.get_string(
-            @link_value_mapping,
-            current_value,
-            current_value
-          )
+          new_value = @link_value_mapping[current_value]
 
           # set the new value and refresh the overview
           if Builtins.haskey(@link_value_mapping, current_value) &&

src/modules/Security.rb

@@ -118,9 +118,9 @@ def init_settings
         "CRACKLIB_DICT_PATH"                        => "/usr/lib/cracklib_dict",
         "DISPLAYMANAGER_REMOTE_ACCESS"              => "no",
         "kernel.sysrq"                              => "0",
-        "net.ipv4.tcp_syncookies"                   => "1",
-        "net.ipv4.ip_forward"                       => "0",
-        "net.ipv6.conf.all.forwarding"              => "0",
+        "net.ipv4.tcp_syncookies"                   => true,
+        "net.ipv4.ip_forward"                       => false,
+        "net.ipv6.conf.all.forwarding"              => false,
         "FAIL_DELAY"                                => "3",
         "GID_MAX"                                   => "60000",
         "GID_MIN"                                   => "1000",
@@ -583,8 +583,8 @@ def write_kernel_settings
       @sysctl.sort.each do |key, default_value|
         val = @Settings.fetch(key, default_value)
         int_val = Integer(val) rescue nil
-        if int_val.nil?
-          log.error "value #{val} for #{key} is not integer, not writing"
+        if int_val.nil? && ![TrueClass, FalseClass].include?(val.class)
+          log.error "value #{val} for #{key} has wrong type, not writing"
         elsif val != read_sysctl_value(key)
           write_sysctl_value(key, val)
           written = true
@@ -885,9 +885,9 @@ def sysctl_config
     # Map sysctl keys to method names from the CFA::SysctlConfig class.
     SYSCTL_KEY_TO_METH = {
       "kernel.sysrq"                 => :kernel_sysrq,
-      "net.ipv4.tcp_syncookies"      => :raw_tcp_syncookies,
-      "net.ipv4.ip_forward"          => :raw_forward_ipv4,
-      "net.ipv6.conf.all.forwarding" => :raw_forward_ipv6
+      "net.ipv4.tcp_syncookies"      => :tcp_syncookies,
+      "net.ipv4.ip_forward"          => :forward_ipv4,
+      "net.ipv6.conf.all.forwarding" => :forward_ipv6
     }.freeze
 
     # @param key [String] Key to get the value for