From 1eb325692c16dad95f5e05c026e5de599075e3a3 Mon Sep 17 00:00:00 2001 From: Jiri Popelka Date: Mon, 22 Feb 2016 19:05:51 +0100 Subject: [PATCH] Revert one commit to temporary work-around RHBZ#1309754 --- ...ld-0.4.0-ALREADY_ENABLED_RHBZ1309754.patch | 251 ++++++++++++++++++ firewalld.spec | 7 +- 2 files changed, 257 insertions(+), 1 deletion(-) create mode 100644 firewalld-0.4.0-ALREADY_ENABLED_RHBZ1309754.patch diff --git a/firewalld-0.4.0-ALREADY_ENABLED_RHBZ1309754.patch b/firewalld-0.4.0-ALREADY_ENABLED_RHBZ1309754.patch new file mode 100644 index 0000000..6b27c36 --- /dev/null +++ b/firewalld-0.4.0-ALREADY_ENABLED_RHBZ1309754.patch @@ -0,0 +1,251 @@ +From b81a595f83d269a56ef5e13105de5bfce392e187 Mon Sep 17 00:00:00 2001 +From: Jiri Popelka +Date: Mon, 22 Feb 2016 18:51:48 +0100 +Subject: [PATCH] Revert "firewall.client: Raise ALREADY/NOT _ENABLED errors" + +This reverts commit 14fecd41eb6be610179ff6e1b2534dd6171628be. +--- + src/firewall/client.py | 69 +++----------------------------------------------- + 1 file changed, 3 insertions(+), 66 deletions(-) + +diff --git a/src/firewall/client.py b/src/firewall/client.py +index 65be20a..1d562da 100644 +--- a/src/firewall/client.py ++++ b/src/firewall/client.py +@@ -29,7 +29,7 @@ import dbus.mainloop.glib + import slip.dbus + + from firewall.config import * +-from firewall.errors import FirewallError, ALREADY_ENABLED, NOT_ENABLED ++from firewall.errors import FirewallError + from firewall.config.dbus import * + from firewall.core.base import DEFAULT_ZONE_TARGET + from firewall.dbus_utils import dbus_to_python +@@ -137,14 +137,10 @@ class FirewallClientZoneSettings(object): + def addService(self, service): + if service not in self.settings[5]: + self.settings[5].append(service) +- else: +- raise FirewallError(ALREADY_ENABLED, service) + @handle_exceptions + def removeService(self, service): + if service in self.settings[5]: + self.settings[5].remove(service) +- else: +- raise FirewallError(NOT_ENABLED, service) + @handle_exceptions + def queryService(self, service): + return service in self.settings[5] +@@ -159,14 +155,10 @@ class FirewallClientZoneSettings(object): + def addPort(self, port, protocol): + if (port,protocol) not in self.settings[6]: + self.settings[6].append((port,protocol)) +- else: +- raise FirewallError(ALREADY_ENABLED, "'%s:%s'" % (port, protocol)) + @handle_exceptions + def removePort(self, port, protocol): + if (port,protocol) in self.settings[6]: + self.settings[6].remove((port,protocol)) +- else: +- raise FirewallError(NOT_ENABLED, "'%s:%s'" % (port, protocol)) + @handle_exceptions + def queryPort(self, port, protocol): + return (port,protocol) in self.settings[6] +@@ -181,14 +173,10 @@ class FirewallClientZoneSettings(object): + def addProtocol(self, protocol): + if protocol not in self.settings[13]: + self.settings[13].append(protocol) +- else: +- raise FirewallError(ALREADY_ENABLED, protocol) + @handle_exceptions + def removeProtocol(self, protocol): + if protocol in self.settings[13]: + self.settings[13].remove(protocol) +- else: +- raise FirewallError(NOT_ENABLED, protocol) + @handle_exceptions + def queryProtocol(self, protocol): + return protocol in self.settings[13] +@@ -203,14 +191,10 @@ class FirewallClientZoneSettings(object): + def addIcmpBlock(self, icmptype): + if icmptype not in self.settings[7]: + self.settings[7].append(icmptype) +- else: +- raise FirewallError(ALREADY_ENABLED, icmptype) + @handle_exceptions + def removeIcmpBlock(self, icmptype): + if icmptype in self.settings[7]: + self.settings[7].remove(icmptype) +- else: +- raise FirewallError(NOT_ENABLED, icmptype) + @handle_exceptions + def queryIcmpBlock(self, icmptype): + return icmptype in self.settings[7] +@@ -236,9 +220,6 @@ class FirewallClientZoneSettings(object): + to_addr = '' + if (port,protocol,to_port,to_addr) not in self.settings[9]: + self.settings[9].append((port,protocol,to_port,to_addr)) +- else: +- raise FirewallError(ALREADY_ENABLED, "'%s:%s:%s:%s'" % \ +- (port, protocol, toport, toaddr)) + @handle_exceptions + def removeForwardPort(self, port, protocol, to_port, to_addr): + if to_port is None: +@@ -247,9 +228,6 @@ class FirewallClientZoneSettings(object): + to_addr = '' + if (port,protocol,to_port,to_addr) in self.settings[9]: + self.settings[9].remove((port,protocol,to_port,to_addr)) +- else: +- raise FirewallError(NOT_ENABLED, "'%s:%s:%s:%s'" % \ +- (port, protocol, toport, toaddr)) + @handle_exceptions + def queryForwardPort(self, port, protocol, to_port, to_addr): + if to_port is None: +@@ -268,14 +246,10 @@ class FirewallClientZoneSettings(object): + def addInterface(self, interface): + if interface not in self.settings[10]: + self.settings[10].append(interface) +- else: +- raise FirewallError(ALREADY_ENABLED, interface) + @handle_exceptions + def removeInterface(self, interface): + if interface in self.settings[10]: + self.settings[10].remove(interface) +- else: +- raise FirewallError(NOT_ENABLED, interface) + @handle_exceptions + def queryInterface(self, interface): + return interface in self.settings[10] +@@ -290,14 +264,10 @@ class FirewallClientZoneSettings(object): + def addSource(self, source): + if source not in self.settings[11]: + self.settings[11].append(source) +- else: +- raise FirewallError(ALREADY_ENABLED, source) + @handle_exceptions + def removeSource(self, source): + if source in self.settings[11]: + self.settings[11].remove(source) +- else: +- raise FirewallError(NOT_ENABLED, source) + @handle_exceptions + def querySource(self, source): + return source in self.settings[11] +@@ -314,15 +284,11 @@ class FirewallClientZoneSettings(object): + rule = str(Rich_Rule(rule_str=rule)) + if rule not in self.settings[12]: + self.settings[12].append(rule) +- else: +- raise FirewallError(ALREADY_ENABLED, rule) + @handle_exceptions + def removeRichRule(self, rule): + rule = str(Rich_Rule(rule_str=rule)) + if rule in self.settings[12]: + self.settings[12].remove(rule) +- else: +- raise FirewallError(NOT_ENABLED, rule) + @handle_exceptions + def queryRichRule(self, rule): + rule = str(Rich_Rule(rule_str=rule)) +@@ -734,14 +700,10 @@ class FirewallClientServiceSettings(object): + def addPort(self, port, protocol): + if (port,protocol) not in self.settings[3]: + self.settings[3].append((port,protocol)) +- else: +- raise FirewallError(ALREADY_ENABLED, "'%s:%s'" % (port, protocol)) + @handle_exceptions + def removePort(self, port, protocol): + if (port,protocol) in self.settings[3]: + self.settings[3].remove((port,protocol)) +- else: +- raise FirewallError(NOT_ENABLED, "'%s:%s'" % (port, protocol)) + @handle_exceptions + def queryPort(self, port, protocol): + return (port,protocol) in self.settings[3] +@@ -756,14 +718,10 @@ class FirewallClientServiceSettings(object): + def addProtocol(self, protocol): + if protocol not in self.settings[6]: + self.settings[6].append(protocol) +- else: +- raise FirewallError(ALREADY_ENABLED, protocol) + @handle_exceptions + def removeProtocol(self, protocol): + if protocol in self.settings[6]: + self.settings[6].remove(protocol) +- else: +- raise FirewallError(NOT_ENABLED, protocol) + @handle_exceptions + def queryProtocol(self, protocol): + return protocol in self.settings[6] +@@ -778,14 +736,10 @@ class FirewallClientServiceSettings(object): + def addModule(self, module): + if module not in self.settings[4]: + self.settings[4].append(module) +- else: +- raise FirewallError(ALREADY_ENABLED, module) + @handle_exceptions + def removeModule(self, module): + if module in self.settings[4]: + self.settings[4].remove(module) +- else: +- raise FirewallError(NOT_ENABLED, module) + @handle_exceptions + def queryModule(self, module): + return module in self.settings[4] +@@ -798,18 +752,11 @@ class FirewallClientServiceSettings(object): + self.settings[5] = destinations + @handle_exceptions + def setDestination(self, dest_type, address): +- if not dest_type in self.settings[5] or \ +- self.settings[5][dest_type] != address: +- self.settings[5][dest_type] = address +- else: +- raise FirewallError(ALREADY_ENABLED, "'%s:%s'" % \ +- (dest_type, address)) ++ self.settings[5][dest_type] = address + @handle_exceptions + def removeDestination(self, dest_type): + if dest_type in self.settings[5]: + del self.settings[5][dest_type] +- else: +- raise FirewallError(NOT_ENABLED, "'%s'" % dest_type) + @handle_exceptions + def queryDestination(self, dest_type, address): + return (dest_type in self.settings[5] and \ +@@ -865,17 +812,11 @@ class FirewallClientIPSetSettings(object): + self.settings[4] = options + @handle_exceptions + def addOption(self, key, value): +- if not key in self.settings[4] or self.settings[4][key] != value: +- self.settings[4][key] = value +- else: +- raise FirewallError(ALREADY_ENABLED, "'%s=%s'" % (key,value) +- if value else key) ++ self.settings[4][key] = value + @handle_exceptions + def removeOption(self, key): + if key in self.settings[4]: + del self.settings[4][key] +- else: +- raise FirewallError(NOT_ENABLED, key) + @handle_exceptions + def queryOption(self, key, value): + return key in self.settings[4] and self.settings[4][key] == value +@@ -890,14 +831,10 @@ class FirewallClientIPSetSettings(object): + def addEntry(self, entry): + if entry not in self.settings[5]: + self.settings[5].append(entry) +- else: +- raise FirewallError(ALREADY_ENABLED, entry) + @handle_exceptions + def removeEntry(self, entry): + if entry in self.settings[5]: + self.settings[5].remove(entry) +- else: +- raise FirewallError(NOT_ENABLED, entry) + @handle_exceptions + def queryEntry(self, entry): + return entry in self.settings[5] +-- +2.5.0 + diff --git a/firewalld.spec b/firewalld.spec index 76fb89d..e4c96f1 100644 --- a/firewalld.spec +++ b/firewalld.spec @@ -8,7 +8,7 @@ Summary: A firewall daemon with D-Bus interface providing a dynamic firewall Name: firewalld Version: 0.4.0 -Release: 3%{?dist} +Release: 4%{?dist} URL: http://www.firewalld.org License: GPLv2+ Source0: https://fedorahosted.org/released/firewalld/%{name}-%{version}.tar.bz2 @@ -19,6 +19,7 @@ Source2: FedoraWorkstation.xml %if 0%{?fedora} Patch0: firewalld-0.2.6-MDNS-default.patch Patch1: firewalld-0.4.0-tempdir_RHBZ1305175.patch +Patch2: firewalld-0.4.0-ALREADY_ENABLED_RHBZ1309754.patch %endif BuildArch: noarch BuildRequires: desktop-file-utils @@ -174,6 +175,7 @@ Workstation product specific firewalld configuration settings. %if 0%{?fedora} %patch0 -p1 %patch1 -p1 +%patch2 -p1 %endif %if 0%{?with_python3} @@ -486,6 +488,9 @@ fi %endif %changelog +* Mon Feb 22 2016 Jiri Popelka - 0.4.0-4 +- Revert one commit to temporary work-around RHBZ#1309754 + * Mon Feb 08 2016 Jiri Popelka - 0.4.0-3 - Make sure tempdir is created even in offline mode. (RHBZ#1305175)