From f9e0fdd188e7730468bebdf35f573f2a1ef6bd9b Mon Sep 17 00:00:00 2001 From: Eric Garver Date: Tue, 2 Aug 2022 13:11:31 -0400 Subject: [PATCH 4/5] fix(runtimeToPermanent): errors for interfaces not in zone We should only consider the interfaces for the currently iterated over zone. Otherwise we will attempt to remove an interface from a zone for which it is does not belong. Note this only occurs when NetworkManager is running. Fixes: #976 Fixes: rhbz2112982 (cherry picked from commit 15f47354c4a078dc694df1541550b3e5156548fc) --- src/firewall/server/firewalld.py | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/src/firewall/server/firewalld.py b/src/firewall/server/firewalld.py index 5cf963dfbbd4..f5f902d6e712 100644 --- a/src/firewall/server/firewalld.py +++ b/src/firewall/server/firewalld.py @@ -447,10 +447,11 @@ class FirewallD(DbusServiceObject): conf = self.getZoneSettings2(name) settings = FirewallClientZoneSettings(conf) changed = False - for interface in self.fw._nm_assigned_interfaces: - log.debug1("Zone '%s': interface binding for '%s' has been added by NM, ignoring." % (name, interface)) - settings.removeInterface(interface) - changed = True + for interface in settings.getInterfaces(): + if interface in self.fw._nm_assigned_interfaces: + log.debug1("Zone '%s': interface binding for '%s' has been added by NM, ignoring." % (name, interface)) + settings.removeInterface(interface) + changed = True # For the remaining interfaces, attempt to let NM manage them for interface in settings.getInterfaces(): try: -- 2.31.1