Hello community, here is the log from the commit of package yast2-firewall for openSUSE:Factory checked in at 2018-05-06 14:58:20 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yast2-firewall (Old) and /work/SRC/openSUSE:Factory/.yast2-firewall.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "yast2-firewall" Sun May 6 14:58:20 2018 rev:67 rq:604038 version:4.0.25 Changes: -------- --- /work/SRC/openSUSE:Factory/yast2-firewall/yast2-firewall.changes 2018-04-26 13:30:58.131607201 +0200 +++ /work/SRC/openSUSE:Factory/.yast2-firewall.new/yast2-firewall.changes 2018-05-06 14:58:22.855824690 +0200 @@ -1,0 +2,7 @@ +Fri Apr 27 16:35:19 CEST 2018 - schubi@suse.de + +- AutoYaST: Report whether an interface has been defined + in more than one zone (bnc#1089855). +- 4.0.25 + +------------------------------------------------------------------- Old: ---- yast2-firewall-4.0.24.tar.bz2 New: ---- yast2-firewall-4.0.25.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-firewall.spec ++++++ --- /var/tmp/diff_new_pack.YvezO3/_old 2018-05-06 14:58:23.343806783 +0200 +++ /var/tmp/diff_new_pack.YvezO3/_new 2018-05-06 14:58:23.347806636 +0200 @@ -17,7 +17,7 @@ Name: yast2-firewall -Version: 4.0.24 +Version: 4.0.25 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build ++++++ yast2-firewall-4.0.24.tar.bz2 -> yast2-firewall-4.0.25.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.0.24/package/yast2-firewall.changes new/yast2-firewall-4.0.25/package/yast2-firewall.changes --- old/yast2-firewall-4.0.24/package/yast2-firewall.changes 2018-04-23 17:57:11.000000000 +0200 +++ new/yast2-firewall-4.0.25/package/yast2-firewall.changes 2018-05-04 15:14:30.000000000 +0200 @@ -1,4 +1,11 @@ ------------------------------------------------------------------- +Fri Apr 27 16:35:19 CEST 2018 - schubi@suse.de + +- AutoYaST: Report whether an interface has been defined + in more than one zone (bnc#1089855). +- 4.0.25 + +------------------------------------------------------------------- Sat Apr 21 07:35:42 UTC 2018 - knut.anderssen@suse.com - During installation, open services defined by (Tigervnc) instead diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.0.24/package/yast2-firewall.spec new/yast2-firewall-4.0.25/package/yast2-firewall.spec --- old/yast2-firewall-4.0.24/package/yast2-firewall.spec 2018-04-23 17:57:11.000000000 +0200 +++ new/yast2-firewall-4.0.25/package/yast2-firewall.spec 2018-05-04 15:14:30.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-firewall -Version: 4.0.24 +Version: 4.0.25 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.0.24/src/lib/y2firewall/clients/auto.rb new/yast2-firewall-4.0.25/src/lib/y2firewall/clients/auto.rb --- old/yast2-firewall-4.0.24/src/lib/y2firewall/clients/auto.rb 2018-04-23 17:57:11.000000000 +0200 +++ new/yast2-firewall-4.0.25/src/lib/y2firewall/clients/auto.rb 2018-05-04 15:14:30.000000000 +0200 @@ -34,6 +34,7 @@ include Yast::Logger Yast.import "HTML" + Yast.import "AutoInstall" class << self # @return [Boolean] whether the AutoYaST configuration has been @@ -88,6 +89,7 @@ enable if profile.fetch("enable_firewall", settings.enable_firewall) start if profile.fetch("start_firewall", false) importer.import(profile) + check_profile_for_errors imported end @@ -150,6 +152,21 @@ private + # Semantic AutoYaST profile check + # + # Problems will be stored in AutoInstall.issues_list. + def check_profile_for_errors + # Checking if an interface has been defined for different zones + zones = firewalld.export["zones"] || [] + all_interfaces = zones.flat_map { |zone| zone["interfaces"] || [] } + double_entries = all_interfaces.select { |i| all_interfaces.count(i) > 1 }.uniq + unless double_entries.empty? + AutoInstall.issues_list.add(:invalid_value, "firewall", "interfaces", + double_entries.join(","), + _("This interface has been defined for more than one zone.")) + end + end + # Depending on the profile it activates or deactivates the firewalld # service def activate_service diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.0.24/test/lib/y2firewall/clients/auto_test.rb new/yast2-firewall-4.0.25/test/lib/y2firewall/clients/auto_test.rb --- old/yast2-firewall-4.0.24/test/lib/y2firewall/clients/auto_test.rb 2018-04-23 17:57:11.000000000 +0200 +++ new/yast2-firewall-4.0.25/test/lib/y2firewall/clients/auto_test.rb 2018-05-04 15:14:30.000000000 +0200 @@ -105,8 +105,12 @@ end describe "#import" do + let(:i_list) { double("IssuesList", add: nil) } + let(:arguments) do - { "FW_MASQUERADE" => "yes", "enable_firewall" => false, "start_firewall" => false } + { "FW_MASQUERADE" => "yes", + "enable_firewall" => false, + "start_firewall" => false } end it "reads the current firewalld configuration" do @@ -118,6 +122,7 @@ context "when the current configuration was read correctly" do before do allow(firewalld).to receive(:read).and_return(true) + allow(Yast::AutoInstall).to receive(:issues_list).and_return(i_list) end it "pass its arguments to the firewalld importer" do @@ -134,6 +139,17 @@ subject.import(arguments) expect(subject.class.imported).to eq(true) end + + it "reports that an interface has been defined twice in zones" do + expect(firewalld).to receive(:export) + .and_return("zones" => [{ "interfaces" => ["eth0"], "name" => "public" }, + { "interfaces" => ["eth0", "eth0"], "name" => "trusted" }]) + expect(i_list).to receive(:add) + .with(:invalid_value, "firewall", "interfaces", + "eth0", + "This interface has been defined for more than one zone.") + subject.import(arguments) + end end context "when the current configuration was not read" do diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.0.24/test/test_helper.rb new/yast2-firewall-4.0.25/test/test_helper.rb --- old/yast2-firewall-4.0.24/test/test_helper.rb 2018-04-23 17:57:11.000000000 +0200 +++ new/yast2-firewall-4.0.25/test/test_helper.rb 2018-05-04 15:14:30.000000000 +0200 @@ -26,6 +26,15 @@ require "yast" require "yast/rspec" +# stub module to prevent its Import +# Useful for modules from different yast packages, to avoid build dependencies +def stub_module(name) + Yast.const_set name.to_sym, Class.new { def self.fake_method; end } +end + +# stub classes from other modules to speed up a build +stub_module("AutoInstall") + if ENV["COVERAGE"] require "simplecov" SimpleCov.start do