Hello community,
here is the log from the commit of package yast2-firewall for openSUSE:Factory checked in at 2019-01-24 14:01:21
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/yast2-firewall (Old)
and /work/SRC/openSUSE:Factory/.yast2-firewall.new.28833 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yast2-firewall"
Thu Jan 24 14:01:21 2019 rev:74 rq:668113 version:4.1.10
Changes:
--------
--- /work/SRC/openSUSE:Factory/yast2-firewall/yast2-firewall.changes 2019-01-10 15:16:04.914762208 +0100
+++ /work/SRC/openSUSE:Factory/.yast2-firewall.new.28833/yast2-firewall.changes 2019-01-24 14:01:25.804187345 +0100
@@ -1,0 +2,35 @@
+Wed Jan 23 09:52:51 UTC 2019 - knut.anderssen@suse.com
+
+- Autoyast: do not overwrite imported configuration when editing
+ and fixed check for not configured summary (fate#324662)
+- 4.1.10
+
+-------------------------------------------------------------------
+Thu Jan 17 12:53:20 UTC 2019 - knut.anderssen@suse.com
+
+- Propose to reload the firewalld service after writing instead of
+ restarting it as in other case it will unload kernel modules and
+ terminate existing connections (bsc#1114673, bsc#1121277)
+- 4.1.9
+
+-------------------------------------------------------------------
+Wed Jan 16 12:02:14 UTC 2019 - jreidinger@suse.com
+
+- Autoyast: remove unused options, move export to own class,
+ add support for custom zones in autoyast profile (fate#324662)
+- 4.1.8
+
+-------------------------------------------------------------------
+Fri Jan 11 16:25:41 UTC 2019 - lslezak@suse.cz
+
+- Fixed text domain names (bsc#1121643)
+- 4.1.7
+
+-------------------------------------------------------------------
+Thu Jan 10 12:53:49 UTC 2019 - Josef Reidinger
+
+- Ensure that custom zones use unique name (fate#324662)
+- Explicitly mention that masquerade is IPv4 only (fate#324662)
+- 4.1.6
+
+-------------------------------------------------------------------
Old:
----
yast2-firewall-4.1.5.tar.bz2
New:
----
yast2-firewall-4.1.10.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ yast2-firewall.spec ++++++
--- /var/tmp/diff_new_pack.41f0mH/_old 2019-01-24 14:01:26.276186807 +0100
+++ /var/tmp/diff_new_pack.41f0mH/_new 2019-01-24 14:01:26.280186802 +0100
@@ -17,7 +17,7 @@
Name: yast2-firewall
-Version: 4.1.5
+Version: 4.1.10
Release: 0
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -28,13 +28,13 @@
BuildRequires: yast2-devtools >= 3.1.10
BuildRequires: yast2-testsuite
-# Y2Firewall::Firewalld#reset
-BuildRequires: yast2 >= 4.1.21
+# reduced relations
+BuildRequires: yast2 >= 4.1.51
BuildRequires: rubygem(%rb_default_ruby_abi:rspec)
BuildRequires: rubygem(%rb_default_ruby_abi:yast-rake)
-# Y2Firewall::Firewalld#reset
-Requires: yast2 >= 4.1.21
+# reduced relations
+Requires: yast2 >= 4.1.51
# ButtonBox widget
Conflicts: yast2-ycp-ui-bindings < 2.17.3
++++++ yast2-firewall-4.1.5.tar.bz2 -> yast2-firewall-4.1.10.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.1.5/package/yast2-firewall.changes new/yast2-firewall-4.1.10/package/yast2-firewall.changes
--- old/yast2-firewall-4.1.5/package/yast2-firewall.changes 2019-01-08 16:34:03.000000000 +0100
+++ new/yast2-firewall-4.1.10/package/yast2-firewall.changes 2019-01-23 16:16:06.000000000 +0100
@@ -1,4 +1,39 @@
-------------------------------------------------------------------
+Wed Jan 23 09:52:51 UTC 2019 - knut.anderssen@suse.com
+
+- Autoyast: do not overwrite imported configuration when editing
+ and fixed check for not configured summary (fate#324662)
+- 4.1.10
+
+-------------------------------------------------------------------
+Thu Jan 17 12:53:20 UTC 2019 - knut.anderssen@suse.com
+
+- Propose to reload the firewalld service after writing instead of
+ restarting it as in other case it will unload kernel modules and
+ terminate existing connections (bsc#1114673, bsc#1121277)
+- 4.1.9
+
+-------------------------------------------------------------------
+Wed Jan 16 12:02:14 UTC 2019 - jreidinger@suse.com
+
+- Autoyast: remove unused options, move export to own class,
+ add support for custom zones in autoyast profile (fate#324662)
+- 4.1.8
+
+-------------------------------------------------------------------
+Fri Jan 11 16:25:41 UTC 2019 - lslezak@suse.cz
+
+- Fixed text domain names (bsc#1121643)
+- 4.1.7
+
+-------------------------------------------------------------------
+Thu Jan 10 12:53:49 UTC 2019 - Josef Reidinger
+
+- Ensure that custom zones use unique name (fate#324662)
+- Explicitly mention that masquerade is IPv4 only (fate#324662)
+- 4.1.6
+
+-------------------------------------------------------------------
Tue Jan 8 13:22:25 CET 2019 - schubi@suse.de
- Restart running firewalld service if data has been changed.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.1.5/package/yast2-firewall.spec new/yast2-firewall-4.1.10/package/yast2-firewall.spec
--- old/yast2-firewall-4.1.5/package/yast2-firewall.spec 2019-01-08 16:34:03.000000000 +0100
+++ new/yast2-firewall-4.1.10/package/yast2-firewall.spec 2019-01-23 16:16:06.000000000 +0100
@@ -17,7 +17,7 @@
Name: yast2-firewall
-Version: 4.1.5
+Version: 4.1.10
Release: 0
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -28,13 +28,13 @@
BuildRequires: perl-XML-Writer update-desktop-files yast2-testsuite
BuildRequires: yast2-devtools >= 3.1.10
-# Y2Firewall::Firewalld#reset
-BuildRequires: yast2 >= 4.1.21
+# reduced relations
+BuildRequires: yast2 >= 4.1.51
BuildRequires: rubygem(%rb_default_ruby_abi:yast-rake)
BuildRequires: rubygem(%rb_default_ruby_abi:rspec)
-# Y2Firewall::Firewalld#reset
-Requires: yast2 >= 4.1.21
+# reduced relations
+Requires: yast2 >= 4.1.51
# ButtonBox widget
Conflicts: yast2-ycp-ui-bindings < 2.17.3
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.1.5/src/autoyast-rnc/firewall.rnc new/yast2-firewall-4.1.10/src/autoyast-rnc/firewall.rnc
--- old/yast2-firewall-4.1.5/src/autoyast-rnc/firewall.rnc 2019-01-08 16:34:03.000000000 +0100
+++ new/yast2-firewall-4.1.10/src/autoyast-rnc/firewall.rnc 2019-01-23 16:16:06.000000000 +0100
@@ -129,14 +129,10 @@
zone_short? &
zone_description? &
zone_target? &
- fwd_forward_ports? &
fwd_interfaces? &
fwd_ports? &
fwd_protocols? &
- fwd_rich_rules? &
fwd_services? &
- fwd_source_ports? &
- fwd_sources? &
masquerade?
}*
}
@@ -165,30 +161,6 @@
element (protocol | listentry) {text}*
}
-fwd_sources =
- element sources {
- LIST,
- element (source | listentry) {text}*
- }
-
-fwd_rich_rules =
- element rich_rules {
- LIST,
- element (rich_rule | litentry) {text}*
- }
-
-fwd_source_ports =
- element source_ports {
- LIST,
- element (souce_port | litentry) {text}*
- }
-
-fwd_forward_ports =
- element forward_ports {
- LIST,
- element (forward_port | litentry) {text}*
- }
-
zone_name = element name { text }
zone_short = element short { text }
zone_description = element description { text }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.1.5/src/lib/y2firewall/autoyast.rb new/yast2-firewall-4.1.10/src/lib/y2firewall/autoyast.rb
--- old/yast2-firewall-4.1.5/src/lib/y2firewall/autoyast.rb 1970-01-01 01:00:00.000000000 +0100
+++ new/yast2-firewall-4.1.10/src/lib/y2firewall/autoyast.rb 2019-01-23 16:16:06.000000000 +0100
@@ -0,0 +1,104 @@
+# encoding: utf-8
+
+# ------------------------------------------------------------------------------
+# Copyright (c) 2017 SUSE LLC
+#
+#
+# This program is free software; you can redistribute it and/or modify it under
+# the terms of version 2 of the GNU General Public License as published by the
+# Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with
+# this program; if not, contact SUSE.
+#
+# To contact SUSE about this file by physical or electronic mail, you may find
+# current contact information at www.suse.com.
+# ------------------------------------------------------------------------------
+
+require "yast"
+require "y2firewall/firewalld"
+require "y2firewall/importer_strategies/suse_firewall"
+require "y2firewall/importer_strategies/firewalld"
+
+module Y2Firewall
+ # This class is responsible for exporting/importing firewalld AutoYaST configuration
+ # supporting the new firewalld schema but also the SuSEFirewall one (for import).
+ class Autoyast
+ include Yast::Logger
+ # Import the given configuration
+ #
+ # @param profile [Hash] AutoYaST profile firewall's section
+ # @return [true,nil] return true if success; return nil if the given
+ # profile is empty
+ def import(profile)
+ return if profile.empty?
+
+ strategy_for(profile).new(profile).import
+
+ true
+ end
+
+ # Return a map with current firewalld settings.
+ #
+ # @return [Hash] dump firewalld settings
+ def export
+ return {} unless firewalld.installed?
+
+ {
+ "enable_firewall" => firewalld.enabled?,
+ "start_firewall" => firewalld.running?,
+ "default_zone" => firewalld.default_zone,
+ "log_denied_packets" => firewalld.log_denied_packets,
+ "zones" => firewalld.zones.map { |z| export_zone(z) }
+ }
+ end
+
+ private
+
+ def export_zone(zone)
+ (zone.attributes + zone.relations)
+ .each_with_object({}) do |field, profile|
+ profile[field.to_s] = zone.public_send(field) unless zone.public_send(field).nil?
+ end
+ end
+
+ # Return an instance of Y2Firewall::Firewalld
+ #
+ # @return [Y2Firewall::Firewalld] a firewalld instance
+ def firewalld
+ Y2Firewall::Firewalld.instance
+ end
+
+ # Given a profile defines the importer stragegy to be used.
+ #
+ # @example Given SuSEFirewall's profile format
+ #
+ # profile = { "FW_DEV_EXT" => "eth0 eth1" }
+ # importer.strategy_for(profile) #=> Y2Firewall::ImporterStrategies::SuseFirewall
+ #
+ # @example Given the new firewalld profile format
+ #
+ # profile =
+ # {
+ # "zones" => [
+ # { "name" => "public", "interfaces" => ["eth0", "eth1"] },
+ # { "name" => "external", "services" => ["dhcp", "dhcpv6", "ssh"] }
+ # ]
+ # }
+ #
+ # importer.strategy_for(profile) #=> Y2Firewall::ImporterStrategies::Firewalld
+ #
+ # @param profile [Hash] AutoYaST profile firewall's section
+ # @return [ImporterStrategies::SuseFirewall,ImporterStrategies::Firewalld]
+ # the importer strategy to be used for importing.
+ def strategy_for(profile)
+ return ImporterStrategies::SuseFirewall if profile.any? { |k, _v| k.start_with?("FW_") }
+
+ ImporterStrategies::Firewalld
+ end
+ end
+end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.1.5/src/lib/y2firewall/clients/auto.rb new/yast2-firewall-4.1.10/src/lib/y2firewall/clients/auto.rb
--- old/yast2-firewall-4.1.5/src/lib/y2firewall/clients/auto.rb 2019-01-08 16:34:03.000000000 +0100
+++ new/yast2-firewall-4.1.10/src/lib/y2firewall/clients/auto.rb 2019-01-23 16:16:06.000000000 +0100
@@ -21,7 +21,7 @@
require "yast"
require "y2firewall/firewalld"
-require "y2firewall/importer"
+require "y2firewall/autoyast"
require "y2firewall/proposal_settings"
require "y2firewall/summary_presenter"
require "y2firewall/dialogs/main"
@@ -69,7 +69,7 @@
def summary
presenter = Y2Firewall::SummaryPresenter.new(firewalld)
return presenter.not_installed if !firewalld.installed?
- return presenter.not_configured if !modified?
+ return presenter.not_configured if !firewalld.read? && !firewalld.modified?
presenter.create
end
@@ -85,7 +85,7 @@
# Obtains the default from the control file (settings) if not present.
enable if profile.fetch("enable_firewall", settings.enable_firewall)
start if profile.fetch("start_firewall", false)
- importer.import(profile)
+ autoyast.import(profile)
check_profile_for_errors
imported
end
@@ -94,7 +94,7 @@
#
# @return [Hash] with the current firewalld configuration
def export
- firewalld.export
+ autoyast.export
end
# Reset the current firewalld configuration.
@@ -107,7 +107,8 @@
end
def change
- self.class.imported = false
+ read_keeping_configuration
+
result = Dialogs::Main.new.run
case result
when :next, :finish, :ok, :accept
@@ -162,9 +163,22 @@
private
+ # Read the minimal configuration from firewalld, w/o dropping available configuration
+ #
+ # Useful to preserve the already imported, but not written yet, configuration (if any)
+ def read_keeping_configuration
+ return unless firewalld.installed?
+ return if firewalld.read?
+
+ self.class.profile = export
+ firewalld.reset
+ firewalld.read(minimal: true)
+ import(self.class.profile, false)
+ end
+
def import_if_needed
if ay_config?
- self.class.profile = firewalld.export
+ self.class.profile = export
self.class.imported = false
end
@@ -180,7 +194,7 @@
# Problems will be stored in AutoInstall.issues_list.
def check_profile_for_errors
# Checking if an interface has been defined for different zones
- zones = firewalld.export["zones"] || []
+ zones = export["zones"] || []
all_interfaces = zones.flat_map { |zone| zone["interfaces"] || [] }
double_entries = all_interfaces.select { |i| all_interfaces.count(i) > 1 }.uniq
unless double_entries.empty?
@@ -197,11 +211,11 @@
start? ? firewalld.start : firewalld.stop
end
- # Return a firewall importer
+ # Return a firewall autoyast object
#
- # @return [Y2Firewall::Importer]
- def importer
- @importer ||= Importer.new
+ # @return [Y2Firewall::Autoyast]
+ def autoyast
+ @autoyast ||= Autoyast.new
end
# Return a firewalld singleton instance
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.1.5/src/lib/y2firewall/clients/proposal.rb new/yast2-firewall-4.1.10/src/lib/y2firewall/clients/proposal.rb
--- old/yast2-firewall-4.1.5/src/lib/y2firewall/clients/proposal.rb 2019-01-08 16:34:03.000000000 +0100
+++ new/yast2-firewall-4.1.10/src/lib/y2firewall/clients/proposal.rb 2019-01-23 16:16:06.000000000 +0100
@@ -54,7 +54,7 @@
def initialize
Yast.import "UI"
Yast.import "HTML"
- textdomain "installation"
+ textdomain "firewall"
@settings ||= ProposalSettings.instance
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.1.5/src/lib/y2firewall/dialogs/main.rb new/yast2-firewall-4.1.10/src/lib/y2firewall/dialogs/main.rb
--- old/yast2-firewall-4.1.5/src/lib/y2firewall/dialogs/main.rb 2019-01-08 16:34:03.000000000 +0100
+++ new/yast2-firewall-4.1.10/src/lib/y2firewall/dialogs/main.rb 2019-01-23 16:16:06.000000000 +0100
@@ -36,12 +36,14 @@
Yast.import "NetworkInterfaces"
textdomain "firewall"
- if Yast::Mode.config
- fw.read(minimal: true) unless fw.read?
- else
+ unless Yast::Mode.config
Yast::NetworkInterfaces.Read
fw.read unless fw.read?
end
+ # For applying the changes to the running configuration a reload or
+ # restart need to be applied.
+ # Proposed a service reload by default (bsc#1114673, bsc#1121277)
+ fw.system_service.reload if fw.system_service && fw.system_service.running?
end
def should_open_dialog?
@@ -69,7 +71,6 @@
loop do
result = super
- swap_api if result == :swap_mode
break unless continue_running?(result)
end
@@ -110,7 +111,7 @@
#
# @return [Boolean] true in case of a dialog redraw or an api change
def continue_running?(result)
- result == :redraw || result == :swap_mode
+ result == :redraw
end
# Convenience method which return an instance of Y2Firewall::Firewalld
@@ -120,27 +121,10 @@
Y2Firewall::Firewalld.instance
end
- # Modify the firewalld API instance in case the systemd service state has
- # changed.
- def swap_api
- fw.api = Y2Firewall::Firewalld::Api.new
- end
-
# Writes down the firewall configuration and the systemd service
# modifications
def apply_changes
return false if Yast::Mode.config
- # Firewall settings will be written into the permanent configurations only.
- # So the running firewalld service will not be changed. Even a reload does
- # not help (see man pages). So the running firewalld service has to be
- # restarted.
- # Set a flag only. Restarting will be done by system_service.save.
- if fw.modified? && # Data has been changed by user
- fw.system_service.running? && # The service is already running
- fw.system_service.action != :stop # and will not be stopped by the user
- fw.system_service.restart
- end
-
fw.write_only
fw.system_service.save
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.1.5/src/lib/y2firewall/dialogs/zone.rb new/yast2-firewall-4.1.10/src/lib/y2firewall/dialogs/zone.rb
--- old/yast2-firewall-4.1.5/src/lib/y2firewall/dialogs/zone.rb 2019-01-08 16:34:03.000000000 +0100
+++ new/yast2-firewall-4.1.10/src/lib/y2firewall/dialogs/zone.rb 2019-01-23 16:16:06.000000000 +0100
@@ -29,10 +29,13 @@
# @param zone [Y2Firewall::Firewalld::Zone] holder for configuration or
# existing zone
# @param new_zone [Boolean] if it creates new zone or edit existing
- def initialize(zone, new_zone = false)
+ # @param existing_names [Array<String>] names have to be unique, so pass existing ones
+ # which cannot be used.
+ def initialize(zone, new_zone: false, existing_names: [])
textdomain "firewall"
@zone = zone
@new_zone = new_zone
+ @existing_names = existing_names
end
def title
@@ -43,7 +46,7 @@
MinWidth(70,
VBox(
# do not allow to change name for already created zone
- Left(NameWidget.new(@zone, disabled: !@new_zone)),
+ Left(NameWidget.new(@zone, disabled: !@new_zone, existing_names: @existing_names)),
VSpacing(1),
Left(ShortWidget.new(@zone)),
VSpacing(1),
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.1.5/src/lib/y2firewall/importer.rb new/yast2-firewall-4.1.10/src/lib/y2firewall/importer.rb
--- old/yast2-firewall-4.1.5/src/lib/y2firewall/importer.rb 2019-01-08 16:34:03.000000000 +0100
+++ new/yast2-firewall-4.1.10/src/lib/y2firewall/importer.rb 1970-01-01 01:00:00.000000000 +0100
@@ -1,82 +0,0 @@
-# encoding: utf-8
-
-# ------------------------------------------------------------------------------
-# Copyright (c) 2017 SUSE LLC
-#
-#
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of version 2 of the GNU General Public License as published by the
-# Free Software Foundation.
-#
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, contact SUSE.
-#
-# To contact SUSE about this file by physical or electronic mail, you may find
-# current contact information at www.suse.com.
-# ------------------------------------------------------------------------------
-
-require "yast"
-require "y2firewall/firewalld"
-require "y2firewall/importer_strategies/suse_firewall"
-require "y2firewall/importer_strategies/firewalld"
-
-module Y2Firewall
- # This class is responsible for importing firewalld AutoYaST configuration
- # supporting the new firewalld schema but also the SuSEFirewall one.
- class Importer
- include Yast::Logger
- # Import the given configuration
- #
- # @param profile [Hash] AutoYaST profile firewall's section
- # @return [true,nil] return true if success; return nil if the given
- # profile is empty
- def import(profile)
- return if profile.empty?
-
- strategy_for(profile).new(profile).import
-
- true
- end
-
- # Given a profile defines the importer stragegy to be used.
- #
- # @example Given SuSEFirewall's profile format
- #
- # profile = { "FW_DEV_EXT" => "eth0 eth1" }
- # importer.strategy_for(profile) #=> Y2Firewall::ImporterStrategies::SuseFirewall
- #
- # @example Given the new firewalld profile format
- #
- # profile =
- # {
- # "zones" => [
- # { "name" => "public", "interfaces" => ["eth0", "eth1"] },
- # { "name" => "external", "services" => ["dhcp", "dhcpv6", "ssh"] }
- # ]
- # }
- #
- # importer.strategy_for(profile) #=> Y2Firewall::ImporterStrategies::Firewalld
- #
- # @param profile [Hash] AutoYaST profile firewall's section
- # @return [ImporterStrategies::SuseFirewall,ImporterStrategies::Firewalld]
- # the importer strategy to be used for importing.
- def strategy_for(profile)
- return ImporterStrategies::SuseFirewall if profile.any? { |k, _v| k.start_with?("FW_") }
-
- ImporterStrategies::Firewalld
- end
-
- private
-
- # Return an instance of Y2Firewall::Firewalld
- #
- # @return [Y2Firewall::Firewalld] a firewalld instance
- def firewalld
- Y2Firewall::Firewalld.instance
- end
- end
-end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.1.5/src/lib/y2firewall/importer_strategies/firewalld.rb new/yast2-firewall-4.1.10/src/lib/y2firewall/importer_strategies/firewalld.rb
--- old/yast2-firewall-4.1.5/src/lib/y2firewall/importer_strategies/firewalld.rb 2019-01-08 16:34:03.000000000 +0100
+++ new/yast2-firewall-4.1.10/src/lib/y2firewall/importer_strategies/firewalld.rb 2019-01-23 16:16:06.000000000 +0100
@@ -60,20 +60,30 @@
private
- ZONE_ATTRIBUTES = ["services", "interfaces", "protocols", "ports", "masquerade"].freeze
+ IGNORED_ATTRIBUTES = ["name", "short", "description"].freeze
# Configures Y2Firewall::Firewalld::Zone that correspond with the
# profile's firewall zone definition
#
# @param zone_definition [Hash] AutoYaST profile firewall's section
- # @return [Boolean] true if the zone exist; nil otherwise
def process_zone(zone_definition)
- zone = firewalld.find_zone(zone_definition["name"])
- return unless zone
- ZONE_ATTRIBUTES.each do |attr|
- zone.public_send("#{attr}=", zone_definition[attr]) if zone_definition[attr]
+ name = zone_definition["name"]
+ zone = firewalld.find_zone(name)
+ zone = create_zone(zone_definition) if !zone
+ (zone.attributes + zone.relations).each do |key|
+ next if IGNORED_ATTRIBUTES.include?(key.to_s)
+ zone.public_send("#{key}=", zone_definition[key.to_s]) if zone_definition[key.to_s]
end
- true
+ end
+
+ def create_zone(definition)
+ name = definition["name"]
+ zone = Y2Firewall::Firewalld::Zone.new(name: name)
+ zone.short = definition["short"] || name
+ zone.description = definition["description"] || name
+ firewalld.zones << zone
+
+ zone
end
# Convenience method which return an instance of Y2Firewall::Firewalld
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.1.5/src/lib/y2firewall/widgets/pages/zones.rb new/yast2-firewall-4.1.10/src/lib/y2firewall/widgets/pages/zones.rb
--- old/yast2-firewall-4.1.5/src/lib/y2firewall/widgets/pages/zones.rb 2019-01-08 16:34:03.000000000 +0100
+++ new/yast2-firewall-4.1.10/src/lib/y2firewall/widgets/pages/zones.rb 2019-01-23 16:16:06.000000000 +0100
@@ -76,7 +76,8 @@
def handle
zone = Y2Firewall::Firewalld::Zone.new(name: "draft")
- result = Dialogs::Zone.run(zone, true)
+ result = Dialogs::Zone.run(zone, new_zone: true,
+ existing_names: firewall.zones.map(&:name))
if result == :ok
zone.relations.map { |r| zone.send("#{r}=", []) }
firewall.zones << zone
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.1.5/src/lib/y2firewall/widgets/zone.rb new/yast2-firewall-4.1.10/src/lib/y2firewall/widgets/zone.rb
--- old/yast2-firewall-4.1.5/src/lib/y2firewall/widgets/zone.rb 2019-01-08 16:34:03.000000000 +0100
+++ new/yast2-firewall-4.1.10/src/lib/y2firewall/widgets/zone.rb 2019-01-23 16:16:06.000000000 +0100
@@ -28,14 +28,15 @@
class NameWidget < CWM::InputField
include Yast::I18n
- def initialize(zone, disabled: false)
- textdomain "textdomain"
+ def initialize(zone, disabled: false, existing_names: [])
+ textdomain "firewall"
@zone = zone
@disabled = disabled
+ @existing_names = existing_names
end
def init
- self.value = @zone.name
+ self.value = @zone.name || ""
@disabled ? disable : enable
end
@@ -44,21 +45,22 @@
end
def validate
- return true if value.to_s.match?(/^\w+$/)
-
- Yast::Report.Error(_("Please, provide a valid alphanumeric name for the zone"))
- focus
- false
+ if !value.to_s.match?(/^\w+$/)
+ Yast::Report.Error(_("Please, provide a valid alphanumeric name for the zone"))
+ focus
+ false
+ elsif @existing_names.include?(value.to_s)
+ Yast::Report.Error(_("Name is already used. Please choose different name."))
+ focus
+ false
+ else
+ true
+ end
end
def store
@zone.name = value
end
-
- # Sets the focus into this widget
- def focus
- Yast::UI.SetFocus(Id(widget_id))
- end
end
# short name of zone.
@@ -71,7 +73,7 @@
end
def init
- self.value = @zone.short
+ self.value = @zone.short || ""
end
def label
@@ -89,12 +91,6 @@
def store
@zone.short = value
end
-
- # Sets the focus into this widget
- # TODO: move to CWM itself
- def focus
- Yast::UI.SetFocus(Id(widget_id))
- end
end
# textual description of widget
@@ -108,7 +104,7 @@
end
def init
- self.value = @zone.description
+ self.value = @zone.description || ""
end
def label
@@ -126,12 +122,6 @@
def store
@zone.description = value
end
-
- # Sets the focus into this widget
- # TODO: move to CWM itself
- def focus
- Yast::UI.SetFocus(Id(widget_id))
- end
end
# target of zone
@@ -167,7 +157,7 @@
end
def label
- _("Masquerade")
+ _("IPv4 Masquerade")
end
def init
@@ -177,6 +167,17 @@
def store
@zone.masquerade = value
end
+
+ def help
+ format(_(
+ "<b>%s</b> sets masquerade for given zone. Option is for IPv4 only." \
+ "For IPv6 command line tool firewall-cmd and rich rules needs to be used." \
+ "IP Masquerade, also called IPMASQ or MASQ, allows one or more computers in " \
+ "a network without assigned IP addresses to communicate using server’s" \
+ "assigned IP address."
+ ),
+ label)
+ end
end
end
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.1.5/test/lib/y2firewall/autoyast_test.rb new/yast2-firewall-4.1.10/test/lib/y2firewall/autoyast_test.rb
--- old/yast2-firewall-4.1.5/test/lib/y2firewall/autoyast_test.rb 1970-01-01 01:00:00.000000000 +0100
+++ new/yast2-firewall-4.1.10/test/lib/y2firewall/autoyast_test.rb 2019-01-23 16:16:06.000000000 +0100
@@ -0,0 +1,133 @@
+#!/usr/bin/env rspec
+
+# ------------------------------------------------------------------------------
+# Copyright (c) 2017 SUSE LLC
+#
+#
+# This program is free software; you can redistribute it and/or modify it under
+# the terms of version 2 of the GNU General Public License as published by the
+# Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with
+# this program; if not, contact SUSE.
+#
+# To contact SUSE about this file by physical or electronic mail, you may find
+# current contact information at www.suse.com.
+# ------------------------------------------------------------------------------
+
+require_relative "../../test_helper.rb"
+require "y2firewall/autoyast"
+
+describe Y2Firewall::Autoyast do
+ let(:profile) { { "FW_DEV_EXT" => "eth0" } }
+
+ describe "#import" do
+ context "when the given profile uses a SuSEFirewall2 schema" do
+ it "imports the given profile using the SuSEFirewall strategy" do
+ expect(subject).to receive(:strategy_for).with(profile).and_call_original
+ expect_any_instance_of(Y2Firewall::ImporterStrategies::SuseFirewall).to receive(:import)
+
+ subject.import(profile)
+ end
+ end
+
+ context "when the given profile does not use a SuSEFirewall2 schema" do
+ let(:profile) { { "zones" => [{ "name" => "public", "interfaces" => "eth0" }] } }
+
+ it "imports the given profile using the Firewalld strategy" do
+ expect(subject).to receive(:strategy_for).with(profile).and_call_original
+ expect_any_instance_of(Y2Firewall::ImporterStrategies::Firewalld).to receive(:import)
+
+ subject.import(profile)
+ end
+ end
+
+ end
+
+ describe "#export" do
+ let(:zones_definition) do
+ ["dmz",
+ " target: default",
+ " interfaces: ",
+ " ports: ",
+ " protocols:",
+ " sources:",
+ "",
+ "external (active)",
+ " target: default",
+ " interfaces: eth0",
+ " services: ssh samba",
+ " ports: 5901/tcp 5901/udp",
+ " protocols: esp",
+ " sources:"]
+ end
+
+ let(:known_zones) { %w(dmz drop external home internal public trusted work) }
+ let(:known_services) { %w(http https samba ssh) }
+
+ let(:api) do
+ instance_double(Y2Firewall::Firewalld::Api,
+ log_denied_packets: "all",
+ default_zone: "work",
+ list_all_zones: zones_definition,
+ zones: known_zones,
+ services: known_services)
+ end
+
+ let(:firewalld) { Y2Firewall::Firewalld.instance }
+
+ before do
+ firewalld.reset
+ allow(firewalld).to receive("api").and_return api
+ allow(firewalld).to receive("running?").and_return true
+ allow(firewalld).to receive("enabled?").and_return false
+ allow(firewalld).to receive("installed?").and_return true
+ firewalld.read
+ end
+
+ it "returns a hash with the current firewalld config" do
+ config = subject.export
+
+ expect(config).to be_a(Hash)
+ expect(config["enable_firewall"]).to eq(false)
+ expect(config["start_firewall"]).to eq(true)
+ expect(config["log_denied_packets"]).to eq("all")
+ expect(config["default_zone"]).to eq("work")
+
+ external = config["zones"].find { |z| z["name"] == "external" }
+
+ expect(external["interfaces"]).to eq(["eth0"])
+ expect(external["ports"]).to eq(["5901/tcp", "5901/udp"])
+ expect(external["protocols"]).to eq(["esp"])
+ end
+
+ it "returned hash is valid for later import" do
+ config = subject.export
+ expect { subject.import(config) }.to_not raise_error
+ end
+ end
+
+ describe "#strategy_for" do
+ context "when the given profile uses a SuSEFirewall2 schema" do
+ it "returns Y2Firewall::ImporterStrategies::SuSEFirewall" do
+ expect(subject.send(:strategy_for, profile)).to(
+ eq(Y2Firewall::ImporterStrategies::SuseFirewall)
+ )
+ end
+ end
+
+ context "when the given profile does not use a SuSEFirewall2 schema" do
+ let(:profile) { { "zones" => [{ "name" => "public", "interfaces" => "eth0" }] } }
+
+ it "returns Y2Firewall::ImporterStrategies::Firewalld" do
+ expect(subject.send(:strategy_for, profile)).to(
+ eq(Y2Firewall::ImporterStrategies::Firewalld)
+ )
+ end
+ end
+ end
+end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.1.5/test/lib/y2firewall/clients/auto_test.rb new/yast2-firewall-4.1.10/test/lib/y2firewall/clients/auto_test.rb
--- old/yast2-firewall-4.1.5/test/lib/y2firewall/clients/auto_test.rb 2019-01-08 16:34:03.000000000 +0100
+++ new/yast2-firewall-4.1.10/test/lib/y2firewall/clients/auto_test.rb 2019-01-23 16:16:06.000000000 +0100
@@ -20,27 +20,26 @@
# ------------------------------------------------------------------------------
require_relative "../../../test_helper"
+require "y2firewall/dialogs/main"
require "y2firewall/clients/auto"
describe Y2Firewall::Clients::Auto do
let(:firewalld) { Y2Firewall::Firewalld.instance }
- let(:importer) { double("Y2Firewall::Importer", import: true) }
+ let(:installed) { true }
+ let(:autoyast) { double("Y2Firewall::Autoyast", import: true, export: {}) }
before do
- allow_any_instance_of(Y2Firewall::Firewalld::Api).to receive(:running?).and_return(false)
subject.class.imported = false
+
allow(firewalld).to receive(:read)
- allow(firewalld).to receive(:installed?).and_return(true)
- allow(subject).to receive(:importer).and_return(importer)
+ allow(firewalld).to receive(:installed?).and_return(installed)
+ allow(subject).to receive(:autoyast).and_return(autoyast)
+ allow_any_instance_of(Y2Firewall::Firewalld::Api).to receive(:running?).and_return(false)
end
describe "#summary" do
let(:installed) { false }
- before do
- allow(firewalld).to receive(:installed?).and_return(installed)
- end
-
context "when firewalld is not installed" do
it "reports when firewalld is not available" do
expect(subject.summary).to match(/not available/)
@@ -173,7 +172,7 @@
context "once the current configuration has been set" do
it "imports the given profile" do
- expect(importer).to receive(:import).with(arguments)
+ expect(autoyast).to receive(:import).with(arguments)
subject.import(arguments, false)
end
@@ -188,7 +187,7 @@
end
it "reports that an interface has been defined twice in zones" do
- expect(firewalld).to receive(:export)
+ expect(autoyast).to receive(:export)
.and_return("zones" => [{ "interfaces" => ["eth0"], "name" => "public" },
{ "interfaces" => ["eth0", "eth0"], "name" => "trusted" }])
expect(i_list).to receive(:add)
@@ -202,7 +201,7 @@
describe "#export" do
before do
- allow(firewalld).to receive(:export)
+ allow(autoyast).to receive(:export)
.and_return("zones" => {}, "default_zone" => "public", "log_denied_packets" => "unicast")
end
@@ -229,6 +228,90 @@
end
end
+ describe "#change" do
+ let(:result) { :ok }
+ let(:already_read) { false }
+ let(:main_dialog) { instance_double("Dialog::Main", run: result) }
+
+ before do
+ allow(Y2Firewall::Dialogs::Main).to receive(:new).and_return(main_dialog)
+ allow(firewalld).to receive(:read?).and_return(already_read)
+ end
+
+ context "when the configuration is accepted" do
+ [:next, :finish, :ok, :accept].each do |dialog_result|
+ let(:result) { dialog_result }
+
+ it "sets autoyast config" do
+ expect(subject.class).to receive(:ay_config=).with(true)
+
+ subject.change
+ end
+ end
+ end
+
+ context "when the configuration is aborted" do
+ [:back, :abort, :cancel].each do |dialog_result|
+ let(:result) { dialog_result }
+
+ it "does not set autoyast config" do
+ expect(subject.class).to_not receive(:ay_config=)
+
+ subject.change
+ end
+ end
+ end
+
+ context "when firewalld is not installed yet" do
+ let(:installed) { false }
+
+ it "does not read its configuration" do
+ expect(firewalld).to_not receive(:read)
+
+ subject.change
+ end
+ end
+
+ context "when firewalld is installed" do
+ context "and its configuration was already read" do
+ let(:already_read) { true }
+
+ it "does not read it again" do
+ expect(firewalld).to_not receive(:read)
+
+ subject.change
+ end
+ end
+
+ context "but its configuration has not been read" do
+ let(:example_zone) do
+ { "name" => "example", "services" => ["http", "https", "ssh"] }
+ end
+
+ let(:imported_zones) do
+ { "zones" => [example_zone] }
+ end
+
+ before do
+ allow(subject).to receive(:autoyast).and_call_original
+ subject.import(imported_zones, false)
+ end
+
+ it "reads the minimal configuration" do
+ expect(firewalld).to receive(:read).with(minimal: true)
+
+ subject.change
+ end
+
+ it "keeps the configuration previously imported" do
+ subject.change
+
+ expect(subject.export["zones"]).to include(hash_including(example_zone))
+ end
+ end
+ end
+ end
+
describe "#write" do
let(:arguments) do
{ "FW_MASQUERADE" => "yes", "enable_firewall" => false, "start_firewall" => false }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.1.5/test/lib/y2firewall/dialogs/main_test.rb new/yast2-firewall-4.1.10/test/lib/y2firewall/dialogs/main_test.rb
--- old/yast2-firewall-4.1.5/test/lib/y2firewall/dialogs/main_test.rb 2019-01-08 16:34:03.000000000 +0100
+++ new/yast2-firewall-4.1.10/test/lib/y2firewall/dialogs/main_test.rb 2019-01-23 16:16:06.000000000 +0100
@@ -28,6 +28,7 @@
let(:firewall) { Y2Firewall::Firewalld.instance }
before do
+ firewall.reset
allow(firewall).to receive(:read)
allow_any_instance_of(Y2Firewall::Widgets::OverviewTreePager)
.to receive(:items).and_return([])
@@ -60,7 +61,8 @@
save: true,
running?: true,
restart: nil,
- action: action)
+ action: action,
+ reload: nil)
end
before do
@@ -69,6 +71,12 @@
allow(firewall).to receive(:modified?).and_return(true)
end
+ it "proposes to reload the service by default if it is running" do
+ expect(firewall_service).to receive(:reload)
+
+ subject.run
+ end
+
context "when the user accepts the changes" do
it "writes the firewall configuration" do
expect(firewall).to receive(:write_only)
@@ -82,16 +90,6 @@
subject.run
end
- context "user has not changed the service running state" do
- let(:action) { nil }
-
- it "restart the running firewalld systemd service" do
- expect(firewall.system_service).to receive(:restart)
-
- subject.run
- end
- end
-
context "service has been stopped by the user" do
let(:action) { :stop }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.1.5/test/lib/y2firewall/dialogs/zone_test.rb new/yast2-firewall-4.1.10/test/lib/y2firewall/dialogs/zone_test.rb
--- old/yast2-firewall-4.1.5/test/lib/y2firewall/dialogs/zone_test.rb 2019-01-08 16:34:03.000000000 +0100
+++ new/yast2-firewall-4.1.10/test/lib/y2firewall/dialogs/zone_test.rb 2019-01-23 16:16:06.000000000 +0100
@@ -30,5 +30,5 @@
include_examples "CWM::Dialog"
let(:zone) { Y2Firewall::Firewalld::Zone.new(name: "test") }
- subject { described_class.new(zone, false) }
+ subject { described_class.new(zone) }
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.1.5/test/lib/y2firewall/importer_strategies/firewalld_test.rb new/yast2-firewall-4.1.10/test/lib/y2firewall/importer_strategies/firewalld_test.rb
--- old/yast2-firewall-4.1.5/test/lib/y2firewall/importer_strategies/firewalld_test.rb 2019-01-08 16:34:03.000000000 +0100
+++ new/yast2-firewall-4.1.10/test/lib/y2firewall/importer_strategies/firewalld_test.rb 2019-01-23 16:16:06.000000000 +0100
@@ -41,7 +41,10 @@
"zones" => [
{ "name" => "dmz", "interfaces" => ["eth0.12"], "services" => ["samba"] },
{ "name" => "external", "interfaces" => ["eth0"], "services" => ["dhcp"] },
- { "name" => "internal", "interfaces" => ["eth1"], "protocols" => ["icmp"] }
+ { "name" => "internal", "interfaces" => ["eth1"], "protocols" => ["icmp"] },
+ { "name" => "newzone", "short" => "new zone",
+ "description" => "nice new zone with fance protection",
+ "interfaces" => ["eth666"], "protocols" => ["icmp"], "target" => "ACCEPT" }
]
}
end
@@ -61,6 +64,7 @@
dmz = firewalld.find_zone("dmz")
external = firewalld.find_zone("external")
internal = firewalld.find_zone("internal")
+ new_zone = firewalld.find_zone("newzone")
expect(dmz.interfaces).to eq(["eth0.12"])
expect(external.interfaces).to eq(["eth0"])
@@ -68,6 +72,7 @@
expect(external.services).to eq(["dhcp"])
expect(internal.protocols).to eq(["icmp"])
expect(firewalld.default_zone).to eq("dmz")
+ expect(new_zone.target).to eq "ACCEPT"
end
end
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.1.5/test/lib/y2firewall/importer_test.rb new/yast2-firewall-4.1.10/test/lib/y2firewall/importer_test.rb
--- old/yast2-firewall-4.1.5/test/lib/y2firewall/importer_test.rb 2019-01-08 16:34:03.000000000 +0100
+++ new/yast2-firewall-4.1.10/test/lib/y2firewall/importer_test.rb 1970-01-01 01:00:00.000000000 +0100
@@ -1,66 +0,0 @@
-#!/usr/bin/env rspec
-
-# ------------------------------------------------------------------------------
-# Copyright (c) 2017 SUSE LLC
-#
-#
-# This program is free software; you can redistribute it and/or modify it under
-# the terms of version 2 of the GNU General Public License as published by the
-# Free Software Foundation.
-#
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License along with
-# this program; if not, contact SUSE.
-#
-# To contact SUSE about this file by physical or electronic mail, you may find
-# current contact information at www.suse.com.
-# ------------------------------------------------------------------------------
-
-require_relative "../../test_helper.rb"
-require "y2firewall/importer"
-
-describe Y2Firewall::Importer do
- let(:profile) { { "FW_DEV_EXT" => "eth0" } }
-
- describe "#import" do
- context "when the given profile uses a SuSEFirewall2 schema" do
- it "imports the given profile using the SuSEFirewall strategy" do
- expect(subject).to receive(:strategy_for).with(profile).and_call_original
- expect_any_instance_of(Y2Firewall::ImporterStrategies::SuseFirewall).to receive(:import)
-
- subject.import(profile)
- end
- end
-
- context "when the given profile does not use a SuSEFirewall2 schema" do
- let(:profile) { { "zones" => [{ "name" => "public", "interfaces" => "eth0" }] } }
-
- it "imports the given profile using the Firewalld strategy" do
- expect(subject).to receive(:strategy_for).with(profile).and_call_original
- expect_any_instance_of(Y2Firewall::ImporterStrategies::Firewalld).to receive(:import)
-
- subject.import(profile)
- end
- end
-
- end
-
- describe "#strategy_for" do
- context "when the given profile uses a SuSEFirewall2 schema" do
- it "returns Y2Firewall::ImporterStrategies::SuSEFirewall" do
- expect(subject.strategy_for(profile)).to eq(Y2Firewall::ImporterStrategies::SuseFirewall)
- end
- end
-
- context "when the given profile does not use a SuSEFirewall2 schema" do
- let(:profile) { { "zones" => [{ "name" => "public", "interfaces" => "eth0" }] } }
-
- it "returns Y2Firewall::ImporterStrategies::Firewalld" do
- expect(subject.strategy_for(profile)).to eq(Y2Firewall::ImporterStrategies::Firewalld)
- end
- end
- end
-end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.1.5/test/lib/y2firewall/widgets/zone_test.rb new/yast2-firewall-4.1.10/test/lib/y2firewall/widgets/zone_test.rb
--- old/yast2-firewall-4.1.5/test/lib/y2firewall/widgets/zone_test.rb 1970-01-01 01:00:00.000000000 +0100
+++ new/yast2-firewall-4.1.10/test/lib/y2firewall/widgets/zone_test.rb 2019-01-23 16:16:06.000000000 +0100
@@ -0,0 +1,56 @@
+#!/usr/bin/env rspec
+# encoding: utf-8
+
+# Copyright (c) [2018] SUSE LLC
+#
+# All Rights Reserved.
+#
+# This program is free software; you can redistribute it and/or modify it
+# under the terms of version 2 of the GNU General Public License as published
+# by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+# more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, contact SUSE LLC.
+#
+# To contact SUSE LLC about this file by physical or electronic mail, you may
+# find current contact information at www.suse.com.
+
+require_relative "../../../test_helper"
+
+require "cwm/rspec"
+require "y2firewall/widgets/zone"
+
+describe Y2Firewall::Dialogs::NameWidget do
+ subject { described_class.new(double(name: "test")) }
+
+ include_examples "CWM::AbstractWidget"
+end
+
+describe Y2Firewall::Dialogs::ShortWidget do
+ subject { described_class.new(double(short: "test")) }
+
+ include_examples "CWM::AbstractWidget"
+end
+
+describe Y2Firewall::Dialogs::DescriptionWidget do
+ subject { described_class.new(double(description: "test")) }
+
+ include_examples "CWM::AbstractWidget"
+end
+
+describe Y2Firewall::Dialogs::TargetWidget do
+ subject { described_class.new(double(target: "default")) }
+
+ include_examples "CWM::ComboBox"
+end
+
+describe Y2Firewall::Dialogs::MasqueradeWidget do
+ subject { described_class.new(double(masquerade: false)) }
+
+ include_examples "CWM::CheckBox"
+end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-firewall-4.1.5/test/test_helper.rb new/yast2-firewall-4.1.10/test/test_helper.rb
--- old/yast2-firewall-4.1.5/test/test_helper.rb 2019-01-08 16:34:03.000000000 +0100
+++ new/yast2-firewall-4.1.10/test/test_helper.rb 2019-01-23 16:16:06.000000000 +0100
@@ -42,6 +42,7 @@
# some tests have translatable messages
ENV["LANG"] = "en_US.UTF-8"
+ENV["LC_ALL"] = "en_US.UTF-8"
if ENV["COVERAGE"]
require "simplecov"