[Engine-patches] Change in ovirt-engine[master]: packaging: engine-setup - add firewalld support

Mon, 07 Jan 2013 11:27:34 -0800 

Alon Bar-Lev has posted comments on this change.

Change subject: packaging: engine-setup - add firewalld support
......................................................................


Patch Set 6: (5 inline comments)

....................................................
File packaging/fedora/setup/common_utils.py
Line 1250: 
Line 1251:     def available(self):
Line 1252:         logging.debug("checking if %s service is available", 
self.name)
Line 1253:         out, rc = self.status()
Line 1254:         return (not (rc != 0 and ("No such file or directory" in out 
or "unrecognized service" in out)))
how about:

 systemctl show vdsmd.service | grep "^LoadState=" | grep loaded
Line 1255: 
Line 1256: def chown(target,uid, gid):
Line 1257:     logging.debug("chown %s to %s:%s" % (target, uid, gid))
Line 1258:     os.chown(target, uid, gid)


....................................................
File packaging/fedora/setup/engine_firewalld.py
Line 1: from gi.repository import GObject
Line 2: import sys
Line 3: sys.modules['gobject'] = GObject
why do you need this?
Line 4: from firewall.client import FirewallClient
Line 5: from firewall.errors import *
Line 6: 
Line 7: def getActiveZones():


....................................................
File packaging/fedora/setup/engine-setup.py
Line 888: 
Line 889:     if iptables.available():
Line 890:       logging.debug("iptables service found")
Line 891:         _configIptables()
Line 892:     elif fwd.available():
firewalld should have higher priority, no?

What about letting the user choose?
Line 893:       logging.debug("firewalld service found")
Line 894:         _configFirewalld()
Line 895:     elif controller.CONF["OVERRIDE_IPTABLES"] == "yes":
Line 896:         raise Exception(output_messages.ERR_CANT_FIND_FIREWALL)


Line 897: 
Line 898: def _configFirewalld():
Line 899:     logging.debug("configuring firewalld")
Line 900: 
Line 901:     # Load firewalld module only when needed. 
space
Line 902:     # This will fail if firewalld isn't available in the system.
Line 903:     import engine_firewalld as firewalld 
Line 904: 
Line 905:     # Always start firewalld, otherwise, we will get DBus exception


Line 899:     logging.debug("configuring firewalld")
Line 900: 
Line 901:     # Load firewalld module only when needed. 
Line 902:     # This will fail if firewalld isn't available in the system.
Line 903:     import engine_firewalld as firewalld 
space
Line 904: 
Line 905:     # Always start firewalld, otherwise, we will get DBus exception
Line 906:     service = utils.Service("firewalld")
Line 907:     service.start(True)


--
To view, visit http://gerrit.ovirt.org/10493
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: Ieea93c90ffb90e02b880949a67575495aac5a472
Gerrit-PatchSet: 6
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Ofer Schreiber <oschr...@redhat.com>
Gerrit-Reviewer: Alex Lourie <alou...@redhat.com>
Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com>
Gerrit-Reviewer: Juan Hernandez <juan.hernan...@redhat.com>
Gerrit-Reviewer: Moran Goldboim <mgold...@redhat.com>
Gerrit-Reviewer: Ofer Schreiber <oschr...@redhat.com>
Gerrit-Reviewer: Ohad Basan <oba...@redhat.com>
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to