Alon Bar-Lev has uploaded a new change for review. Change subject: network: firewalld: query version from python client ......................................................................
network: firewalld: query version from python client querying firewalld version is required as firewalld interfaces (both api and cli) are unstable. current implementation queries firewalld version using command-line, however, in order to query the version the firewalld service must be started. starting firewalld in order to detect firewalld is bad requirement, it has also some side effects, as once firewalld is started we actually effect the host. new implementation uses an undocumented firewalld python library to query the client version, which should be sufficient to our purposes. Change-Id: I3db43d6dc808261a1f687ea29fe23bd752ffade8 Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=988075 Signed-off-by: Alon Bar-Lev <[email protected]> --- M src/plugins/otopi/network/firewalld.py 1 file changed, 23 insertions(+), 31 deletions(-) git pull ssh://gerrit.ovirt.org:29418/otopi refs/changes/02/17302/1 diff --git a/src/plugins/otopi/network/firewalld.py b/src/plugins/otopi/network/firewalld.py index 838c024..d4f3395 100644 --- a/src/plugins/otopi/network/firewalld.py +++ b/src/plugins/otopi/network/firewalld.py @@ -56,34 +56,29 @@ ) def _get_firewalld_cmd_version(self): - if not self.services.exists('firewalld'): - return 0 + version = 0 - should_stop = False - if not self.services.status(name='firewalld'): - should_stop = True - self.services.state( - name='firewalld', - state=True, - ) - rc, stdout, stderr = self.execute( - ( - self.command.get('firewall-cmd'), - '--version', - ), - ) - if should_stop: - self.services.state( - name='firewalld', - state=False, - ) - return int( - '%02x%02x%02x' % tuple([ - int(x) - for x in stdout[0].split('.') - ]), - 16 - ) + if self.services.exists('firewalld'): + try: + from firewall import client + + self.logger.debug('firewalld version: %s', client.VERSION) + version = int( + '%02x%02x%02x' % tuple([ + int(x) + for x in client.VERSION.split('.')[:3] + ]), + 16 + ) + except ImportError: + self.logger.debug('No firewalld python module') + except: + self.logger.debug( + 'Exception during firewalld dection', + exc_info=True, + ) + + return version def _get_active_zones(self): rc, stdout, stderr = self.execute( @@ -159,10 +154,7 @@ self._firewalld_version = self._get_firewalld_cmd_version() self._enabled = self.environment[ constants.NetEnv.FIREWALLD_AVAILABLE - ] = ( - self.services.exists('firewalld') and - self._firewalld_version >= 0x000206 - ) + ] = self._firewalld_version >= 0x000206 @plugin.event( stage=plugin.Stages.STAGE_VALIDATION, -- To view, visit http://gerrit.ovirt.org/17302 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I3db43d6dc808261a1f687ea29fe23bd752ffade8 Gerrit-PatchSet: 1 Gerrit-Project: otopi Gerrit-Branch: master Gerrit-Owner: Alon Bar-Lev <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
