stages/firewall: fix fail when setting only the default zone

When the firewall stage is provided with stage options, which set only the default firewall zone, the `firewall-offline-cmd` command is executed unconditionally without any parameters. This is because in this case `ports`, `enabled_services` and `disabled_services` are all an empty lists. This results in a failure with the following error message: `Opening of '/etc/sysconfig/system-config-firewall' failed, exiting.` Make sure that the second invocation of `firewall-offline-cmd` happens conditionally, only when at least one of the `ports`, `enabled_services` or `disabled_services` is a non-empty list. Adjust the stage test to cover this scenario. Signed-off-by: Tomas Hozza <thozza@redhat.com>
2022-03-03 21:24:12 +01:00 · 2022-03-03 21:24:12 +01:00 · 9054da7d25
commit 9054da7d25
parent 3b40125d4a
3 changed files with 22 additions and 11 deletions
--- a/test/data/stages/firewall/b.json
+++ b/test/data/stages/firewall/b.json
@ -475,6 +475,12 @@
          ]
        }
      },
+      {
+        "name": "org.osbuild.firewall",
+        "options": {
+          "default_zone": "trusted"
+        }
+      },
      {
        "name": "org.osbuild.firewall",
        "options": {
@ -488,8 +494,7 @@
          ],
          "disabled_services": [
            "telnet"
-          ],
-          "default_zone": "trusted"
+          ]
        }
      }
    ]
--- a/test/data/stages/firewall/b.mpp.json
+++ b/test/data/stages/firewall/b.mpp.json
@ -29,6 +29,12 @@
          }
        }
      },
+      {
+        "name": "org.osbuild.firewall",
+        "options": {
+          "default_zone": "trusted"
+        }
+      },
      {
        "name": "org.osbuild.firewall",
        "options": {
@ -42,8 +48,7 @@
          ],
          "disabled_services": [
            "telnet"
-          ],
-          "default_zone": "trusted"
+          ]
        }
      }
    ]