def setUp(self): """Set up the module.""" self.firewall_module = FirewallModule() self.firewall_interface = FirewallInterface(self.firewall_module) # Connect to the properties changed signal. self.callback = Mock() self.firewall_interface.PropertiesChanged.connect(self.callback)
def publish(self): """Publish the module.""" DBus.publish_object(FIREWALL.object_path, FirewallInterface(self))
class FirewallConfigurationTaskTestCase(unittest.TestCase): """Test the Firewall configuration DBus Task.""" def setUp(self): """Set up the module.""" self.firewall_module = FirewallModule() self.firewall_interface = FirewallInterface(self.firewall_module) # Connect to the properties changed signal. self.callback = Mock() self.firewall_interface.PropertiesChanged.connect(self.callback) @patch_dbus_publish_object def firewall_config_task_basic_test(self, publisher): """Test the Firewall configuration task - basic.""" task_path = self.firewall_interface.InstallWithTask() obj = check_task_creation(self, task_path, publisher, ConfigureFirewallTask) self.assertEqual(obj.implementation._firewall_mode, FirewallMode.DEFAULT) self.assertEqual(obj.implementation._enabled_services, []) self.assertEqual(obj.implementation._disabled_services, []) self.assertEqual(obj.implementation._enabled_ports, []) self.assertEqual(obj.implementation._trusts, []) @patch('pyanaconda.core.util.execInSysroot') def firewall_config_task_enable_missing_tool_test(self, execInSysroot): """Test the Firewall configuration task - enable & missing firewall-offline-cmd.""" with tempfile.TemporaryDirectory() as sysroot: # no firewall-offline-cmd in the sysroot os.makedirs(os.path.join(sysroot, "usr/bin")) task = ConfigureFirewallTask(sysroot=sysroot, firewall_mode=FirewallMode.ENABLED, enabled_services=[], disabled_services=[], enabled_ports=[], trusts=[]) # should raise an exception with self.assertRaises(FirewallConfigurationError): task.run() # should not call execInSysroot execInSysroot.assert_not_called() @patch('pyanaconda.core.util.execInSysroot') def firewall_config_task_disable_missing_tool_test(self, execInSysroot): """Test the Firewall configuration task - disable & missing firewall-offline-cmd""" with tempfile.TemporaryDirectory() as sysroot: # no firewall-offline-cmd in the sysroot os.makedirs(os.path.join(sysroot, "usr/bin")) task = ConfigureFirewallTask(sysroot=sysroot, firewall_mode=FirewallMode.DISABLED, enabled_services=[], disabled_services=[], enabled_ports=[], trusts=[]) # should not raise an exception task.run() # should not call execInSysroot execInSysroot.assert_not_called() @patch('pyanaconda.core.util.execInSysroot') def firewall_config_task_default_missing_tool_test(self, execInSysroot): """Test the Firewall configuration task - default & missing firewall-offline-cmd""" with tempfile.TemporaryDirectory() as sysroot: # no firewall-offline-cmd in the sysroot os.makedirs(os.path.join(sysroot, "usr/bin")) task = ConfigureFirewallTask(sysroot=sysroot, firewall_mode=FirewallMode.DEFAULT, enabled_services=[], disabled_services=[], enabled_ports=[], trusts=[]) # should not raise an exception task.run() # should not call execInSysroot execInSysroot.assert_not_called() @patch('pyanaconda.core.util.execInSysroot') def firewall_config_task_system_defaults_missing_tool_test( self, execInSysroot): """Test the Firewall configuration task - use-system-defaults & missing firewall-offline-cmd""" with tempfile.TemporaryDirectory() as sysroot: # no firewall-offline-cmd in the sysroot os.makedirs(os.path.join(sysroot, "usr/bin")) task = ConfigureFirewallTask( sysroot=sysroot, firewall_mode=FirewallMode.USE_SYSTEM_DEFAULTS, enabled_services=[], disabled_services=[], enabled_ports=[], trusts=[]) # should not raise an exception task.run() # should not call execInSysroot execInSysroot.assert_not_called() @patch('pyanaconda.core.util.execInSysroot') def firewall_config_task_default_test(self, execInSysroot): """Test the Firewall configuration task - default.""" with tempfile.TemporaryDirectory() as sysroot: os.makedirs(os.path.join(sysroot, "usr/bin")) os.mknod(os.path.join(sysroot, "usr/bin/firewall-offline-cmd")) self.assertTrue( os.path.exists( os.path.join(sysroot, "usr/bin/firewall-offline-cmd"))) task = ConfigureFirewallTask(sysroot=sysroot, firewall_mode=FirewallMode.DEFAULT, enabled_services=[], disabled_services=[], enabled_ports=[], trusts=[]) task.run() execInSysroot.assert_called_once_with( '/usr/bin/firewall-offline-cmd', ['--enabled', '--service=ssh'], root=sysroot) @patch('pyanaconda.core.util.execInSysroot') def firewall_config_task_enable_test(self, execInSysroot): """Test the Firewall configuration task - enable.""" with tempfile.TemporaryDirectory() as sysroot: os.makedirs(os.path.join(sysroot, "usr/bin")) os.mknod(os.path.join(sysroot, "usr/bin/firewall-offline-cmd")) self.assertTrue( os.path.exists( os.path.join(sysroot, "usr/bin/firewall-offline-cmd"))) task = ConfigureFirewallTask(sysroot=sysroot, firewall_mode=FirewallMode.ENABLED, enabled_services=[], disabled_services=[], enabled_ports=[], trusts=[]) task.run() execInSysroot.assert_called_once_with( '/usr/bin/firewall-offline-cmd', ['--enabled', '--service=ssh'], root=sysroot) @patch('pyanaconda.core.util.execInSysroot') def firewall_config_task_enable_with_options_test(self, execInSysroot): """Test the Firewall configuration task - enable with options.""" with tempfile.TemporaryDirectory() as sysroot: os.makedirs(os.path.join(sysroot, "usr/bin")) os.mknod(os.path.join(sysroot, "usr/bin/firewall-offline-cmd")) self.assertTrue( os.path.exists( os.path.join(sysroot, "usr/bin/firewall-offline-cmd"))) task = ConfigureFirewallTask( sysroot=sysroot, firewall_mode=FirewallMode.ENABLED, enabled_services=["smnp"], disabled_services=["tftp"], enabled_ports=["22001:tcp", "6400:udp"], trusts=["eth1"]) task.run() execInSysroot.assert_called_once_with( '/usr/bin/firewall-offline-cmd', [ '--enabled', '--service=ssh', '--trust=eth1', '--port=22001:tcp', '--port=6400:udp', '--remove-service=tftp', '--service=smnp' ], root=sysroot) @patch('pyanaconda.core.util.execInSysroot') def firewall_config_task_disable_ssh_test(self, execInSysroot): """Test the Firewall configuration task - test SSH can be disabled.""" with tempfile.TemporaryDirectory() as sysroot: os.makedirs(os.path.join(sysroot, "usr/bin")) os.mknod(os.path.join(sysroot, "usr/bin/firewall-offline-cmd")) self.assertTrue( os.path.exists( os.path.join(sysroot, "usr/bin/firewall-offline-cmd"))) task = ConfigureFirewallTask(sysroot=sysroot, firewall_mode=FirewallMode.ENABLED, enabled_services=[], disabled_services=["ssh"], enabled_ports=[], trusts=[]) task.run() execInSysroot.assert_called_once_with( '/usr/bin/firewall-offline-cmd', ['--enabled', '--remove-service=ssh'], root=sysroot) @patch('pyanaconda.core.util.execInSysroot') def firewall_config_task_enable_disable_service_test(self, execInSysroot): """Test the Firewall configuration task - test enabling & disabling the same service""" with tempfile.TemporaryDirectory() as sysroot: os.makedirs(os.path.join(sysroot, "usr/bin")) os.mknod(os.path.join(sysroot, "usr/bin/firewall-offline-cmd")) self.assertTrue( os.path.exists( os.path.join(sysroot, "usr/bin/firewall-offline-cmd"))) task = ConfigureFirewallTask(sysroot=sysroot, firewall_mode=FirewallMode.ENABLED, enabled_services=["tftp"], disabled_services=["tftp"], enabled_ports=[], trusts=[]) task.run() execInSysroot.assert_called_once_with( '/usr/bin/firewall-offline-cmd', [ '--enabled', '--service=ssh', '--remove-service=tftp', '--service=tftp' ], root=sysroot) @patch('pyanaconda.core.util.execInSysroot') def firewall_config_task_disable_test(self, execInSysroot): """Test the Firewall configuration task - disable.""" with tempfile.TemporaryDirectory() as sysroot: os.makedirs(os.path.join(sysroot, "usr/bin")) os.mknod(os.path.join(sysroot, "usr/bin/firewall-offline-cmd")) self.assertTrue( os.path.exists( os.path.join(sysroot, "usr/bin/firewall-offline-cmd"))) task = ConfigureFirewallTask(sysroot=sysroot, firewall_mode=FirewallMode.DISABLED, enabled_services=[], disabled_services=[], enabled_ports=[], trusts=[]) task.run() execInSysroot.assert_called_once_with( '/usr/bin/firewall-offline-cmd', ['--disabled', '--service=ssh'], root=sysroot) @patch('pyanaconda.core.util.execInSysroot') def firewall_config_task_disable_with_options_test(self, execInSysroot): """Test the Firewall configuration task - disable with options.""" with tempfile.TemporaryDirectory() as sysroot: os.makedirs(os.path.join(sysroot, "usr/bin")) os.mknod(os.path.join(sysroot, "usr/bin/firewall-offline-cmd")) self.assertTrue( os.path.exists( os.path.join(sysroot, "usr/bin/firewall-offline-cmd"))) task = ConfigureFirewallTask( sysroot=sysroot, firewall_mode=FirewallMode.DISABLED, enabled_services=["smnp"], disabled_services=["tftp"], enabled_ports=["22001:tcp", "6400:udp"], trusts=["eth1"]) task.run() # even in disable mode, we still forward all the options to firewall-offline-cmd execInSysroot.assert_called_once_with( '/usr/bin/firewall-offline-cmd', [ '--disabled', '--service=ssh', '--trust=eth1', '--port=22001:tcp', '--port=6400:udp', '--remove-service=tftp', '--service=smnp' ], root=sysroot) @patch('pyanaconda.core.util.execInSysroot') def firewall_config_task_use_system_defaults_test(self, execInSysroot): """Test the Firewall configuration task - use system defaults.""" with tempfile.TemporaryDirectory() as sysroot: os.makedirs(os.path.join(sysroot, "usr/bin")) os.mknod(os.path.join(sysroot, "usr/bin/firewall-offline-cmd")) self.assertTrue( os.path.exists( os.path.join(sysroot, "usr/bin/firewall-offline-cmd"))) task = ConfigureFirewallTask( sysroot=sysroot, firewall_mode=FirewallMode.USE_SYSTEM_DEFAULTS, enabled_services=[], disabled_services=[], enabled_ports=[], trusts=[]) task.run() # firewall-offline-cmd should not be called in use-system-defaults mode execInSysroot.assert_not_called()