def create_sysfacts(kernel_modules):
return SystemFacts(
sysctl_variables=[],
kernel_modules=kernel_modules,
users=[],
groups=[],
repositories=[],
selinux=create_selinux(static_mode='permissive', enabled=True),
firewalls=Firewalls(
firewalld=FirewallStatus(enabled=True, active=True),
iptables=FirewallStatus(enabled=True, active=True),
),
)
def create_sysfacts(selinux):
return SystemFacts(
sysctl_variables=[],
kernel_modules=[],
users=[],
groups=[],
repositories=[],
selinux=selinux,
firewalls=Firewalls(
firewalld=FirewallStatus(enabled=True, active=True),
iptables=FirewallStatus(enabled=True, active=True),
),
)
def test_actor_firewalldcheckallowzonedrifting(current_actor_context):
status = FirewallStatus(enabled=True, active=True)
current_actor_context.feed(
FirewallsFacts(firewalld=status, iptables=status, ip6tables=status))
current_actor_context.feed(FirewalldGlobalConfig(allowzonedrifting=True))
current_actor_context.run()
assert current_actor_context.consume(Report)
def _get_firewall_status(service_name):
try:
ret_list = run(['systemctl', 'is-active', service_name], split=True)['stdout']
active = ret_list[0] == 'active'
except CalledProcessError:
active = False
logger.debug('The %s service is likely not active' % service_name)
try:
ret_list = run(['systemctl', 'is-enabled', service_name], split=True)['stdout']
enabled = ret_list[0] == 'enabled'
except CalledProcessError:
enabled = False
logger.debug('The %s service is likely not enabled nor running' % service_name)
return FirewallStatus(
active=active,
enabled=enabled,
)