salt/switch-firewalld-state-to-use-change_interface.patch

From c48d54fe6243614aba481c887208e473f58a5057 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pablo=20Su=C3=A1rez=20Hern=C3=A1ndez?=
 <psuarezhernandez@suse.com>
Date: Mon, 20 May 2019 11:59:39 +0100
Subject: [PATCH] Switch firewalld state to use change_interface

firewalld.present state allows to bind interface to given zone.
However if the interface is already bound to some other zone, call-
ing `add_interface` will not change rebind the interface but report
error.
Option `change_interface` however can rebind the interface from one
zone to another.

This PR adds `firewalld.change_interface` call to firewalld module
and updates `firewalld.present` state to use this call.
---
 salt/modules/firewalld.py | 23 +++++++++++++++++++++++
 salt/states/firewalld.py  |  4 ++--
 2 files changed, 25 insertions(+), 2 deletions(-)

diff --git a/salt/modules/firewalld.py b/salt/modules/firewalld.py
index a6d90d38b8..c8b646024b 100644
--- a/salt/modules/firewalld.py
+++ b/salt/modules/firewalld.py
@@ -932,6 +932,29 @@ def remove_interface(zone, interface, permanent=True):
     return __firewall_cmd(cmd)
 
 
+def change_interface(zone, interface, permanent=True):
+    '''
+    Change zone the interface bound to
+
+    .. versionadded:: 2019.?.?
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' firewalld.change_interface zone eth0
+    '''
+    if interface in get_interfaces(zone, permanent):
+        log.info('Interface is already bound to zone.')
+
+    cmd = '--zone={0} --change-interface={1}'.format(zone, interface)
+
+    if permanent:
+        cmd += ' --permanent'
+
+    return __firewall_cmd(cmd)
+
+
 def get_sources(zone, permanent=True):
     '''
     List sources bound to a zone
diff --git a/salt/states/firewalld.py b/salt/states/firewalld.py
index 25cbad170a..e4338beaf2 100644
--- a/salt/states/firewalld.py
+++ b/salt/states/firewalld.py
@@ -633,8 +633,8 @@ def _present(name,
         for interface in new_interfaces:
             if not __opts__['test']:
                 try:
-                    __salt__['firewalld.add_interface'](name, interface,
-                                                        permanent=True)
+                    __salt__['firewalld.change_interface'](name, interface,
+                                                           permanent=True)
                 except CommandExecutionError as err:
                     ret['comment'] = 'Error: {0}'.format(err)
                     return ret
-- 
2.16.4
osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:333 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=166 2020-04-07 14:14:01 +02:00			`From c48d54fe6243614aba481c887208e473f58a5057 Mon Sep 17 00:00:00 2001`
osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:267 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=141 2019-05-20 14:43:15 +02:00			`From: =?UTF-8?q?Pablo=20Su=C3=A1rez=20Hern=C3=A1ndez?=`
			`<psuarezhernandez@suse.com>`
			`Date: Mon, 20 May 2019 11:59:39 +0100`
			`Subject: [PATCH] Switch firewalld state to use change_interface`

			`firewalld.present state allows to bind interface to given zone.`
			`However if the interface is already bound to some other zone, call-`
			ing `add_interface` will not change rebind the interface but report
			`error.`
			Option `change_interface` however can rebind the interface from one
			`zone to another.`

			This PR adds `firewalld.change_interface` call to firewalld module
			and updates `firewalld.present` state to use this call.
			`---`
			`salt/modules/firewalld.py \| 23 +++++++++++++++++++++++`
			`salt/states/firewalld.py \| 4 ++--`
			`2 files changed, 25 insertions(+), 2 deletions(-)`

			`diff --git a/salt/modules/firewalld.py b/salt/modules/firewalld.py`
osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:333 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=166 2020-04-07 14:14:01 +02:00			`index a6d90d38b8..c8b646024b 100644`
osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:267 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=141 2019-05-20 14:43:15 +02:00			`--- a/salt/modules/firewalld.py`
			`+++ b/salt/modules/firewalld.py`
osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:333 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=166 2020-04-07 14:14:01 +02:00			`@@ -932,6 +932,29 @@ def remove_interface(zone, interface, permanent=True):`
osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:267 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=141 2019-05-20 14:43:15 +02:00			`return __firewall_cmd(cmd)`


			`+def change_interface(zone, interface, permanent=True):`
			`+ '''`
			`+ Change zone the interface bound to`
			`+`
			`+ .. versionadded:: 2019.?.?`
			`+`
			`+ CLI Example:`
			`+`
			`+ .. code-block:: bash`
			`+`
			`+ salt '*' firewalld.change_interface zone eth0`
			`+ '''`
			`+ if interface in get_interfaces(zone, permanent):`
			`+ log.info('Interface is already bound to zone.')`
			`+`
			`+ cmd = '--zone={0} --change-interface={1}'.format(zone, interface)`
			`+`
			`+ if permanent:`
			`+ cmd += ' --permanent'`
			`+`
			`+ return __firewall_cmd(cmd)`
			`+`
			`+`
			`def get_sources(zone, permanent=True):`
			`'''`
			`List sources bound to a zone`
			`diff --git a/salt/states/firewalld.py b/salt/states/firewalld.py`
osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:333 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=166 2020-04-07 14:14:01 +02:00			`index 25cbad170a..e4338beaf2 100644`
osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:267 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=141 2019-05-20 14:43:15 +02:00			`--- a/salt/states/firewalld.py`
			`+++ b/salt/states/firewalld.py`
osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:333 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=166 2020-04-07 14:14:01 +02:00			`@@ -633,8 +633,8 @@ def _present(name,`
osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:267 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=141 2019-05-20 14:43:15 +02:00			`for interface in new_interfaces:`
			`if not __opts__['test']:`
			`try:`
			`- __salt__['firewalld.add_interface'](name, interface,`
			`- permanent=True)`
			`+ __salt__['firewalld.change_interface'](name, interface,`
			`+ permanent=True)`
			`except CommandExecutionError as err:`
			`ret['comment'] = 'Error: {0}'.format(err)`
			`return ret`
			`--`
osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:308 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=156 2019-11-28 16:41:55 +01:00			`2.16.4`
osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:267 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=141 2019-05-20 14:43:15 +02:00