From 021d4c9564f789167274a722eac5b165bf1043cafccfe1fa89ffb73c632afd23 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pablo=20Su=C3=A1rez=20Hern=C3=A1ndez?=
 <pablo.suarezhernandez@suse.com>
Date: Mon, 20 May 2019 12:43:15 +0000
Subject: [PATCH] osc copypac from project:systemsmanagement:saltstack:testing
 package:salt revision:267

OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=141
---
 _lastrevision                                 |  2 +-
 salt.changes                                  |  8 ++
 salt.spec                                     |  3 +
 ...ewalld-state-to-use-change_interface.patch | 73 +++++++++++++++++++
 4 files changed, 85 insertions(+), 1 deletion(-)
 create mode 100644 switch-firewalld-state-to-use-change_interface.patch

diff --git a/_lastrevision b/_lastrevision
index 7b5d4c0..30bce50 100644
--- a/_lastrevision
+++ b/_lastrevision
@@ -1 +1 @@
-8fe9649055af571bfa44483318fa5a8476035001
\ No newline at end of file
+ea5a745c3a962219fd886eefc19f33997b655283
\ No newline at end of file
diff --git a/salt.changes b/salt.changes
index 270d245..22ec24b 100644
--- a/salt.changes
+++ b/salt.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Mon May 20 12:12:46 UTC 2019 - psuarezhernandez@suse.com
+
+- Switch firewalld state to use change_interface (bsc#1132076)
+
+- Added:
+  * switch-firewalld-state-to-use-change_interface.patch
+
 -------------------------------------------------------------------
 Wed May  8 08:48:49 UTC 2019 - Mihai Dincă <mihai.dinca@suse.com>
 
diff --git a/salt.spec b/salt.spec
index 2e96e7b..ff1c0fa 100644
--- a/salt.spec
+++ b/salt.spec
@@ -174,6 +174,8 @@ Patch53:       do-not-crash-when-there-are-ipv6-established-connect.patch
 # PATCH-FIX_OPENSUSE: https://github.com/openSUSE/salt/pull/144
 # PATCH-FIX_UPSTREAM: https://github.com/saltstack/salt/pull/52855
 Patch54:       fix-async-batch-multiple-done-events.patch
+# PATCH-FIX_UPSTREAM: https://github.com/saltstack/salt/pull/52743
+Patch55:       switch-firewalld-state-to-use-change_interface.patch
 
 # BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
@@ -686,6 +688,7 @@ cp %{S:5} ./.travis.yml
 %patch52 -p1
 %patch53 -p1
 %patch54 -p1
+%patch55 -p1
 
 %build
 %if 0%{?build_py2}
diff --git a/switch-firewalld-state-to-use-change_interface.patch b/switch-firewalld-state-to-use-change_interface.patch
new file mode 100644
index 0000000..99aaa5f
--- /dev/null
+++ b/switch-firewalld-state-to-use-change_interface.patch
@@ -0,0 +1,73 @@
+From ee499612e1302b908a64dde696065b0093fe3115 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Pablo=20Su=C3=A1rez=20Hern=C3=A1ndez?=
+ <psuarezhernandez@suse.com>
+Date: Mon, 20 May 2019 11:59:39 +0100
+Subject: [PATCH] Switch firewalld state to use change_interface
+
+firewalld.present state allows to bind interface to given zone.
+However if the interface is already bound to some other zone, call-
+ing `add_interface` will not change rebind the interface but report
+error.
+Option `change_interface` however can rebind the interface from one
+zone to another.
+
+This PR adds `firewalld.change_interface` call to firewalld module
+and updates `firewalld.present` state to use this call.
+---
+ salt/modules/firewalld.py | 23 +++++++++++++++++++++++
+ salt/states/firewalld.py  |  4 ++--
+ 2 files changed, 25 insertions(+), 2 deletions(-)
+
+diff --git a/salt/modules/firewalld.py b/salt/modules/firewalld.py
+index 7eeb865fa7..232fe052a2 100644
+--- a/salt/modules/firewalld.py
++++ b/salt/modules/firewalld.py
+@@ -951,6 +951,29 @@ def remove_interface(zone, interface, permanent=True):
+     return __firewall_cmd(cmd)
+ 
+ 
++def change_interface(zone, interface, permanent=True):
++    '''
++    Change zone the interface bound to
++
++    .. versionadded:: 2019.?.?
++
++    CLI Example:
++
++    .. code-block:: bash
++
++        salt '*' firewalld.change_interface zone eth0
++    '''
++    if interface in get_interfaces(zone, permanent):
++        log.info('Interface is already bound to zone.')
++
++    cmd = '--zone={0} --change-interface={1}'.format(zone, interface)
++
++    if permanent:
++        cmd += ' --permanent'
++
++    return __firewall_cmd(cmd)
++
++
+ def get_sources(zone, permanent=True):
+     '''
+     List sources bound to a zone
+diff --git a/salt/states/firewalld.py b/salt/states/firewalld.py
+index 4623798658..fc5b233f98 100644
+--- a/salt/states/firewalld.py
++++ b/salt/states/firewalld.py
+@@ -647,8 +647,8 @@ def _present(name,
+         for interface in new_interfaces:
+             if not __opts__['test']:
+                 try:
+-                    __salt__['firewalld.add_interface'](name, interface,
+-                                                        permanent=True)
++                    __salt__['firewalld.change_interface'](name, interface,
++                                                           permanent=True)
+                 except CommandExecutionError as err:
+                     ret['comment'] = 'Error: {0}'.format(err)
+                     return ret
+-- 
+2.17.1
+
+