cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Prevent bug in 'ufw --dry-run reset' to delete firewall rules.

Browse source
This commit is contained in:
Felix Fontein 2019-02-11 20:34:39 +01:00 committed by Toshio Kuratomi
parent 0093b69935
commit c3271befda
2 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
changelogs/fragments/ufw-reset-check-mode.yaml Normal file
View file

@ -0,0 +1,2 @@
bugfixes:
- "ufw - when using ``state: reset`` in check mode, ``ufw --dry-run reset`` was executed, which causes a loss of firewall rules. The ``ufw`` module was adjusted to no longer run ``ufw --dry-run reset`` to prevent this from happening."

2
lib/ansible/modules/system/ufw.py
View file

@ -301,6 +301,8 @@ def main():
cmd = [[ufw_bin], [module.check_mode, '--dry-run']] cmd = [[ufw_bin], [module.check_mode, '--dry-run']]
if command == 'state': if command == 'state':
if value == 'reset' and module.check_mode:
continue
states = {'enabled': 'enable', 'disabled': 'disable', states = {'enabled': 'enable', 'disabled': 'disable',
'reloaded': 'reload', 'reset': 'reset'} 'reloaded': 'reload', 'reset': 'reset'}
execute(cmd + [['-f'], [states[value]]]) execute(cmd + [['-f'], [states[value]]])