|
 |
dddd59 |
commit 16b62b790a33022c27d408e897c0a6bf23cf2e36
|
|
|
dddd59 |
Author: Thomas Woerner <twoerner@redhat.com>
|
|
|
dddd59 |
Date: Mon Jul 25 19:07:30 2016 +0200
|
|
|
dddd59 |
|
|
|
dddd59 |
firewall[-offline]-cmd, firewallctl, firewall.command: Use sys.{stdout,stderr}
|
|
|
dddd59 |
|
|
|
dddd59 |
Using sys.stdout and sys.stderr instead of print to have error output to stderr
|
|
|
dddd59 |
and to calm down broken pipe output.
|
|
|
dddd59 |
|
|
|
dddd59 |
diff --git a/src/firewall-cmd b/src/firewall-cmd
|
|
|
dddd59 |
index d408c09..df0747d 100755
|
|
|
dddd59 |
--- a/src/firewall-cmd
|
|
|
dddd59 |
+++ b/src/firewall-cmd
|
|
|
dddd59 |
@@ -44,7 +44,7 @@ from firewall.core.io.icmptype import icmptype_reader
|
|
|
dddd59 |
from firewall.command import FirewallCommand
|
|
|
dddd59 |
|
|
|
dddd59 |
def __usage():
|
|
|
dddd59 |
- print ("""
|
|
|
dddd59 |
+ sys.stdout.write("""
|
|
|
dddd59 |
Usage: firewall-cmd [OPTIONS...]
|
|
|
dddd59 |
|
|
|
dddd59 |
General Options
|
|
|
dddd59 |
@@ -401,6 +401,7 @@ Panic Options
|
|
|
dddd59 |
--panic-on Enable panic mode
|
|
|
dddd59 |
--panic-off Disable panic mode
|
|
|
dddd59 |
--query-panic Query whether panic mode is enabled
|
|
|
dddd59 |
+
|
|
|
dddd59 |
""")
|
|
|
dddd59 |
|
|
|
dddd59 |
def try_set_zone_of_interface(_zone, interface):
|
|
|
dddd59 |
@@ -1811,7 +1812,7 @@ elif a.direct:
|
|
|
dddd59 |
cmd.fail("usage: --direct --passthrough { ipv4 | ipv6 | eb } <args>")
|
|
|
dddd59 |
msg = fw.passthrough(cmd.check_ipv(a.passthrough[0]), splitArgs(a.passthrough[1]))
|
|
|
dddd59 |
if msg:
|
|
|
dddd59 |
- print(msg)
|
|
|
dddd59 |
+ sys.stdout.write(msg + "\n")
|
|
|
dddd59 |
|
|
|
dddd59 |
elif a.add_passthrough:
|
|
|
dddd59 |
if len(a.add_passthrough) < 2:
|
|
|
dddd59 |
diff --git a/src/firewall-offline-cmd b/src/firewall-offline-cmd
|
|
|
dddd59 |
index a296441..4a9432f 100755
|
|
|
dddd59 |
--- a/src/firewall-offline-cmd
|
|
|
dddd59 |
+++ b/src/firewall-offline-cmd
|
|
|
dddd59 |
@@ -43,13 +43,13 @@ from firewall.command import FirewallCommand
|
|
|
dddd59 |
|
|
|
dddd59 |
# check for root user
|
|
|
dddd59 |
if os.getuid() != 0:
|
|
|
dddd59 |
- print("You need to be root to run %s." % sys.argv[0])
|
|
|
dddd59 |
+ sys.stderr.write("You need to be root to run %s.\n" % sys.argv[0])
|
|
|
dddd59 |
sys.exit(-1)
|
|
|
dddd59 |
|
|
|
dddd59 |
SYSTEM_CONFIG_FIREWALL = config.SYSCONFIGDIR + '/system-config-firewall'
|
|
|
dddd59 |
|
|
|
dddd59 |
def __usage():
|
|
|
dddd59 |
- print ("""
|
|
|
dddd59 |
+ sys.stdout.write("""
|
|
|
dddd59 |
Usage: firewall-offline-cmd [OPTIONS...]
|
|
|
dddd59 |
|
|
|
dddd59 |
If no options are given, configuration from '%s' will be migrated.
|
|
|
dddd59 |
@@ -418,7 +418,7 @@ Polkit Options
|
|
|
dddd59 |
--policy-server Change Polkit actions to 'server' (more restricted)
|
|
|
dddd59 |
--policy-desktop Change Polkit actions to 'desktop' (less restricted)
|
|
|
dddd59 |
|
|
|
dddd59 |
- """ % (SYSTEM_CONFIG_FIREWALL, config.SYSCONFIGDIR))
|
|
|
dddd59 |
+""" % (SYSTEM_CONFIG_FIREWALL, config.SYSCONFIGDIR))
|
|
|
dddd59 |
|
|
|
dddd59 |
def parse_port_lokkit(value):
|
|
|
dddd59 |
try:
|
|
|
dddd59 |
diff --git a/src/firewall/command.py b/src/firewall/command.py
|
|
|
dddd59 |
index 58618b0..74ee8b2 100644
|
|
|
dddd59 |
--- a/src/firewall/command.py
|
|
|
dddd59 |
+++ b/src/firewall/command.py
|
|
|
dddd59 |
@@ -55,19 +55,23 @@ class FirewallCommand(object):
|
|
|
dddd59 |
|
|
|
dddd59 |
def print_msg(self, msg=None):
|
|
|
dddd59 |
if msg is not None and not self.quiet:
|
|
|
dddd59 |
- print(msg)
|
|
|
dddd59 |
+ sys.stdout.write(msg + "\n")
|
|
|
dddd59 |
+
|
|
|
dddd59 |
+ def print_error_msg(self, msg=None):
|
|
|
dddd59 |
+ if msg is not None and not self.quiet:
|
|
|
dddd59 |
+ sys.stderr.write(msg + "\n")
|
|
|
dddd59 |
|
|
|
dddd59 |
def print_warning(self, msg=None):
|
|
|
dddd59 |
FAIL = '\033[91m'
|
|
|
dddd59 |
END = '\033[00m'
|
|
|
dddd59 |
- self.print_msg(FAIL + msg + END)
|
|
|
dddd59 |
+ self.print_error_msg(FAIL + msg + END)
|
|
|
dddd59 |
|
|
|
dddd59 |
def print_and_exit(self, msg=None, exit_code=0):
|
|
|
dddd59 |
#OK = '\033[92m'
|
|
|
dddd59 |
FAIL = '\033[91m'
|
|
|
dddd59 |
END = '\033[00m'
|
|
|
dddd59 |
if exit_code > 1:
|
|
|
dddd59 |
- self.print_msg(FAIL + msg + END)
|
|
|
dddd59 |
+ self.print_error_msg(FAIL + msg + END)
|
|
|
dddd59 |
else:
|
|
|
dddd59 |
self.print_msg(msg)
|
|
|
dddd59 |
#self.print_msg(OK + msg + END)
|
|
|
dddd59 |
@@ -77,8 +81,8 @@ class FirewallCommand(object):
|
|
|
dddd59 |
self.print_and_exit(msg, 2)
|
|
|
dddd59 |
|
|
|
dddd59 |
def print_if_verbose(self, msg=None):
|
|
|
dddd59 |
- if msg and self.verbose:
|
|
|
dddd59 |
- print(msg)
|
|
|
dddd59 |
+ if msg is not None and self.verbose:
|
|
|
dddd59 |
+ sys.stdout.write(msg + "\n")
|
|
|
dddd59 |
|
|
|
dddd59 |
def __cmd_sequence(self, cmd_type, option, action_method, query_method,
|
|
|
dddd59 |
parse_method, message, start_args=None, end_args=None,
|
|
|
dddd59 |
diff --git a/src/firewallctl b/src/firewallctl
|
|
|
dddd59 |
index 249736c..20cccac 100755
|
|
|
dddd59 |
--- a/src/firewallctl
|
|
|
dddd59 |
+++ b/src/firewallctl
|
|
|
dddd59 |
@@ -3365,7 +3365,7 @@ elif args.parser == "direct":
|
|
|
dddd59 |
msg = fw.passthrough(cmd.check_ipv(args.passthrough[0]),
|
|
|
dddd59 |
splitArgs(args.passthrough[1]))
|
|
|
dddd59 |
if msg:
|
|
|
dddd59 |
- print(msg)
|
|
|
dddd59 |
+ sys.stdout.write(msg + "\n")
|
|
|
dddd59 |
|
|
|
dddd59 |
elif args.action == "get":
|
|
|
dddd59 |
|
|
|
dddd59 |
commit 560a0e4e9f66da97ceeb69f295a989251e86a342
|
|
|
dddd59 |
Author: Thomas Woerner <twoerner@redhat.com>
|
|
|
dddd59 |
Date: Thu Jul 28 13:28:22 2016 +0200
|
|
|
dddd59 |
|
|
|
dddd59 |
tests/firewall-[offline-]cmd_test.sh: Hide errors and warnings
|
|
|
dddd59 |
|
|
|
dddd59 |
This change is needed because of the use of stderr for warnings and errors in
|
|
|
dddd59 |
the command line tools.
|
|
|
dddd59 |
|
|
|
dddd59 |
diff --git a/src/tests/firewall-cmd_test.sh b/src/tests/firewall-cmd_test.sh
|
|
|
dddd59 |
index f9348ca..dd7c4f8 100755
|
|
|
dddd59 |
--- a/src/tests/firewall-cmd_test.sh
|
|
|
dddd59 |
+++ b/src/tests/firewall-cmd_test.sh
|
|
|
dddd59 |
@@ -10,7 +10,7 @@ readonly RESTORE='\033[0m'
|
|
|
dddd59 |
assert_good() {
|
|
|
dddd59 |
local args="${1}"
|
|
|
dddd59 |
|
|
|
dddd59 |
- ${path}firewall-cmd ${args} > /dev/null
|
|
|
dddd59 |
+ ${path}firewall-cmd ${args} > /dev/null 2>&1
|
|
|
dddd59 |
if [[ "$?" -eq 0 ]]; then
|
|
|
dddd59 |
echo "${args} ... OK"
|
|
|
dddd59 |
else
|
|
|
dddd59 |
@@ -23,7 +23,7 @@ assert_good_notempty() {
|
|
|
dddd59 |
local args="${1}"
|
|
|
dddd59 |
local ret
|
|
|
dddd59 |
|
|
|
dddd59 |
- ret=$(${path}firewall-cmd ${args}) > /dev/null
|
|
|
dddd59 |
+ ret=$(${path}firewall-cmd ${args}) > /dev/null 2>&1
|
|
|
dddd59 |
if [[ ( "$?" -eq 0 ) && ( -n "${ret}" ) ]]; then
|
|
|
dddd59 |
echo "${args} ... OK"
|
|
|
dddd59 |
else
|
|
|
dddd59 |
@@ -36,7 +36,7 @@ assert_good_empty() {
|
|
|
dddd59 |
local args="${1}"
|
|
|
dddd59 |
local ret
|
|
|
dddd59 |
|
|
|
dddd59 |
- ret=$(${path}firewall-cmd ${args}) > /dev/null
|
|
|
dddd59 |
+ ret=$(${path}firewall-cmd ${args}) > /dev/null 2>&1
|
|
|
dddd59 |
if [[ ( "$?" -eq 0 ) && ( -z "${ret}" ) ]]; then
|
|
|
dddd59 |
echo "${args} ... OK"
|
|
|
dddd59 |
else
|
|
|
dddd59 |
@@ -50,7 +50,7 @@ assert_good_equals() {
|
|
|
dddd59 |
local value="${2}"
|
|
|
dddd59 |
local ret
|
|
|
dddd59 |
|
|
|
dddd59 |
- ret=$(${path}firewall-cmd ${args}) > /dev/null
|
|
|
dddd59 |
+ ret=$(${path}firewall-cmd ${args}) > /dev/null 2>&1
|
|
|
dddd59 |
if [[ ( "$?" -eq 0 ) && ( "${ret}" = "${value}" ) ]]; then
|
|
|
dddd59 |
echo "${args} ... OK"
|
|
|
dddd59 |
else
|
|
|
dddd59 |
@@ -64,7 +64,7 @@ assert_good_contains() {
|
|
|
dddd59 |
local value="${2}"
|
|
|
dddd59 |
local ret
|
|
|
dddd59 |
|
|
|
dddd59 |
- ret=$(${path}firewall-cmd ${args}) > /dev/null
|
|
|
dddd59 |
+ ret=$(${path}firewall-cmd ${args}) > /dev/null 2>&1
|
|
|
dddd59 |
if [[ ( "$?" -eq 0 ) && ( "${ret}" = *${value}* ) ]]; then
|
|
|
dddd59 |
echo "${args} ... OK"
|
|
|
dddd59 |
else
|
|
|
dddd59 |
@@ -90,7 +90,7 @@ assert_bad_contains() {
|
|
|
dddd59 |
local value="${2}"
|
|
|
dddd59 |
local ret
|
|
|
dddd59 |
|
|
|
dddd59 |
- ret=$(${path}firewall-cmd ${args}) > /dev/null
|
|
|
dddd59 |
+ ret=$(${path}firewall-cmd ${args}) > /dev/null 2>&1
|
|
|
dddd59 |
if [[ ( "$?" -ne 0 ) || ( "${ret}" = *${value}* ) ]]; then
|
|
|
dddd59 |
((failures++))
|
|
|
dddd59 |
echo -e "${args} ... ${RED}${failures}. FAILED (non-zero exit status or '${ret}' does contain '${value}')${RESTORE}"
|
|
|
dddd59 |
@@ -115,7 +115,7 @@ assert_rich_good() {
|
|
|
dddd59 |
command="--query-rich-rule"
|
|
|
dddd59 |
fi
|
|
|
dddd59 |
|
|
|
dddd59 |
- ${path}firewall-cmd ${permanent} ${command} "${args}" > /dev/null
|
|
|
dddd59 |
+ ${path}firewall-cmd ${permanent} ${command} "${args}" > /dev/null 2>&1
|
|
|
dddd59 |
if [[ "$?" -eq 0 ]]; then
|
|
|
dddd59 |
echo ${permanent} ${command} "${args} ... OK"
|
|
|
dddd59 |
else
|
|
|
dddd59 |
@@ -139,7 +139,7 @@ assert_rich_bad() {
|
|
|
dddd59 |
command="--query-rich-rule"
|
|
|
dddd59 |
fi
|
|
|
dddd59 |
|
|
|
dddd59 |
- ${path}firewall-cmd ${permanent} ${command} "${args}" > /dev/null
|
|
|
dddd59 |
+ ${path}firewall-cmd ${permanent} ${command} "${args}" > /dev/null 2>&1
|
|
|
dddd59 |
if [[ "$?" -ne 0 ]]; then
|
|
|
dddd59 |
echo ${permanent} ${command} "${args} ... OK"
|
|
|
dddd59 |
else
|
|
|
dddd59 |
diff --git a/src/tests/firewall-offline-cmd_test.sh b/src/tests/firewall-offline-cmd_test.sh
|
|
|
dddd59 |
index 54fad3d..344b825 100755
|
|
|
dddd59 |
--- a/src/tests/firewall-offline-cmd_test.sh
|
|
|
dddd59 |
+++ b/src/tests/firewall-offline-cmd_test.sh
|
|
|
dddd59 |
@@ -22,7 +22,7 @@ assert_cmd_good() {
|
|
|
dddd59 |
assert_good() {
|
|
|
dddd59 |
local args="${1}"
|
|
|
dddd59 |
|
|
|
dddd59 |
- ${path}firewall-offline-cmd ${args} > /dev/null
|
|
|
dddd59 |
+ ${path}firewall-offline-cmd ${args} > /dev/null 2>&1
|
|
|
dddd59 |
if [[ "$?" -eq 0 ]]; then
|
|
|
dddd59 |
echo "${args} ... OK"
|
|
|
dddd59 |
else
|
|
|
dddd59 |
@@ -35,7 +35,7 @@ assert_good_notempty() {
|
|
|
dddd59 |
local args="${1}"
|
|
|
dddd59 |
local ret
|
|
|
dddd59 |
|
|
|
dddd59 |
- ret=$(${path}firewall-offline-cmd ${args}) > /dev/null
|
|
|
dddd59 |
+ ret=$(${path}firewall-offline-cmd ${args}) > /dev/null 2>&1
|
|
|
dddd59 |
if [[ ( "$?" -eq 0 ) && ( -n "${ret}" ) ]]; then
|
|
|
dddd59 |
echo "${args} ... OK"
|
|
|
dddd59 |
else
|
|
|
dddd59 |
@@ -48,7 +48,7 @@ assert_good_empty() {
|
|
|
dddd59 |
local args="${1}"
|
|
|
dddd59 |
local ret
|
|
|
dddd59 |
|
|
|
dddd59 |
- ret=$(${path}firewall-offline-cmd ${args}) > /dev/null
|
|
|
dddd59 |
+ ret=$(${path}firewall-offline-cmd ${args}) > /dev/null 2>&1
|
|
|
dddd59 |
if [[ ( "$?" -eq 0 ) && ( -z "${ret}" ) ]]; then
|
|
|
dddd59 |
echo "${args} ... OK"
|
|
|
dddd59 |
else
|
|
|
dddd59 |
@@ -62,7 +62,7 @@ assert_good_equals() {
|
|
|
dddd59 |
local value="${2}"
|
|
|
dddd59 |
local ret
|
|
|
dddd59 |
|
|
|
dddd59 |
- ret=$(${path}firewall-offline-cmd ${args}) > /dev/null
|
|
|
dddd59 |
+ ret=$(${path}firewall-offline-cmd ${args}) > /dev/null 2>&1
|
|
|
dddd59 |
if [[ ( "$?" -eq 0 ) && ( "${ret}" = "${value}" ) ]]; then
|
|
|
dddd59 |
echo "${args} ... OK"
|
|
|
dddd59 |
else
|
|
|
dddd59 |
@@ -76,7 +76,7 @@ assert_good_contains() {
|
|
|
dddd59 |
local value="${2}"
|
|
|
dddd59 |
local ret
|
|
|
dddd59 |
|
|
|
dddd59 |
- ret=$(${path}firewall-offline-cmd ${args}) > /dev/null
|
|
|
dddd59 |
+ ret=$(${path}firewall-offline-cmd ${args}) > /dev/null 2>&1
|
|
|
dddd59 |
if [[ ( "$?" -eq 0 ) && ( "${ret}" = *${value}* ) ]]; then
|
|
|
dddd59 |
echo "${args} ... OK"
|
|
|
dddd59 |
else
|
|
|
dddd59 |
@@ -88,7 +88,7 @@ assert_good_contains() {
|
|
|
dddd59 |
assert_bad() {
|
|
|
dddd59 |
local args="${1}"
|
|
|
dddd59 |
|
|
|
dddd59 |
- ${path}firewall-offline-cmd ${args} 1> /dev/null 2>&1
|
|
|
dddd59 |
+ ${path}firewall-offline-cmd ${args} 1> /dev/null 2>&1 2>&1
|
|
|
dddd59 |
if [[ "$?" -ne 0 ]]; then
|
|
|
dddd59 |
echo "${args} ... OK"
|
|
|
dddd59 |
else
|
|
|
dddd59 |
@@ -102,7 +102,7 @@ assert_bad_contains() {
|
|
|
dddd59 |
local value="${2}"
|
|
|
dddd59 |
local ret
|
|
|
dddd59 |
|
|
|
dddd59 |
- ret=$(${path}firewall-offline-cmd ${args}) > /dev/null
|
|
|
dddd59 |
+ ret=$(${path}firewall-offline-cmd ${args}) > /dev/null 2>&1
|
|
|
dddd59 |
if [[ ( "$?" -ne 0 ) || ( "${ret}" = *${value}* ) ]]; then
|
|
|
dddd59 |
((failures++))
|
|
|
dddd59 |
echo -e "${args} ... ${RED}${failures}. FAILED (non-zero exit status or '${ret}' does contain '${value}')${RESTORE}"
|
|
|
dddd59 |
@@ -125,7 +125,7 @@ assert_rich_good() {
|
|
|
dddd59 |
command="--query-rich-rule"
|
|
|
dddd59 |
fi
|
|
|
dddd59 |
|
|
|
dddd59 |
- ${path}firewall-offline-cmd ${command} "${args}" > /dev/null
|
|
|
dddd59 |
+ ${path}firewall-offline-cmd ${command} "${args}" > /dev/null 2>&1
|
|
|
dddd59 |
if [[ "$?" -eq 0 ]]; then
|
|
|
dddd59 |
echo ${command} "${args} ... OK"
|
|
|
dddd59 |
else
|
|
|
dddd59 |
@@ -147,7 +147,7 @@ assert_rich_bad() {
|
|
|
dddd59 |
command="--query-rich-rule"
|
|
|
dddd59 |
fi
|
|
|
dddd59 |
|
|
|
dddd59 |
- ${path}firewall-offline-cmd ${command} "${args}" > /dev/null
|
|
|
dddd59 |
+ ${path}firewall-offline-cmd ${command} "${args}" > /dev/null 2>&1
|
|
|
dddd59 |
if [[ "$?" -ne 0 ]]; then
|
|
|
dddd59 |
echo ${command} "${args} ... OK"
|
|
|
dddd59 |
else
|