681944 – [RFE] ssh default allowed by kickstart firewall

Bug 681944 - [RFE] ssh default allowed by kickstart firewall

Summary: [RFE] ssh default allowed by kickstart firewall

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 5
Classification:	Red Hat
Component:	pykickstart
Sub Component:
Version:	5.3
Hardware:	All
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Chris Lumens
QA Contact:	Release Test Team
Docs Contact:
URL:
Whiteboard:
Depends On:	485086 577334
Blocks:	668576
TreeView+	depends on / blocked

Reported:	2011-03-03 16:46 UTC by Chris Lumens
Modified:	2018-11-14 19:10 UTC (History)
CC List:	7 users (show)
Fixed In Version:	pykickstart-0.43.9-1
Doc Type:	Enhancement
Doc Text:
Clone Of:	485086
Environment:
Last Closed:	2011-07-21 07:57:17 UTC
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2011:1022	0	normal	SHIPPED_LIVE	pykickstart bug fix and enhancement update	2011-07-20 15:44:25 UTC

Comment 1 Chris Lumens 2011-03-03 16:57:21 UTC

For my future reference, here's the pykickstart patch:

--- a/pykickstart/data.py
+++ b/pykickstart/data.py
@@ -32,7 +32,7 @@ class KickstartData:
         self.deviceprobe = ""
         self.displayMode = DISPLAY_MODE_GRAPHICAL
         self.driverdisk = ""
-        self.firewall = {"enabled": True, "ports": [], "trusts": []}
+        self.firewall = {"enabled": True, "ports": [], "trusts": [], "disableSsh": False}
         self.firstboot = FIRSTBOOT_SKIP
         self.ignoredisk = {"drives": [], "onlyuse": []}
         self.interactive = False
diff --git a/pykickstart/parser.py b/pykickstart/parser.py
index f1c6984..d3129ac 100644
--- a/pykickstart/parser.py
+++ b/pykickstart/parser.py
@@ -410,6 +410,8 @@ class KickstartHandlers:
         op.add_option("--port", dest="ports", action="callback",
                       callback=firewall_port_cb, nargs=1, type="string")
         op.add_option("--trust", dest="trusts", action="append")
+        op.add_option("--no-ssh", dest="disableSsh", action="store_true",
+                      default=False)
 
         (opts, extra) = op.parse_args(args=args)
         self._setToDict(op, opts, self.ksdata.firewall)

Comment 3 Alexander Todorov 2011-05-09 08:48:21 UTC

Tested with pykickstart-1.68-1.el5 and anaconda-11.1.2.232-1. My ks.cfg contained:
firewall --enabled --no-ssh

ssh access was not configured in the firewall.

Comment 4 errata-xmlrpc 2011-07-21 07:57:17 UTC

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-1022.html

Note You need to log in before you can comment on or make changes to this bug.