Hello community,
here is the log from the commit of package yast2-firewall for openSUSE:Factory
checked in at 2020-10-26 16:13:04
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/yast2-firewall (Old)
and /work/SRC/openSUSE:Factory/.yast2-firewall.new.3463 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yast2-firewall"
Mon Oct 26 16:13:04 2020 rev:87 rq:843567 version:4.3.8
Changes:
--------
--- /work/SRC/openSUSE:Factory/yast2-firewall/yast2-firewall.changes
2020-10-22 14:22:44.570775053 +0200
+++ /work/SRC/openSUSE:Factory/.yast2-firewall.new.3463/yast2-firewall.changes
2020-10-26 16:13:36.866788084 +0100
@@ -1,0 +2,8 @@
+Thu Oct 22 20:44:20 UTC 2020 - Josef Reidinger <jreidin...@suse.com>
+
+- Do not warn user about ssh key only authentication when
+ ssh port is closed, but firewall is disabled.
+ (bsc#1177953)
+- 4.3.8
+
+-------------------------------------------------------------------
Old:
----
yast2-firewall-4.3.7.tar.bz2
New:
----
yast2-firewall-4.3.8.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ yast2-firewall.spec ++++++
--- /var/tmp/diff_new_pack.cnZDj2/_old 2020-10-26 16:13:38.942789994 +0100
+++ /var/tmp/diff_new_pack.cnZDj2/_new 2020-10-26 16:13:38.950790002 +0100
@@ -17,7 +17,7 @@
Name: yast2-firewall
-Version: 4.3.7
+Version: 4.3.8
Release: 0
Summary: YaST2 - Firewall Configuration
License: GPL-2.0-only
++++++ yast2-firewall-4.3.7.tar.bz2 -> yast2-firewall-4.3.8.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/yast2-firewall-4.3.7/package/yast2-firewall.changes
new/yast2-firewall-4.3.8/package/yast2-firewall.changes
--- old/yast2-firewall-4.3.7/package/yast2-firewall.changes 2020-10-19
10:30:42.000000000 +0200
+++ new/yast2-firewall-4.3.8/package/yast2-firewall.changes 2020-10-23
11:03:18.000000000 +0200
@@ -1,4 +1,12 @@
-------------------------------------------------------------------
+Thu Oct 22 20:44:20 UTC 2020 - Josef Reidinger <jreidin...@suse.com>
+
+- Do not warn user about ssh key only authentication when
+ ssh port is closed, but firewall is disabled.
+ (bsc#1177953)
+- 4.3.8
+
+-------------------------------------------------------------------
Fri Oct 16 15:15:49 UTC 2020 - Josef Reidinger <jreidin...@suse.com>
- Do not enable firewall during first stage of AutoYaST
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/yast2-firewall-4.3.7/package/yast2-firewall.spec
new/yast2-firewall-4.3.8/package/yast2-firewall.spec
--- old/yast2-firewall-4.3.7/package/yast2-firewall.spec 2020-10-19
10:30:42.000000000 +0200
+++ new/yast2-firewall-4.3.8/package/yast2-firewall.spec 2020-10-23
11:03:18.000000000 +0200
@@ -17,7 +17,7 @@
Name: yast2-firewall
-Version: 4.3.7
+Version: 4.3.8
Release: 0
Summary: YaST2 - Firewall Configuration
Group: System/YaST
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-firewall-4.3.7/src/lib/y2firewall/proposal_settings.rb
new/yast2-firewall-4.3.8/src/lib/y2firewall/proposal_settings.rb
--- old/yast2-firewall-4.3.7/src/lib/y2firewall/proposal_settings.rb
2020-10-19 10:30:42.000000000 +0200
+++ new/yast2-firewall-4.3.8/src/lib/y2firewall/proposal_settings.rb
2020-10-23 11:03:18.000000000 +0200
@@ -126,9 +126,14 @@
# @return [Boolean] true if the root user uses only public key
# authentication and the system is not accesible through ssh
def access_problem?
+ # public key is not the only way
return false unless only_public_key_auth
- !(@open_ssh && @enable_sshd)
+ # without running sshd it is useless
+ return true unless @enable_sshd
+
+ # firewall is up and port for ssh is not open
+ @enable_firewall && !@open_ssh
end
private
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-firewall-4.3.7/test/lib/y2firewall/proposal_settings_test.rb
new/yast2-firewall-4.3.8/test/lib/y2firewall/proposal_settings_test.rb
--- old/yast2-firewall-4.3.7/test/lib/y2firewall/proposal_settings_test.rb
2020-10-19 10:30:42.000000000 +0200
+++ new/yast2-firewall-4.3.8/test/lib/y2firewall/proposal_settings_test.rb
2020-10-23 11:03:18.000000000 +0200
@@ -209,28 +209,40 @@
describe "#access_problem?" do
let(:ssh_enabled) { true }
+ let(:firewall_enabled) { true }
let(:ssh_open) { true }
let(:only_ssh_key_auth) { true }
before do
subject.enable_sshd = ssh_enabled
+ subject.enable_firewall = firewall_enabled
subject.open_ssh = ssh_open
allow(subject).to
receive(:only_public_key_auth).and_return(only_ssh_key_auth)
end
context "when the root user uses only SSH key based authentication" do
context "when sshd is enabled" do
- context "and the SSH port is open" do
- it "returns false" do
- expect(subject.access_problem?).to eql(false)
+ context "and firewall is enabled" do
+ context "and the SSH port is open" do
+ it "returns false" do
+ expect(subject.access_problem?).to eql(false)
+ end
+ end
+
+ context "and the SSH port is close" do
+ let(:ssh_open) { false }
+
+ it "returns true" do
+ expect(subject.access_problem?).to eql(true)
+ end
end
end
- context "and the SSH port is close" do
- let(:ssh_open) { false }
+ context "and firewall is disabled" do
+ let(:firewall_enabled) { false }
- it "returns true" do
- expect(subject.access_problem?).to eql(true)
+ it "returns false" do
+ expect(subject.access_problem?).to eql(false)
end
end
end
