Attachment #319305 for bug #535206

View | Details | Raw Unified | Return to bug 535206
Collapse All | Expand All

Lines 33-38 Link Here

(-)network/src/clients/firewall_stage1_proposal.ycp (-2 / +8 lines)
33	import "ProductFeatures";	33	import "ProductFeatures";
34	import "SuSEFirewall4Network";	34	import "SuSEFirewall4Network";
35	import "SuSEFirewallProposal";	35	import "SuSEFirewallProposal";
		36	import "Linuxrc";
36		37
37	string proposal_id = "fw_1ststage";	38	string proposal_id = "fw_1ststage";
38		39
Lines 44-51 Link Here
44	ProductFeatures::GetBooleanFeature ("globals", "enable_firewall"),	45	ProductFeatures::GetBooleanFeature ("globals", "enable_firewall"),
45	ProductFeatures::GetBooleanFeature ("globals", "firewall_enable_ssh"));	46	ProductFeatures::GetBooleanFeature ("globals", "firewall_enable_ssh"));
46		47
47	SuSEFirewall4Network::SetEnabled1stStage(ProductFeatures::GetBooleanFeature ("globals", "enable_firewall"));	48	SuSEFirewall4Network::SetEnabled1stStage(ProductFeatures::GetBooleanFeature ("globals", "enable_firewall"));
48	SuSEFirewall4Network::SetSshEnabled1stStage (ProductFeatures::GetBooleanFeature ("globals", "firewall_enable_ssh"));	49	// open ssh port by default when using ssh install (bnc#535206)
		50	if(Linuxrc::usessh()) {
		51	SuSEFirewall4Network::SetSshEnabled1stStage (true);
		52	} else {
		53	SuSEFirewall4Network::SetSshEnabled1stStage (ProductFeatures::GetBooleanFeature ("globals", "firewall_enable_ssh"));
		54	}
49		55
50	SuSEFirewallProposal::SetProposalInitialized(true);	56	SuSEFirewallProposal::SetProposalInitialized(true);
51	}	57	}

Lines 11-16 Link Here

(-)network/src/clients/firewall_stage1_finish.ycp (+9 lines)
11	import "SuSEFirewall";	11	import "SuSEFirewall";
12	import "SuSEFirewall4Network";	12	import "SuSEFirewall4Network";
13	import "SuSEFirewallProposal";	13	import "SuSEFirewallProposal";
		14	import "Linuxrc";
		15	import "Service";
14		16
15	any ret = nil;	17	any ret = nil;
16	string func = "";	18	string func = "";
Lines 57-62 Link Here
57	if (ssh_enabled)	59	if (ssh_enabled)
58	SuSEFirewall::SetServicesForZones (["service:sshd"], SuSEFirewall::GetKnownFirewallZones(), true );	60	SuSEFirewall::SetServicesForZones (["service:sshd"], SuSEFirewall::GetKnownFirewallZones(), true );
59		61
		62	// XXX: doesn't really belong here
		63	/* enable sshd if the user either opened the ssh port or if
		64	* we're using a remote install via ssh or vnc (bnc#535206) */
		65	if(ssh_enabled \|\| Linuxrc::usessh() \|\| Linuxrc::vnc()) {
		66	Service::Enable("sshd");
		67	}
		68
60	//this is equivalent to write-only, do not attempt to restart the service	69	//this is equivalent to write-only, do not attempt to restart the service
61	SuSEFirewall::WriteConfiguration();	70	SuSEFirewall::WriteConfiguration();
62	}	71	}

Return to bug 535206