AMBARI-17047. AMBARI-17047: Firewall check returns WARNING even if iptables and firewalld are stopped on CentOS7 (Masahiro Tanaka via aonishuk)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/6f41c900 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/6f41c900 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/6f41c900 Branch: refs/heads/branch-2.4 Commit: 6f41c9003fa3e629777d748081cad1a3be420439 Parents: dfab464 Author: Andrew Onishuk <[email protected]> Authored: Wed Jul 6 17:00:27 2016 +0300 Committer: Andrew Onishuk <[email protected]> Committed: Wed Jul 6 17:00:27 2016 +0300 ---------------------------------------------------------------------- .../src/main/python/ambari_commons/firewall.py | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/6f41c900/ambari-common/src/main/python/ambari_commons/firewall.py ---------------------------------------------------------------------- diff --git a/ambari-common/src/main/python/ambari_commons/firewall.py b/ambari-common/src/main/python/ambari_commons/firewall.py index 72e6d26..6868d3f 100644 --- a/ambari-common/src/main/python/ambari_commons/firewall.py +++ b/ambari-common/src/main/python/ambari_commons/firewall.py @@ -21,7 +21,7 @@ limitations under the License. from ambari_commons import OSCheck, OSConst from ambari_commons.logging_utils import print_warning_msg from ambari_commons.os_family_impl import OsFamilyImpl -from ambari_commons.os_utils import run_os_command, run_in_shell +from ambari_commons.os_utils import run_os_command class Firewall(object): @@ -120,13 +120,17 @@ class RedHat7FirewallChecks(FirewallChecks): #firewalld added to support default firewall (started from RHEL7/CentOS7) #script default iptables checked as user can use iptables as known from previous RHEL releases. def get_command(self): - return "%(servcmd)s is-active %(fwl1)s || %(servcmd)s is-active %(fwl2)s" % {"servcmd":self.SERVICE_CMD,"fwl1":"iptables", "fwl2":"firewalld"} + return "%(servcmd)s is-active %(fwl1)s %(fwl2)s" % {"servcmd":self.SERVICE_CMD,"fwl1":"iptables", "fwl2":"firewalld"} def check_result(self): - return self.returncode == 0 + for line in self.stdoutdata.split("\n"): + if line.strip() == "active": + return True + return False + def run_command(self): - retcode, out, err = run_in_shell(self.get_command()) + retcode, out, err = run_os_command(self.get_command()) self.returncode = retcode self.stdoutdata = out self.stderrdata = err
