Merge pull request #20825 from coolgw/ipsec3host_firewall

ipsecbase.pm: check firewall status before stop firewall
os-autoinst · Feb 6, 2025 · ade60d3 · ade60d3
2 parents f84da1d + 6602e0d
commit ade60d3
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 9 deletions.
diff --git a/lib/ipsecbase.pm b/lib/ipsecbase.pm
@@ -100,10 +100,10 @@ sub pre_run_hook {
 
     # disable packagekitd
     quit_packagekit();
-    ensure_apparmor_disabled();
+    ensure_service_disabled('apparmor');
 
     # Stop firewall
-    systemctl 'stop ' . $self->firewall;
+    ensure_service_disabled($self->firewall);
 
     set_hostname(get_var('HOSTNAME', 'susetest'));
 
@@ -112,11 +112,4 @@ sub pre_run_hook {
     $self->SUPER::pre_run_hook;
 }
 
-sub ensure_apparmor_disabled () {
-    unless (systemctl "is-active apparmor", ignore_failure => 1) {    # 0 if active, unless to revert
-        systemctl "disable --now apparmor";
-        record_info "apparmor", "disabled";
-    }
-}
-
 1;
diff --git a/lib/utils.pm b/lib/utils.pm
@@ -97,6 +97,7 @@ our @EXPORT = qw(
   is_efi_boot
   install_patterns
   common_service_action
+  ensure_service_disabled
   script_output_retry
   validate_script_output_retry
   get_secureboot_status
@@ -2546,6 +2547,21 @@ sub common_service_action {
     }
 }
 
+=head2 ensure_service_disabled
+    ensure_service_disabled();
+
+Make sure service is disabled before test.
+
+=cut
+
+sub ensure_service_disabled {
+    my ($service) = @_;
+    unless (systemctl "is-active " . $service, ignore_failure => 1) {    # 0 if active, unless to revert
+        systemctl "disable --now " . $service;
+        record_info $service, "disabled";
+    }
+}
+
 sub get_secureboot_status {
     my $sbvar = '8be4df61-93ca-11d2-aa0d-00e098032b8c-SecureBoot';
     my $ret;