search

ansible-collections / ansible.posix

Ansible Collection for Posix
Other
157 stars 152 forks source link

ansible.posix.firewalld ; ERROR: Exception caught: org.fedoraproject.FirewallD1.Exception: INVALID_ZONE: #539

Open Daskan opened 6 months ago

Daskan commented 6 months ago
SUMMARY

When creating a zone (with state present) having the target parameter will result in the following msg:

"msg": "ERROR: Exception caught: org.fedoraproject.FirewallD1.Exception: INVALID_ZONE: custom"

INVALID_ZONE here is quite confusing and the docs not tell anything about the required or invalid parameters for such use-case.

This problem only applies to none existing zone and wont make such problem on an existing one.

ISSUE TYPE
COMPONENT NAME

ansible.posix.firewalld

ANSIBLE VERSION
ansible [core 2.16.2]
  config file = /var/home/xxx/git/ansible/ansible.cfg
  configured module search path = ['/var/home/xxx/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.12/site-packages/ansible
  ansible collection location = /var/home/xxx/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.12.0 (main, Oct  2 2023, 00:00:00) [GCC 13.2.1 20230918 (Red Hat 13.2.1-3)] (/usr/bin/python3)
  jinja version = 3.1.3
  libyaml = True
COLLECTION VERSION
CONFIGURATION
OS / ENVIRONMENT
STEPS TO REPRODUCE
- ansible.posix.firewalld:
    zone: custom
    permanent: true
    state: present
    target: "%%REJECT%%"
EXPECTED RESULTS

No error .. improved documentation .. or better error msg.

ACTUAL RESULTS
andrico21 commented 4 months ago

When creating a zone (with state present) having the target parameter will result in the following msg Also have been hit by same issue. It only happens during creation and only if '%%REJECT%%' target is set. My workaround is to create zone first using default target and then to change target for existing zone.


- name: "Create \"{{ ipaserver_firewalld_zone }}\" firewalld zone"
ansible.posix.firewalld:
zone: "{{ ipaserver_firewalld_zone }}"
state: present
permanent: true