firewalld module fails with "global name 'fw_offline' is not defined" error

j1cken commented 6 years ago

ISSUE TYPE

Bug Report

COMPONENT NAME

firewalld

ANSIBLE VERSION

ansible 2.5.0
  config file = /home/torben/development/local-fedora-setup/ansible.cfg
  configured module search path = [u'/home/torben/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.14 (default, Mar 14 2018, 16:45:33) [GCC 8.0.1 20180222 (Red Hat 8.0.1-0.16)]

CONFIGURATION

DEFAULT_BECOME(/home/torben/development/local-fedora-setup/ansible.cfg) = True

OS / ENVIRONMENT

[torben@localhost local-fedora-setup]$ uname -a
Linux localhost.localdomain 4.16.0-0.rc7.git0.1.fc28.x86_64 #1 SMP Mon Mar 26 15:01:02 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
[torben@localhost local-fedora-setup]$ cat /etc/fedora-release 
Fedora release 28 (Twenty Eight)
[torben@localhost local-fedora-setup]$

SUMMARY

- name: open glusterfs client tcp firewall ports
  firewalld:
    permanent: yes
    immediate: yes
    port: 24007-24008/tcp
    state: enabled

fails with

TASK [nas : open glusterfs client tcp firewall ports] ************************************************************************************************************************************************************************************************************************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: NameError: global name 'fw_offline' is not defined
fatal: [localhost]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\n  File \"/tmp/ansible_CI2pJm/ansible_module_firewalld.py\", line 1020, in <module>\n    main()\n  File \"/tmp/ansible_CI2pJm/ansible_module_firewalld.py\", line 814, in main\n    if fw_offline:\nNameError: global name 'fw_offline' is not defined\n", "module_stdout": "", "msg": "MODULE FAILURE", "rc": 1}

STEPS TO REPRODUCE

see above

- name: open glusterfs client tcp firewall ports
  firewalld:
    permanent: yes
    immediate: yes
    port: 24007-24008/tcp
    state: enabled

EXPECTED RESULTS

no error, firewalld ports got opened

ACTUAL RESULTS

TASK [nas : open glusterfs client tcp firewall ports] ************************************************************************************************************************************************************************************************************************************************************************
task path: /home/torben/development/local-fedora-setup/playbooks/roles/nas/tasks/main.yml:8
Using module file /usr/lib/python2.7/site-packages/ansible/modules/system/firewalld.py
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: torben
<127.0.0.1> EXEC /bin/sh -c 'echo ~ && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/torben/.ansible/tmp/ansible-tmp-1522509661.54-148889351364616 `" && echo ansible-tmp-1522509661.54-148889351364616="` echo /home/torben/.ansible/tmp/ansible-tmp-1522509661.54-148889351364616 `" ) && sleep 0'
<127.0.0.1> PUT /home/torben/.ansible/tmp/ansible-local-4337yth7ww/tmpmAW_uv TO /home/torben/.ansible/tmp/ansible-tmp-1522509661.54-148889351364616/firewalld.py
<127.0.0.1> EXEC /bin/sh -c 'chmod u+x /home/torben/.ansible/tmp/ansible-tmp-1522509661.54-148889351364616/ /home/torben/.ansible/tmp/ansible-tmp-1522509661.54-148889351364616/firewalld.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'sudo -H -S -n -u root /bin/sh -c '"'"'echo BECOME-SUCCESS-yxcdkerskztokdvxiouambfrzitvigxr; /usr/bin/python2 /home/torben/.ansible/tmp/ansible-tmp-1522509661.54-148889351364616/firewalld.py'"'"' && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /home/torben/.ansible/tmp/ansible-tmp-1522509661.54-148889351364616/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
Traceback (most recent call last):
  File "/tmp/ansible_LC7BCv/ansible_module_firewalld.py", line 1020, in <module>
    main()
  File "/tmp/ansible_LC7BCv/ansible_module_firewalld.py", line 814, in main
    if fw_offline:
NameError: global name 'fw_offline' is not defined

fatal: [localhost]: FAILED! => {
    "changed": false, 
    "module_stderr": "Traceback (most recent call last):\n  File \"/tmp/ansible_LC7BCv/ansible_module_firewalld.py\", line 1020, in <module>\n    main()\n  File \"/tmp/ansible_LC7BCv/ansible_module_firewalld.py\", line 814, in main\n    if fw_offline:\nNameError: global name 'fw_offline' is not defined\n", 
    "module_stdout": "", 
    "msg": "MODULE FAILURE", 
    "rc": 1
}

ansibot commented 6 years ago

Files identified in the description:

lib/ansible/modules/system/firewalld.py

If these files are inaccurate, please update the component name section of the description or use the !component bot command.

click here for bot help

ansibot commented 6 years ago

cc @maxamillion click here for bot help

Akasurde commented 6 years ago

@j1cken Thanks for reporting this issue. This PR https://github.com/ansible/ansible/pull/37603 will resolve this issue.

maxamillion commented 6 years ago

@Akasurde did you test that #37603 does fix this?

Akasurde commented 6 years ago

@maxamillion From my preliminary testing PR works for this issue.

maxamillion commented 6 years ago

@Akasurde awesome, greatly appreciated!

dylanmtaylor commented 6 years ago

I'm affected by this as well, is there a test build with the PR for users to test? Maybe from CI?

maxamillion commented 6 years ago

Apologies for how long this took, that's on me as the module maintainer. I got caught up with other work and thought the refactor would land sooner than it did, but we shouldn't really backport a refactor so I've submitted a small patch to the stable-2.5 branch.

mkrizek commented 6 years ago

Closing as per above.

ansible / ansible