ansible-playbook [core 2.12.6] config file = /etc/ansible/ansible.cfg configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3.9/site-packages/ansible ansible collection location = /tmp/tmpym83ylkt executable location = /usr/bin/ansible-playbook python version = 3.9.13 (main, May 18 2022, 00:00:00) [GCC 11.3.1 20220421 (Red Hat 11.3.1-2)] jinja version = 2.11.3 libyaml = True Using /etc/ansible/ansible.cfg as config file Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: rhel-7_setup.yml ***************************************************** 1 plays in /cache/rhel-7_setup.yml PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /cache/rhel-7_setup.yml:5 Tuesday 14 June 2022 21:11:01 +0000 (0:00:00.017) 0:00:00.017 ********** ok: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } ok: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } ok: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } ok: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } ok: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Tuesday 14 June 2022 21:11:03 +0000 (0:00:01.379) 0:00:01.397 ********** =============================================================================== set up internal repositories -------------------------------------------- 1.38s /cache/rhel-7_setup.yml:5 ----------------------------------------------------- PLAYBOOK: tests_zone.yml ******************************************************* 1 plays in /tmp/tmpqqlptjhy/tests/tests_zone.yml PLAY [Test firewalld zones] **************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpqqlptjhy/tests/tests_zone.yml:1 Tuesday 14 June 2022 21:11:03 +0000 (0:00:00.015) 0:00:01.412 ********** ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify used firewalld zones] ********************************************* task path: /tmp/tmpqqlptjhy/tests/tests_zone.yml:10 Tuesday 14 June 2022 21:11:04 +0000 (0:00:00.996) 0:00:02.409 ********** TASK [linux-system-roles.firewall : include_tasks] ***************************** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:1 Tuesday 14 June 2022 21:11:04 +0000 (0:00:00.055) 0:00:02.464 ********** included: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/firewalld.yml for /cache/rhel-7.qcow2 TASK [linux-system-roles.firewall : Ensure ansible_facts used by role] ********* task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/firewalld.yml:2 Tuesday 14 June 2022 21:11:04 +0000 (0:00:00.046) 0:00:02.511 ********** ok: [/cache/rhel-7.qcow2] TASK [linux-system-roles.firewall : Install firewalld] ************************* task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/firewalld.yml:8 Tuesday 14 June 2022 21:11:04 +0000 (0:00:00.407) 0:00:02.918 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "firewalld-0.6.3-13.el7_9.noarch providing firewalld is already installed" ] } TASK [linux-system-roles.firewall : Install python-firewall] ******************* task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/firewalld.yml:13 Tuesday 14 June 2022 21:11:05 +0000 (0:00:00.669) 0:00:03.588 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "python-firewall-0.6.3-13.el7_9.noarch providing python-firewall is already installed" ] } TASK [linux-system-roles.firewall : Install python3-firewall] ****************** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/firewalld.yml:19 Tuesday 14 June 2022 21:11:05 +0000 (0:00:00.517) 0:00:04.105 ********** skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [linux-system-roles.firewall : Enable and start firewalld service] ******** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:3 Tuesday 14 June 2022 21:11:05 +0000 (0:00:00.035) 0:00:04.141 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "enabled": true, "name": "firewalld", "state": "started", "status": { "ActiveEnterTimestamp": "Tue 2022-06-14 17:11:00 EDT", "ActiveEnterTimestampMonotonic": "133667837", "ActiveExitTimestamp": "Tue 2022-06-14 17:10:59 EDT", "ActiveExitTimestampMonotonic": "132710101", "ActiveState": "active", "After": "dbus.service basic.target system.slice polkit.service", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "yes", "AssertTimestamp": "Tue 2022-06-14 17:11:00 EDT", "AssertTimestampMonotonic": "133477647", "Before": "multi-user.target network-pre.target shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedoraproject.FirewallD1", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "yes", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "yes", "ConditionTimestamp": "Tue 2022-06-14 17:11:00 EDT", "ConditionTimestampMonotonic": "133477647", "Conflicts": "iptables.service ipset.service ebtables.service shutdown.target ip6tables.service", "ControlGroup": "/system.slice/firewalld.service", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "firewalld - dynamic firewall daemon", "DevicePolicy": "auto", "Documentation": "man:firewalld(1)", "EnvironmentFile": "/etc/sysconfig/firewalld (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "20142", "ExecMainStartTimestamp": "Tue 2022-06-14 17:11:00 EDT", "ExecMainStartTimestampMonotonic": "133478660", "ExecMainStatus": "0", "ExecReload": "{ path=/bin/kill ; argv[]=/bin/kill -HUP $MAINPID ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "ExecStart": "{ path=/usr/sbin/firewalld ; argv[]=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS ; ignore_errors=no ; start_time=[Tue 2022-06-14 17:11:00 EDT] ; stop_time=[n/a] ; pid=20142 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/firewalld.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "firewalld.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestamp": "Tue 2022-06-14 17:11:00 EDT", "InactiveEnterTimestampMonotonic": "133476455", "InactiveExitTimestamp": "Tue 2022-06-14 17:11:00 EDT", "InactiveExitTimestampMonotonic": "133478694", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "mixed", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "7155", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "7155", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "20142", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "firewalld.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "null", "StandardInput": "null", "StandardOutput": "null", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "running", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "enabled", "UnitFileState": "enabled", "WantedBy": "multi-user.target", "Wants": "network-pre.target", "WatchdogTimestamp": "Tue 2022-06-14 17:11:00 EDT", "WatchdogTimestampMonotonic": "133667775", "WatchdogUSec": "0" } } TASK [linux-system-roles.firewall : Check if previous replaced is defined] ***** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:9 Tuesday 14 June 2022 21:11:06 +0000 (0:00:00.661) 0:00:04.802 ********** ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__firewall_previous_replaced": false, "__firewall_python_cmd": "/usr/bin/python" }, "changed": false } TASK [linux-system-roles.firewall : Get config files, checksums before and remove] *** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:18 Tuesday 14 June 2022 21:11:06 +0000 (0:00:00.048) 0:00:04.851 ********** skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [linux-system-roles.firewall : Configure firewall] ************************ task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:40 Tuesday 14 June 2022 21:11:06 +0000 (0:00:00.031) 0:00:04.883 ********** ok: [/cache/rhel-7.qcow2] => (item={'zone': 'internal', 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "state": "enabled", "zone": "internal" } } ok: [/cache/rhel-7.qcow2] => (item={'zone': 'external', 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "state": "enabled", "zone": "external" } } ok: [/cache/rhel-7.qcow2] => (item={'zone': 'trusted', 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "state": "enabled", "zone": "trusted" } } TASK [linux-system-roles.firewall : gather firewalld configuration] ************ task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:69 Tuesday 14 June 2022 21:11:08 +0000 (0:00:01.634) 0:00:06.518 ********** ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "firewalld_config": { "custom": { "helpers": [], "icmptypes": [], "ipsets": [], "services": [], "zones": [] }, "default": { "helpers": [ "Q.931", "RAS", "amanda", "ftp", "h323", "irc", "netbios-ns", "pptp", "proto-gre", "sane", "sip", "snmp", "tftp" ], "icmptypes": [ "address-unreachable", "bad-header", "beyond-scope", "communication-prohibited", "destination-unreachable", "echo-reply", "echo-request", "failed-policy", "fragmentation-needed", "unknown-option", "host-precedence-violation", "host-prohibited", "host-redirect", "host-unknown", "host-unreachable", "ip-header-bad", "neighbour-advertisement", "neighbour-solicitation", "network-prohibited", "network-redirect", "network-unknown", "network-unreachable", "no-route", "packet-too-big", "parameter-problem", "port-unreachable", "precedence-cutoff", "protocol-unreachable", "redirect", "reject-route", "required-option-missing", "router-advertisement", "router-solicitation", "source-quench", "source-route-failed", "time-exceeded", "timestamp-reply", "timestamp-request", "tos-host-redirect", "tos-host-unreachable", "tos-network-redirect", "tos-network-unreachable", "ttl-zero-during-reassembly", "ttl-zero-during-transit", "unknown-header-type" ], "ipsets": [], "services": [ "jenkins", "snmp", "RH-Satellite-6-capsule", "kpasswd", "RH-Satellite-6", "kprop", "amanda-client", "kadmin", "snmptrap", "amanda-k5-client", "pmcd", "amqp", "pmproxy", "amqps", "pmwebapi", "apcupsd", "pmwebapis", "audit", "kshell", "bacula-client", "pop3", "bacula", "pop3s", "bgp", "ldap", "bitcoin-rpc", "kerberos", "squid", "bitcoin-testnet-rpc", "ldaps", "bitcoin-testnet", "postgresql", "bitcoin", "mountd", "ceph-mon", "privoxy", "ceph", "mqtt-tls", "cfengine", "kibana", "ssh", "condor-collector", "proxy-dhcp", "ctdb", "ptp", "dhcp", "mqtt", "dhcpv6-client", "pulseaudio", "dhcpv6", "puppetmaster", "distcc", "quassel", "dns", "ms-wbt", "docker-registry", "mssql", "docker-swarm", "murmur", "dropbox-lansync", "mysql", "elasticsearch", "nfs", "etcd-client", "nfs3", "etcd-server", "radius", "finger", "nmea-0183", "freeipa-ldap", "nrpe", "freeipa-ldaps", "mongodb", "svdrp", "freeipa-replication", "ntp", "freeipa-trust", "redis", "ftp", "nut", "ganglia-client", "openvpn", "ganglia-master", "rpc-bind", "git", "rsh", "gre", "klogin", "svn", "high-availability", "rsyncd", "http", "rtsp", "https", "salt-master", "imap", "samba-client", "imaps", "ovirt-imageio", "ipp-client", "samba-dc", "ipp", "samba", "ipsec", "sane", "irc", "sip", "ircs", "ovirt-storageconsole", "iscsi-target", "sips", "isns", "libvirt-tls", "slp", "libvirt", "mosh", "synergy", "lightning-network", "smtp-submission", "llmnr", "ovirt-vmconsole", "managesieve", "smtp", "matrix", "smtps", "mdns", "plex", "minidlna", "tftp-client", "syslog", "spideroak-lansync", "steam-streaming", "syncthing-gui", "syncthing", "syslog-tls", "telnet", "tftp", "tinc", "tor-socks", "transmission-client", "upnp-client", "vdsm", "vnc-server", "wbem-http", "wbem-https", "wsman", "wsmans", "xdmcp", "xmpp-bosh", "xmpp-client", "xmpp-local", "xmpp-server", "zabbix-agent", "zabbix-server" ], "zones": [ "block", "dmz", "drop", "external", "home", "internal", "public", "trusted", "work" ] } } }, "changed": false } TASK [linux-system-roles.firewall : update firewalld_config fact] ************** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:74 Tuesday 14 June 2022 21:11:08 +0000 (0:00:00.435) 0:00:06.953 ********** ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "firewall_config": { "custom": { "helpers": [], "icmptypes": [], "ipsets": [], "services": [], "zones": [] }, "default": { "helpers": [ "Q.931", "RAS", "amanda", "ftp", "h323", "irc", "netbios-ns", "pptp", "proto-gre", "sane", "sip", "snmp", "tftp" ], "icmptypes": [ "address-unreachable", "bad-header", "beyond-scope", "communication-prohibited", "destination-unreachable", "echo-reply", "echo-request", "failed-policy", "fragmentation-needed", "unknown-option", "host-precedence-violation", "host-prohibited", "host-redirect", "host-unknown", "host-unreachable", "ip-header-bad", "neighbour-advertisement", "neighbour-solicitation", "network-prohibited", "network-redirect", "network-unknown", "network-unreachable", "no-route", "packet-too-big", "parameter-problem", "port-unreachable", "precedence-cutoff", "protocol-unreachable", "redirect", "reject-route", "required-option-missing", "router-advertisement", "router-solicitation", "source-quench", "source-route-failed", "time-exceeded", "timestamp-reply", "timestamp-request", "tos-host-redirect", "tos-host-unreachable", "tos-network-redirect", "tos-network-unreachable", "ttl-zero-during-reassembly", "ttl-zero-during-transit", "unknown-header-type" ], "ipsets": [], "services": [ "jenkins", "snmp", "RH-Satellite-6-capsule", "kpasswd", "RH-Satellite-6", "kprop", "amanda-client", "kadmin", "snmptrap", "amanda-k5-client", "pmcd", "amqp", "pmproxy", "amqps", "pmwebapi", "apcupsd", "pmwebapis", "audit", "kshell", "bacula-client", "pop3", "bacula", "pop3s", "bgp", "ldap", "bitcoin-rpc", "kerberos", "squid", "bitcoin-testnet-rpc", "ldaps", "bitcoin-testnet", "postgresql", "bitcoin", "mountd", "ceph-mon", "privoxy", "ceph", "mqtt-tls", "cfengine", "kibana", "ssh", "condor-collector", "proxy-dhcp", "ctdb", "ptp", "dhcp", "mqtt", "dhcpv6-client", "pulseaudio", "dhcpv6", "puppetmaster", "distcc", "quassel", "dns", "ms-wbt", "docker-registry", "mssql", "docker-swarm", "murmur", "dropbox-lansync", "mysql", "elasticsearch", "nfs", "etcd-client", "nfs3", "etcd-server", "radius", "finger", "nmea-0183", "freeipa-ldap", "nrpe", "freeipa-ldaps", "mongodb", "svdrp", "freeipa-replication", "ntp", "freeipa-trust", "redis", "ftp", "nut", "ganglia-client", "openvpn", "ganglia-master", "rpc-bind", "git", "rsh", "gre", "klogin", "svn", "high-availability", "rsyncd", "http", "rtsp", "https", "salt-master", "imap", "samba-client", "imaps", "ovirt-imageio", "ipp-client", "samba-dc", "ipp", "samba", "ipsec", "sane", "irc", "sip", "ircs", "ovirt-storageconsole", "iscsi-target", "sips", "isns", "libvirt-tls", "slp", "libvirt", "mosh", "synergy", "lightning-network", "smtp-submission", "llmnr", "ovirt-vmconsole", "managesieve", "smtp", "matrix", "smtps", "mdns", "plex", "minidlna", "tftp-client", "syslog", "spideroak-lansync", "steam-streaming", "syncthing-gui", "syncthing", "syslog-tls", "telnet", "tftp", "tinc", "tor-socks", "transmission-client", "upnp-client", "vdsm", "vnc-server", "wbem-http", "wbem-https", "wsman", "wsmans", "xdmcp", "xmpp-bosh", "xmpp-client", "xmpp-local", "xmpp-server", "zabbix-agent", "zabbix-server" ], "zones": [ "block", "dmz", "drop", "external", "home", "internal", "public", "trusted", "work" ] } } }, "changed": false } TASK [linux-system-roles.firewall : Get config files, checksums after] ********* task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:82 Tuesday 14 June 2022 21:11:08 +0000 (0:00:00.048) 0:00:07.001 ********** skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [linux-system-roles.firewall : Calculate what has changed] **************** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:90 Tuesday 14 June 2022 21:11:08 +0000 (0:00:00.032) 0:00:07.034 ********** skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [linux-system-roles.firewall : Show diffs] ******************************** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:99 Tuesday 14 June 2022 21:11:08 +0000 (0:00:00.032) 0:00:07.066 ********** skipping: [/cache/rhel-7.qcow2] => {} META: role_complete for /cache/rhel-7.qcow2 TASK [Fail on missing zones] *************************************************** task path: /tmp/tmpqqlptjhy/tests/tests_zone.yml:22 Tuesday 14 June 2022 21:11:08 +0000 (0:00:00.046) 0:00:07.112 ********** skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Setup firewalld] ********************************************************* task path: /tmp/tmpqqlptjhy/tests/tests_zone.yml:28 Tuesday 14 June 2022 21:11:08 +0000 (0:00:00.037) 0:00:07.150 ********** TASK [linux-system-roles.firewall : include_tasks] ***************************** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:1 Tuesday 14 June 2022 21:11:08 +0000 (0:00:00.053) 0:00:07.204 ********** included: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/firewalld.yml for /cache/rhel-7.qcow2 TASK [linux-system-roles.firewall : Ensure ansible_facts used by role] ********* task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/firewalld.yml:2 Tuesday 14 June 2022 21:11:09 +0000 (0:00:00.042) 0:00:07.246 ********** ok: [/cache/rhel-7.qcow2] TASK [linux-system-roles.firewall : Install firewalld] ************************* task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/firewalld.yml:8 Tuesday 14 June 2022 21:11:09 +0000 (0:00:00.440) 0:00:07.686 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "firewalld-0.6.3-13.el7_9.noarch providing firewalld is already installed" ] } TASK [linux-system-roles.firewall : Install python-firewall] ******************* task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/firewalld.yml:13 Tuesday 14 June 2022 21:11:10 +0000 (0:00:00.553) 0:00:08.240 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "python-firewall-0.6.3-13.el7_9.noarch providing python-firewall is already installed" ] } TASK [linux-system-roles.firewall : Install python3-firewall] ****************** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/firewalld.yml:19 Tuesday 14 June 2022 21:11:10 +0000 (0:00:00.562) 0:00:08.803 ********** skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [linux-system-roles.firewall : Enable and start firewalld service] ******** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:3 Tuesday 14 June 2022 21:11:10 +0000 (0:00:00.040) 0:00:08.844 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "enabled": true, "name": "firewalld", "state": "started", "status": { "ActiveEnterTimestamp": "Tue 2022-06-14 17:11:00 EDT", "ActiveEnterTimestampMonotonic": "133667837", "ActiveExitTimestamp": "Tue 2022-06-14 17:10:59 EDT", "ActiveExitTimestampMonotonic": "132710101", "ActiveState": "active", "After": "dbus.service basic.target system.slice polkit.service", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "yes", "AssertTimestamp": "Tue 2022-06-14 17:11:00 EDT", "AssertTimestampMonotonic": "133477647", "Before": "multi-user.target network-pre.target shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedoraproject.FirewallD1", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "yes", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "yes", "ConditionTimestamp": "Tue 2022-06-14 17:11:00 EDT", "ConditionTimestampMonotonic": "133477647", "Conflicts": "iptables.service ipset.service ebtables.service shutdown.target ip6tables.service", "ControlGroup": "/system.slice/firewalld.service", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "firewalld - dynamic firewall daemon", "DevicePolicy": "auto", "Documentation": "man:firewalld(1)", "EnvironmentFile": "/etc/sysconfig/firewalld (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "20142", "ExecMainStartTimestamp": "Tue 2022-06-14 17:11:00 EDT", "ExecMainStartTimestampMonotonic": "133478660", "ExecMainStatus": "0", "ExecReload": "{ path=/bin/kill ; argv[]=/bin/kill -HUP $MAINPID ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "ExecStart": "{ path=/usr/sbin/firewalld ; argv[]=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS ; ignore_errors=no ; start_time=[Tue 2022-06-14 17:11:00 EDT] ; stop_time=[n/a] ; pid=20142 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/firewalld.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "firewalld.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestamp": "Tue 2022-06-14 17:11:00 EDT", "InactiveEnterTimestampMonotonic": "133476455", "InactiveExitTimestamp": "Tue 2022-06-14 17:11:00 EDT", "InactiveExitTimestampMonotonic": "133478694", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "mixed", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "7155", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "7155", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "20142", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "firewalld.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "null", "StandardInput": "null", "StandardOutput": "null", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "running", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "enabled", "UnitFileState": "enabled", "WantedBy": "multi-user.target", "Wants": "network-pre.target", "WatchdogTimestamp": "Tue 2022-06-14 17:11:00 EDT", "WatchdogTimestampMonotonic": "133667775", "WatchdogUSec": "0" } } TASK [linux-system-roles.firewall : Check if previous replaced is defined] ***** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:9 Tuesday 14 June 2022 21:11:11 +0000 (0:00:00.398) 0:00:09.242 ********** ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__firewall_previous_replaced": true, "__firewall_python_cmd": "/usr/bin/python" }, "changed": false } TASK [linux-system-roles.firewall : Get config files, checksums before and remove] *** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:18 Tuesday 14 June 2022 21:11:11 +0000 (0:00:00.051) 0:00:09.293 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0 } STDOUT: /etc/profile.d/lang.sh: line 19: warning: setlocale: LC_CTYPE: cannot change locale (C.UTF-8) STDERR: Shared connection to 127.0.0.3 closed. TASK [linux-system-roles.firewall : Configure firewall] ************************ task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:40 Tuesday 14 June 2022 21:11:11 +0000 (0:00:00.226) 0:00:09.520 ********** ok: [/cache/rhel-7.qcow2] => (item={'zone': 'internal', 'service': ['tftp', 'ftp'], 'port': ['443/tcp', '443/udp'], 'forward_port': ['447/tcp;;1.2.3.4', '448/tcp;;1.2.3.5'], 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "forward_port": [ "447/tcp;;1.2.3.4", "448/tcp;;1.2.3.5" ], "port": [ "443/tcp", "443/udp" ], "service": [ "tftp", "ftp" ], "state": "enabled", "zone": "internal" } } ok: [/cache/rhel-7.qcow2] => (item={'zone': 'internal', 'service': ['tftp', 'ftp'], 'port': ['443/tcp', '443/udp'], 'forward_port': ['447/tcp;;1.2.3.4', '448/tcp;;1.2.3.5'], 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "forward_port": [ "447/tcp;;1.2.3.4", "448/tcp;;1.2.3.5" ], "port": [ "443/tcp", "443/udp" ], "service": [ "tftp", "ftp" ], "state": "enabled", "zone": "internal" } } ok: [/cache/rhel-7.qcow2] => (item={'zone': 'customzone', 'permanent': True, 'state': 'present'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "permanent": true, "state": "present", "zone": "customzone" } } ok: [/cache/rhel-7.qcow2] => (item={'zone': 'customzone', 'permanent': True, 'masquerade': True, 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "masquerade": true, "permanent": true, "state": "enabled", "zone": "customzone" } } ok: [/cache/rhel-7.qcow2] => (item={'set_default_zone': 'dmz', 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "set_default_zone": "dmz", "state": "enabled" } } ok: [/cache/rhel-7.qcow2] => (item={'service': 'http', 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "service": "http", "state": "enabled" } } TASK [linux-system-roles.firewall : gather firewalld configuration] ************ task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:69 Tuesday 14 June 2022 21:11:14 +0000 (0:00:03.275) 0:00:12.796 ********** ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "firewalld_config": { "custom": { "helpers": [], "icmptypes": [], "ipsets": [], "services": [], "zones": [ "internal", "customzone", "public", "dmz" ] }, "default": { "helpers": [ "Q.931", "RAS", "amanda", "ftp", "h323", "irc", "netbios-ns", "pptp", "proto-gre", "sane", "sip", "snmp", "tftp" ], "icmptypes": [ "address-unreachable", "bad-header", "beyond-scope", "communication-prohibited", "destination-unreachable", "echo-reply", "echo-request", "failed-policy", "fragmentation-needed", "unknown-option", "host-precedence-violation", "host-prohibited", "host-redirect", "host-unknown", "host-unreachable", "ip-header-bad", "neighbour-advertisement", "neighbour-solicitation", "network-prohibited", "network-redirect", "network-unknown", "network-unreachable", "no-route", "packet-too-big", "parameter-problem", "port-unreachable", "precedence-cutoff", "protocol-unreachable", "redirect", "reject-route", "required-option-missing", "router-advertisement", "router-solicitation", "source-quench", "source-route-failed", "time-exceeded", "timestamp-reply", "timestamp-request", "tos-host-redirect", "tos-host-unreachable", "tos-network-redirect", "tos-network-unreachable", "ttl-zero-during-reassembly", "ttl-zero-during-transit", "unknown-header-type" ], "ipsets": [], "services": [ "jenkins", "snmp", "RH-Satellite-6-capsule", "kpasswd", "RH-Satellite-6", "kprop", "amanda-client", "kadmin", "snmptrap", "amanda-k5-client", "pmcd", "amqp", "pmproxy", "amqps", "pmwebapi", "apcupsd", "pmwebapis", "audit", "kshell", "bacula-client", "pop3", "bacula", "pop3s", "bgp", "ldap", "bitcoin-rpc", "kerberos", "squid", "bitcoin-testnet-rpc", "ldaps", "bitcoin-testnet", "postgresql", "bitcoin", "mountd", "ceph-mon", "privoxy", "ceph", "mqtt-tls", "cfengine", "kibana", "ssh", "condor-collector", "proxy-dhcp", "ctdb", "ptp", "dhcp", "mqtt", "dhcpv6-client", "pulseaudio", "dhcpv6", "puppetmaster", "distcc", "quassel", "dns", "ms-wbt", "docker-registry", "mssql", "docker-swarm", "murmur", "dropbox-lansync", "mysql", "elasticsearch", "nfs", "etcd-client", "nfs3", "etcd-server", "radius", "finger", "nmea-0183", "freeipa-ldap", "nrpe", "freeipa-ldaps", "mongodb", "svdrp", "freeipa-replication", "ntp", "freeipa-trust", "redis", "ftp", "nut", "ganglia-client", "openvpn", "ganglia-master", "rpc-bind", "git", "rsh", "gre", "klogin", "svn", "high-availability", "rsyncd", "http", "rtsp", "https", "salt-master", "imap", "samba-client", "imaps", "ovirt-imageio", "ipp-client", "samba-dc", "ipp", "samba", "ipsec", "sane", "irc", "sip", "ircs", "ovirt-storageconsole", "iscsi-target", "sips", "isns", "libvirt-tls", "slp", "libvirt", "mosh", "synergy", "lightning-network", "smtp-submission", "llmnr", "ovirt-vmconsole", "managesieve", "smtp", "matrix", "smtps", "mdns", "plex", "minidlna", "tftp-client", "syslog", "spideroak-lansync", "steam-streaming", "syncthing-gui", "syncthing", "syslog-tls", "telnet", "tftp", "tinc", "tor-socks", "transmission-client", "upnp-client", "vdsm", "vnc-server", "wbem-http", "wbem-https", "wsman", "wsmans", "xdmcp", "xmpp-bosh", "xmpp-client", "xmpp-local", "xmpp-server", "zabbix-agent", "zabbix-server" ], "zones": [ "block", "dmz", "drop", "external", "home", "internal", "public", "trusted", "work" ] } } }, "changed": false } TASK [linux-system-roles.firewall : update firewalld_config fact] ************** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:74 Tuesday 14 June 2022 21:11:14 +0000 (0:00:00.341) 0:00:13.137 ********** ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "firewall_config": { "custom": { "helpers": [], "icmptypes": [], "ipsets": [], "services": [], "zones": [ "internal", "customzone", "public", "dmz" ] }, "default": { "helpers": [ "Q.931", "RAS", "amanda", "ftp", "h323", "irc", "netbios-ns", "pptp", "proto-gre", "sane", "sip", "snmp", "tftp" ], "icmptypes": [ "address-unreachable", "bad-header", "beyond-scope", "communication-prohibited", "destination-unreachable", "echo-reply", "echo-request", "failed-policy", "fragmentation-needed", "unknown-option", "host-precedence-violation", "host-prohibited", "host-redirect", "host-unknown", "host-unreachable", "ip-header-bad", "neighbour-advertisement", "neighbour-solicitation", "network-prohibited", "network-redirect", "network-unknown", "network-unreachable", "no-route", "packet-too-big", "parameter-problem", "port-unreachable", "precedence-cutoff", "protocol-unreachable", "redirect", "reject-route", "required-option-missing", "router-advertisement", "router-solicitation", "source-quench", "source-route-failed", "time-exceeded", "timestamp-reply", "timestamp-request", "tos-host-redirect", "tos-host-unreachable", "tos-network-redirect", "tos-network-unreachable", "ttl-zero-during-reassembly", "ttl-zero-during-transit", "unknown-header-type" ], "ipsets": [], "services": [ "jenkins", "snmp", "RH-Satellite-6-capsule", "kpasswd", "RH-Satellite-6", "kprop", "amanda-client", "kadmin", "snmptrap", "amanda-k5-client", "pmcd", "amqp", "pmproxy", "amqps", "pmwebapi", "apcupsd", "pmwebapis", "audit", "kshell", "bacula-client", "pop3", "bacula", "pop3s", "bgp", "ldap", "bitcoin-rpc", "kerberos", "squid", "bitcoin-testnet-rpc", "ldaps", "bitcoin-testnet", "postgresql", "bitcoin", "mountd", "ceph-mon", "privoxy", "ceph", "mqtt-tls", "cfengine", "kibana", "ssh", "condor-collector", "proxy-dhcp", "ctdb", "ptp", "dhcp", "mqtt", "dhcpv6-client", "pulseaudio", "dhcpv6", "puppetmaster", "distcc", "quassel", "dns", "ms-wbt", "docker-registry", "mssql", "docker-swarm", "murmur", "dropbox-lansync", "mysql", "elasticsearch", "nfs", "etcd-client", "nfs3", "etcd-server", "radius", "finger", "nmea-0183", "freeipa-ldap", "nrpe", "freeipa-ldaps", "mongodb", "svdrp", "freeipa-replication", "ntp", "freeipa-trust", "redis", "ftp", "nut", "ganglia-client", "openvpn", "ganglia-master", "rpc-bind", "git", "rsh", "gre", "klogin", "svn", "high-availability", "rsyncd", "http", "rtsp", "https", "salt-master", "imap", "samba-client", "imaps", "ovirt-imageio", "ipp-client", "samba-dc", "ipp", "samba", "ipsec", "sane", "irc", "sip", "ircs", "ovirt-storageconsole", "iscsi-target", "sips", "isns", "libvirt-tls", "slp", "libvirt", "mosh", "synergy", "lightning-network", "smtp-submission", "llmnr", "ovirt-vmconsole", "managesieve", "smtp", "matrix", "smtps", "mdns", "plex", "minidlna", "tftp-client", "syslog", "spideroak-lansync", "steam-streaming", "syncthing-gui", "syncthing", "syslog-tls", "telnet", "tftp", "tinc", "tor-socks", "transmission-client", "upnp-client", "vdsm", "vnc-server", "wbem-http", "wbem-https", "wsman", "wsmans", "xdmcp", "xmpp-bosh", "xmpp-client", "xmpp-local", "xmpp-server", "zabbix-agent", "zabbix-server" ], "zones": [ "block", "dmz", "drop", "external", "home", "internal", "public", "trusted", "work" ] } } }, "changed": false } TASK [linux-system-roles.firewall : Get config files, checksums after] ********* task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:82 Tuesday 14 June 2022 21:11:14 +0000 (0:00:00.051) 0:00:13.188 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0 } STDOUT: /etc/profile.d/lang.sh: line 19: warning: setlocale: LC_CTYPE: cannot change locale (C.UTF-8) e2b071ca9b919b8fd60a4fe1e00e4f792ec2245359e8c48027020970791176d1 /etc/firewalld/zones/internal.xml 610e6e9bafe289c126adb751e772cd0224012f12738a8b8011454b1da8865c18 /etc/firewalld/zones/customzone.xml 1fbd6fcd1ca29e4438f7c982e2b9d595a93b93c1f9bdfbbf18745493df02e13e /etc/firewalld/zones/public.xml df2e066f9b8c0677c4887aa9a7032c4f94480408ff740036d98e648d11dd84c5 /etc/firewalld/zones/dmz.xml 958dce439fe299ce0b0fdb10c4c18412269fbab3f09660e4b210962728554953 /etc/firewalld/firewalld.conf STDERR: Shared connection to 127.0.0.3 closed. TASK [linux-system-roles.firewall : Calculate what has changed] **************** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:90 Tuesday 14 June 2022 21:11:15 +0000 (0:00:00.280) 0:00:13.469 ********** changed: [/cache/rhel-7.qcow2] => { "ansible_facts": { "firewall_lib_result": { "changed": true } }, "changed": true } TASK [linux-system-roles.firewall : Show diffs] ******************************** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:99 Tuesday 14 June 2022 21:11:15 +0000 (0:00:00.049) 0:00:13.519 ********** skipping: [/cache/rhel-7.qcow2] => {} META: role_complete for /cache/rhel-7.qcow2 TASK [Fail if no changes are done] ********************************************* task path: /tmp/tmpqqlptjhy/tests/tests_zone.yml:58 Tuesday 14 June 2022 21:11:15 +0000 (0:00:00.043) 0:00:13.563 ********** skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Setup firewalld again] *************************************************** task path: /tmp/tmpqqlptjhy/tests/tests_zone.yml:64 Tuesday 14 June 2022 21:11:15 +0000 (0:00:00.035) 0:00:13.599 ********** TASK [linux-system-roles.firewall : include_tasks] ***************************** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:1 Tuesday 14 June 2022 21:11:15 +0000 (0:00:00.056) 0:00:13.655 ********** included: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/firewalld.yml for /cache/rhel-7.qcow2 TASK [linux-system-roles.firewall : Ensure ansible_facts used by role] ********* task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/firewalld.yml:2 Tuesday 14 June 2022 21:11:15 +0000 (0:00:00.044) 0:00:13.700 ********** ok: [/cache/rhel-7.qcow2] TASK [linux-system-roles.firewall : Install firewalld] ************************* task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/firewalld.yml:8 Tuesday 14 June 2022 21:11:15 +0000 (0:00:00.425) 0:00:14.125 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "firewalld-0.6.3-13.el7_9.noarch providing firewalld is already installed" ] } TASK [linux-system-roles.firewall : Install python-firewall] ******************* task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/firewalld.yml:13 Tuesday 14 June 2022 21:11:16 +0000 (0:00:00.529) 0:00:14.655 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "python-firewall-0.6.3-13.el7_9.noarch providing python-firewall is already installed" ] } TASK [linux-system-roles.firewall : Install python3-firewall] ****************** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/firewalld.yml:19 Tuesday 14 June 2022 21:11:16 +0000 (0:00:00.539) 0:00:15.194 ********** skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [linux-system-roles.firewall : Enable and start firewalld service] ******** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:3 Tuesday 14 June 2022 21:11:17 +0000 (0:00:00.045) 0:00:15.240 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "enabled": true, "name": "firewalld", "state": "started", "status": { "ActiveEnterTimestamp": "Tue 2022-06-14 17:11:00 EDT", "ActiveEnterTimestampMonotonic": "133667837", "ActiveExitTimestamp": "Tue 2022-06-14 17:10:59 EDT", "ActiveExitTimestampMonotonic": "132710101", "ActiveState": "active", "After": "dbus.service basic.target system.slice polkit.service", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "yes", "AssertTimestamp": "Tue 2022-06-14 17:11:00 EDT", "AssertTimestampMonotonic": "133477647", "Before": "multi-user.target network-pre.target shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedoraproject.FirewallD1", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "yes", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "yes", "ConditionTimestamp": "Tue 2022-06-14 17:11:00 EDT", "ConditionTimestampMonotonic": "133477647", "Conflicts": "iptables.service ipset.service ebtables.service shutdown.target ip6tables.service", "ControlGroup": "/system.slice/firewalld.service", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "firewalld - dynamic firewall daemon", "DevicePolicy": "auto", "Documentation": "man:firewalld(1)", "EnvironmentFile": "/etc/sysconfig/firewalld (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "20142", "ExecMainStartTimestamp": "Tue 2022-06-14 17:11:00 EDT", "ExecMainStartTimestampMonotonic": "133478660", "ExecMainStatus": "0", "ExecReload": "{ path=/bin/kill ; argv[]=/bin/kill -HUP $MAINPID ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "ExecStart": "{ path=/usr/sbin/firewalld ; argv[]=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS ; ignore_errors=no ; start_time=[Tue 2022-06-14 17:11:00 EDT] ; stop_time=[n/a] ; pid=20142 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/firewalld.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "firewalld.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestamp": "Tue 2022-06-14 17:11:00 EDT", "InactiveEnterTimestampMonotonic": "133476455", "InactiveExitTimestamp": "Tue 2022-06-14 17:11:00 EDT", "InactiveExitTimestampMonotonic": "133478694", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "mixed", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "7155", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "7155", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "20142", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "firewalld.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "null", "StandardInput": "null", "StandardOutput": "null", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "running", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "enabled", "UnitFileState": "enabled", "WantedBy": "multi-user.target", "Wants": "network-pre.target", "WatchdogTimestamp": "Tue 2022-06-14 17:11:00 EDT", "WatchdogTimestampMonotonic": "133667775", "WatchdogUSec": "0" } } TASK [linux-system-roles.firewall : Check if previous replaced is defined] ***** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:9 Tuesday 14 June 2022 21:11:17 +0000 (0:00:00.417) 0:00:15.657 ********** ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__firewall_previous_replaced": true, "__firewall_python_cmd": "/usr/bin/python" }, "changed": false } TASK [linux-system-roles.firewall : Get config files, checksums before and remove] *** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:18 Tuesday 14 June 2022 21:11:17 +0000 (0:00:00.050) 0:00:15.707 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0 } STDOUT: /etc/profile.d/lang.sh: line 19: warning: setlocale: LC_CTYPE: cannot change locale (C.UTF-8) e2b071ca9b919b8fd60a4fe1e00e4f792ec2245359e8c48027020970791176d1 /etc/firewalld/zones/internal.xml 610e6e9bafe289c126adb751e772cd0224012f12738a8b8011454b1da8865c18 /etc/firewalld/zones/customzone.xml 1fbd6fcd1ca29e4438f7c982e2b9d595a93b93c1f9bdfbbf18745493df02e13e /etc/firewalld/zones/public.xml df2e066f9b8c0677c4887aa9a7032c4f94480408ff740036d98e648d11dd84c5 /etc/firewalld/zones/dmz.xml 958dce439fe299ce0b0fdb10c4c18412269fbab3f09660e4b210962728554953 /etc/firewalld/firewalld.conf STDERR: Shared connection to 127.0.0.3 closed. TASK [linux-system-roles.firewall : Configure firewall] ************************ task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:40 Tuesday 14 June 2022 21:11:18 +0000 (0:00:01.300) 0:00:17.008 ********** ok: [/cache/rhel-7.qcow2] => (item={'zone': 'internal', 'service': ['tftp', 'ftp'], 'port': ['443/tcp', '443/udp'], 'forward_port': ['447/tcp;;1.2.3.4', '448/tcp;;1.2.3.5'], 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "forward_port": [ "447/tcp;;1.2.3.4", "448/tcp;;1.2.3.5" ], "port": [ "443/tcp", "443/udp" ], "service": [ "tftp", "ftp" ], "state": "enabled", "zone": "internal" } } ok: [/cache/rhel-7.qcow2] => (item={'zone': 'internal', 'service': ['tftp', 'ftp'], 'port': ['443/tcp', '443/udp'], 'forward_port': ['447/tcp;;1.2.3.4', '448/tcp;;1.2.3.5'], 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "forward_port": [ "447/tcp;;1.2.3.4", "448/tcp;;1.2.3.5" ], "port": [ "443/tcp", "443/udp" ], "service": [ "tftp", "ftp" ], "state": "enabled", "zone": "internal" } } ok: [/cache/rhel-7.qcow2] => (item={'zone': 'customzone', 'permanent': True, 'state': 'present'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "permanent": true, "state": "present", "zone": "customzone" } } ok: [/cache/rhel-7.qcow2] => (item={'zone': 'customzone', 'permanent': True, 'masquerade': True, 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "masquerade": true, "permanent": true, "state": "enabled", "zone": "customzone" } } ok: [/cache/rhel-7.qcow2] => (item={'set_default_zone': 'dmz', 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "set_default_zone": "dmz", "state": "enabled" } } ok: [/cache/rhel-7.qcow2] => (item={'service': 'http', 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "service": "http", "state": "enabled" } } TASK [linux-system-roles.firewall : gather firewalld configuration] ************ task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:69 Tuesday 14 June 2022 21:11:22 +0000 (0:00:03.395) 0:00:20.404 ********** ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "firewalld_config": { "custom": { "helpers": [], "icmptypes": [], "ipsets": [], "services": [], "zones": [ "internal", "customzone", "public", "dmz" ] }, "default": { "helpers": [ "Q.931", "RAS", "amanda", "ftp", "h323", "irc", "netbios-ns", "pptp", "proto-gre", "sane", "sip", "snmp", "tftp" ], "icmptypes": [ "address-unreachable", "bad-header", "beyond-scope", "communication-prohibited", "destination-unreachable", "echo-reply", "echo-request", "failed-policy", "fragmentation-needed", "unknown-option", "host-precedence-violation", "host-prohibited", "host-redirect", "host-unknown", "host-unreachable", "ip-header-bad", "neighbour-advertisement", "neighbour-solicitation", "network-prohibited", "network-redirect", "network-unknown", "network-unreachable", "no-route", "packet-too-big", "parameter-problem", "port-unreachable", "precedence-cutoff", "protocol-unreachable", "redirect", "reject-route", "required-option-missing", "router-advertisement", "router-solicitation", "source-quench", "source-route-failed", "time-exceeded", "timestamp-reply", "timestamp-request", "tos-host-redirect", "tos-host-unreachable", "tos-network-redirect", "tos-network-unreachable", "ttl-zero-during-reassembly", "ttl-zero-during-transit", "unknown-header-type" ], "ipsets": [], "services": [ "jenkins", "snmp", "RH-Satellite-6-capsule", "kpasswd", "RH-Satellite-6", "kprop", "amanda-client", "kadmin", "snmptrap", "amanda-k5-client", "pmcd", "amqp", "pmproxy", "amqps", "pmwebapi", "apcupsd", "pmwebapis", "audit", "kshell", "bacula-client", "pop3", "bacula", "pop3s", "bgp", "ldap", "bitcoin-rpc", "kerberos", "squid", "bitcoin-testnet-rpc", "ldaps", "bitcoin-testnet", "postgresql", "bitcoin", "mountd", "ceph-mon", "privoxy", "ceph", "mqtt-tls", "cfengine", "kibana", "ssh", "condor-collector", "proxy-dhcp", "ctdb", "ptp", "dhcp", "mqtt", "dhcpv6-client", "pulseaudio", "dhcpv6", "puppetmaster", "distcc", "quassel", "dns", "ms-wbt", "docker-registry", "mssql", "docker-swarm", "murmur", "dropbox-lansync", "mysql", "elasticsearch", "nfs", "etcd-client", "nfs3", "etcd-server", "radius", "finger", "nmea-0183", "freeipa-ldap", "nrpe", "freeipa-ldaps", "mongodb", "svdrp", "freeipa-replication", "ntp", "freeipa-trust", "redis", "ftp", "nut", "ganglia-client", "openvpn", "ganglia-master", "rpc-bind", "git", "rsh", "gre", "klogin", "svn", "high-availability", "rsyncd", "http", "rtsp", "https", "salt-master", "imap", "samba-client", "imaps", "ovirt-imageio", "ipp-client", "samba-dc", "ipp", "samba", "ipsec", "sane", "irc", "sip", "ircs", "ovirt-storageconsole", "iscsi-target", "sips", "isns", "libvirt-tls", "slp", "libvirt", "mosh", "synergy", "lightning-network", "smtp-submission", "llmnr", "ovirt-vmconsole", "managesieve", "smtp", "matrix", "smtps", "mdns", "plex", "minidlna", "tftp-client", "syslog", "spideroak-lansync", "steam-streaming", "syncthing-gui", "syncthing", "syslog-tls", "telnet", "tftp", "tinc", "tor-socks", "transmission-client", "upnp-client", "vdsm", "vnc-server", "wbem-http", "wbem-https", "wsman", "wsmans", "xdmcp", "xmpp-bosh", "xmpp-client", "xmpp-local", "xmpp-server", "zabbix-agent", "zabbix-server" ], "zones": [ "block", "dmz", "drop", "external", "home", "internal", "public", "trusted", "work" ] } } }, "changed": false } TASK [linux-system-roles.firewall : update firewalld_config fact] ************** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:74 Tuesday 14 June 2022 21:11:22 +0000 (0:00:00.337) 0:00:20.741 ********** ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "firewall_config": { "custom": { "helpers": [], "icmptypes": [], "ipsets": [], "services": [], "zones": [ "internal", "customzone", "public", "dmz" ] }, "default": { "helpers": [ "Q.931", "RAS", "amanda", "ftp", "h323", "irc", "netbios-ns", "pptp", "proto-gre", "sane", "sip", "snmp", "tftp" ], "icmptypes": [ "address-unreachable", "bad-header", "beyond-scope", "communication-prohibited", "destination-unreachable", "echo-reply", "echo-request", "failed-policy", "fragmentation-needed", "unknown-option", "host-precedence-violation", "host-prohibited", "host-redirect", "host-unknown", "host-unreachable", "ip-header-bad", "neighbour-advertisement", "neighbour-solicitation", "network-prohibited", "network-redirect", "network-unknown", "network-unreachable", "no-route", "packet-too-big", "parameter-problem", "port-unreachable", "precedence-cutoff", "protocol-unreachable", "redirect", "reject-route", "required-option-missing", "router-advertisement", "router-solicitation", "source-quench", "source-route-failed", "time-exceeded", "timestamp-reply", "timestamp-request", "tos-host-redirect", "tos-host-unreachable", "tos-network-redirect", "tos-network-unreachable", "ttl-zero-during-reassembly", "ttl-zero-during-transit", "unknown-header-type" ], "ipsets": [], "services": [ "jenkins", "snmp", "RH-Satellite-6-capsule", "kpasswd", "RH-Satellite-6", "kprop", "amanda-client", "kadmin", "snmptrap", "amanda-k5-client", "pmcd", "amqp", "pmproxy", "amqps", "pmwebapi", "apcupsd", "pmwebapis", "audit", "kshell", "bacula-client", "pop3", "bacula", "pop3s", "bgp", "ldap", "bitcoin-rpc", "kerberos", "squid", "bitcoin-testnet-rpc", "ldaps", "bitcoin-testnet", "postgresql", "bitcoin", "mountd", "ceph-mon", "privoxy", "ceph", "mqtt-tls", "cfengine", "kibana", "ssh", "condor-collector", "proxy-dhcp", "ctdb", "ptp", "dhcp", "mqtt", "dhcpv6-client", "pulseaudio", "dhcpv6", "puppetmaster", "distcc", "quassel", "dns", "ms-wbt", "docker-registry", "mssql", "docker-swarm", "murmur", "dropbox-lansync", "mysql", "elasticsearch", "nfs", "etcd-client", "nfs3", "etcd-server", "radius", "finger", "nmea-0183", "freeipa-ldap", "nrpe", "freeipa-ldaps", "mongodb", "svdrp", "freeipa-replication", "ntp", "freeipa-trust", "redis", "ftp", "nut", "ganglia-client", "openvpn", "ganglia-master", "rpc-bind", "git", "rsh", "gre", "klogin", "svn", "high-availability", "rsyncd", "http", "rtsp", "https", "salt-master", "imap", "samba-client", "imaps", "ovirt-imageio", "ipp-client", "samba-dc", "ipp", "samba", "ipsec", "sane", "irc", "sip", "ircs", "ovirt-storageconsole", "iscsi-target", "sips", "isns", "libvirt-tls", "slp", "libvirt", "mosh", "synergy", "lightning-network", "smtp-submission", "llmnr", "ovirt-vmconsole", "managesieve", "smtp", "matrix", "smtps", "mdns", "plex", "minidlna", "tftp-client", "syslog", "spideroak-lansync", "steam-streaming", "syncthing-gui", "syncthing", "syslog-tls", "telnet", "tftp", "tinc", "tor-socks", "transmission-client", "upnp-client", "vdsm", "vnc-server", "wbem-http", "wbem-https", "wsman", "wsmans", "xdmcp", "xmpp-bosh", "xmpp-client", "xmpp-local", "xmpp-server", "zabbix-agent", "zabbix-server" ], "zones": [ "block", "dmz", "drop", "external", "home", "internal", "public", "trusted", "work" ] } } }, "changed": false } TASK [linux-system-roles.firewall : Get config files, checksums after] ********* task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:82 Tuesday 14 June 2022 21:11:22 +0000 (0:00:00.079) 0:00:20.821 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0 } STDOUT: /etc/profile.d/lang.sh: line 19: warning: setlocale: LC_CTYPE: cannot change locale (C.UTF-8) e2b071ca9b919b8fd60a4fe1e00e4f792ec2245359e8c48027020970791176d1 /etc/firewalld/zones/internal.xml 610e6e9bafe289c126adb751e772cd0224012f12738a8b8011454b1da8865c18 /etc/firewalld/zones/customzone.xml 1fbd6fcd1ca29e4438f7c982e2b9d595a93b93c1f9bdfbbf18745493df02e13e /etc/firewalld/zones/public.xml df2e066f9b8c0677c4887aa9a7032c4f94480408ff740036d98e648d11dd84c5 /etc/firewalld/zones/dmz.xml 958dce439fe299ce0b0fdb10c4c18412269fbab3f09660e4b210962728554953 /etc/firewalld/firewalld.conf STDERR: Shared connection to 127.0.0.3 closed. TASK [linux-system-roles.firewall : Calculate what has changed] **************** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:90 Tuesday 14 June 2022 21:11:22 +0000 (0:00:00.285) 0:00:21.106 ********** ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "firewall_lib_result": { "changed": false } }, "changed": false } TASK [linux-system-roles.firewall : Show diffs] ******************************** task path: /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:99 Tuesday 14 June 2022 21:11:22 +0000 (0:00:00.080) 0:00:21.186 ********** skipping: [/cache/rhel-7.qcow2] => {} META: role_complete for /cache/rhel-7.qcow2 TASK [Fail on newly changes] *************************************************** task path: /tmp/tmpqqlptjhy/tests/tests_zone.yml:94 Tuesday 14 June 2022 21:11:22 +0000 (0:00:00.042) 0:00:21.229 ********** skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Verify firewalld zone internal services] ********************************* task path: /tmp/tmpqqlptjhy/tests/tests_zone.yml:100 Tuesday 14 June 2022 21:11:23 +0000 (0:00:00.031) 0:00:21.260 ********** changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "firewall-cmd", "--permanent", "--zone=internal", "--list-services" ], "delta": "0:00:00.270509", "end": "2022-06-14 17:11:23.430599", "failed_when_result": false, "rc": 0, "start": "2022-06-14 17:11:23.160090" } STDOUT: dhcpv6-client ftp mdns samba-client ssh tftp TASK [Verify firewalld zone internal ports] ************************************ task path: /tmp/tmpqqlptjhy/tests/tests_zone.yml:107 Tuesday 14 June 2022 21:11:23 +0000 (0:00:00.694) 0:00:21.955 ********** changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "firewall-cmd", "--permanent", "--zone=internal", "--list-ports" ], "delta": "0:00:00.261916", "end": "2022-06-14 17:11:24.039877", "failed_when_result": false, "rc": 0, "start": "2022-06-14 17:11:23.777961" } STDOUT: 443/tcp 443/udp TASK [Verify firewalld zone internal forward ports] **************************** task path: /tmp/tmpqqlptjhy/tests/tests_zone.yml:114 Tuesday 14 June 2022 21:11:24 +0000 (0:00:00.605) 0:00:22.561 ********** changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "firewall-cmd", "--permanent", "--zone=internal", "--list-forward-ports" ], "delta": "0:00:00.260318", "end": "2022-06-14 17:11:24.612653", "failed_when_result": false, "rc": 0, "start": "2022-06-14 17:11:24.352335" } STDOUT: port=447:proto=tcp:toport=:toaddr=1.2.3.4 port=448:proto=tcp:toport=:toaddr=1.2.3.5 TASK [Verify custom zone has masquerade added to it] *************************** task path: /tmp/tmpqqlptjhy/tests/tests_zone.yml:123 Tuesday 14 June 2022 21:11:24 +0000 (0:00:00.574) 0:00:23.136 ********** changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "firewall-cmd", "--permanent", "--zone=customzone", "--query-masquerade" ], "delta": "0:00:00.276362", "end": "2022-06-14 17:11:25.202818", "failed_when_result": false, "rc": 0, "start": "2022-06-14 17:11:24.926456" } STDOUT: yes TASK [Verify custom zone has masquerade added to it] *************************** task path: /tmp/tmpqqlptjhy/tests/tests_zone.yml:129 Tuesday 14 June 2022 21:11:25 +0000 (0:00:00.593) 0:00:23.729 ********** changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "firewall-cmd", "--get-default-zone" ], "delta": "0:00:00.243048", "end": "2022-06-14 17:11:25.770170", "failed_when_result": false, "rc": 0, "start": "2022-06-14 17:11:25.527122" } STDOUT: dmz TASK [Verify that service http has been added to the default zone dmz] ********* task path: /tmp/tmpqqlptjhy/tests/tests_zone.yml:135 Tuesday 14 June 2022 21:11:26 +0000 (0:00:00.565) 0:00:24.295 ********** changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "firewall-cmd", "--zone=dmz", "--query-service=http" ], "delta": "0:00:00.245570", "end": "2022-06-14 17:11:26.314710", "failed_when_result": false, "rc": 0, "start": "2022-06-14 17:11:26.069140" } STDOUT: yes TASK [Remove customzone zone] ************************************************** task path: /tmp/tmpqqlptjhy/tests/tests_zone.yml:147 Tuesday 14 June 2022 21:11:26 +0000 (0:00:00.544) 0:00:24.840 ********** changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "firewall-cmd", "--permanent", "--delete-zone=customzone" ], "delta": "0:00:00.257541", "end": "2022-06-14 17:11:26.890850", "failed_when_result": false, "rc": 0, "start": "2022-06-14 17:11:26.633309" } STDOUT: success TASK [Reset to zone defaults] ************************************************** task path: /tmp/tmpqqlptjhy/tests/tests_zone.yml:152 Tuesday 14 June 2022 21:11:27 +0000 (0:00:00.574) 0:00:25.414 ********** changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": "firewall-cmd --permanent --load-zone-defaults=internal\nfirewall-cmd --permanent --load-zone-defaults=external\nfirewall-cmd --permanent --load-zone-defaults=trusted\nfirewall-cmd --reload\n", "delta": "0:00:01.227021", "end": "2022-06-14 17:11:28.428584", "rc": 0, "start": "2022-06-14 17:11:27.201563" } STDOUT: success success STDERR: Error: NO_DEFAULTS: external Error: NO_DEFAULTS: trusted META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=43 changed=9 unreachable=0 failed=0 skipped=12 rescued=0 ignored=0 Tuesday 14 June 2022 21:11:28 +0000 (0:00:01.543) 0:00:26.958 ********** =============================================================================== linux-system-roles.firewall : Configure firewall ------------------------ 6.67s /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:40 ---- linux-system-roles.firewall : Configure firewall ------------------------ 1.63s /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:40 ---- Reset to zone defaults -------------------------------------------------- 1.54s /tmp/tmpqqlptjhy/tests/tests_zone.yml:152 ------------------------------------- linux-system-roles.firewall : Get config files, checksums before and remove --- 1.53s /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:18 ---- set up internal repositories -------------------------------------------- 1.38s /cache/rhel-7_setup.yml:5 ----------------------------------------------------- Gathering Facts --------------------------------------------------------- 1.00s /tmp/tmpqqlptjhy/tests/tests_zone.yml:1 --------------------------------------- linux-system-roles.firewall : Enable and start firewalld service -------- 0.82s /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:3 ----- Verify firewalld zone internal services --------------------------------- 0.69s /tmp/tmpqqlptjhy/tests/tests_zone.yml:100 ------------------------------------- linux-system-roles.firewall : gather firewalld configuration ------------ 0.68s /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:69 ---- linux-system-roles.firewall : Install firewalld ------------------------- 0.67s /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/firewalld.yml:8 linux-system-roles.firewall : Enable and start firewalld service -------- 0.66s /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:3 ----- Verify firewalld zone internal ports ------------------------------------ 0.61s /tmp/tmpqqlptjhy/tests/tests_zone.yml:107 ------------------------------------- Verify custom zone has masquerade added to it --------------------------- 0.59s /tmp/tmpqqlptjhy/tests/tests_zone.yml:123 ------------------------------------- Verify firewalld zone internal forward ports ---------------------------- 0.57s /tmp/tmpqqlptjhy/tests/tests_zone.yml:114 ------------------------------------- Remove customzone zone -------------------------------------------------- 0.57s /tmp/tmpqqlptjhy/tests/tests_zone.yml:147 ------------------------------------- linux-system-roles.firewall : Get config files, checksums after --------- 0.57s /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/main.yml:82 ---- Verify custom zone has masquerade added to it --------------------------- 0.57s /tmp/tmpqqlptjhy/tests/tests_zone.yml:129 ------------------------------------- linux-system-roles.firewall : Install python-firewall ------------------- 0.56s /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/firewalld.yml:13 linux-system-roles.firewall : Install firewalld ------------------------- 0.55s /tmp/tmpqqlptjhy/tests/roles/linux-system-roles.firewall/tasks/firewalld.yml:8 Verify that service http has been added to the default zone dmz --------- 0.54s /tmp/tmpqqlptjhy/tests/tests_zone.yml:135 ------------------------------------- ansible-playbook [core 2.12.6] config file = /etc/ansible/ansible.cfg configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3.9/site-packages/ansible ansible collection location = /tmp/tmpym83ylkt executable location = /usr/bin/ansible-playbook python version = 3.9.13 (main, May 18 2022, 00:00:00) [GCC 11.3.1 20220421 (Red Hat 11.3.1-2)] jinja version = 2.11.3 libyaml = True Using /etc/ansible/ansible.cfg as config file Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: rhel-7_setup.yml ***************************************************** 1 plays in /cache/rhel-7_setup.yml PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /cache/rhel-7_setup.yml:5 Tuesday 14 June 2022 21:13:42 +0000 (0:00:00.019) 0:00:00.019 ********** ok: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } ok: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } ok: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } ok: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } ok: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Tuesday 14 June 2022 21:13:44 +0000 (0:00:01.397) 0:00:01.416 ********** =============================================================================== set up internal repositories -------------------------------------------- 1.40s /cache/rhel-7_setup.yml:5 ----------------------------------------------------- PLAYBOOK: tests_zone.yml ******************************************************* 1 plays in /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml PLAY [Test firewalld zones] **************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:1 Tuesday 14 June 2022 21:13:44 +0000 (0:00:00.015) 0:00:01.432 ********** ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify used firewalld zones] ********************************************* task path: /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:10 Tuesday 14 June 2022 21:13:45 +0000 (0:00:00.928) 0:00:02.360 ********** TASK [fedora.linux_system_roles.firewall : include_tasks] ********************** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:1 Tuesday 14 June 2022 21:13:45 +0000 (0:00:00.058) 0:00:02.418 ********** included: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/firewalld.yml for /cache/rhel-7.qcow2 TASK [fedora.linux_system_roles.firewall : Ensure ansible_facts used by role] *** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/firewalld.yml:2 Tuesday 14 June 2022 21:13:45 +0000 (0:00:00.046) 0:00:02.465 ********** ok: [/cache/rhel-7.qcow2] TASK [fedora.linux_system_roles.firewall : Install firewalld] ****************** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/firewalld.yml:7 Tuesday 14 June 2022 21:13:45 +0000 (0:00:00.406) 0:00:02.871 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "firewalld-0.6.3-13.el7_9.noarch providing firewalld is already installed" ] } TASK [fedora.linux_system_roles.firewall : Install python-firewall] ************ task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/firewalld.yml:12 Tuesday 14 June 2022 21:13:46 +0000 (0:00:00.659) 0:00:03.531 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "python-firewall-0.6.3-13.el7_9.noarch providing python-firewall is already installed" ] } TASK [fedora.linux_system_roles.firewall : Install python3-firewall] *********** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/firewalld.yml:18 Tuesday 14 June 2022 21:13:46 +0000 (0:00:00.492) 0:00:04.023 ********** skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.firewall : Enable and start firewalld service] *** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:3 Tuesday 14 June 2022 21:13:46 +0000 (0:00:00.038) 0:00:04.062 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "enabled": true, "name": "firewalld", "state": "started", "status": { "ActiveEnterTimestamp": "Tue 2022-06-14 17:13:40 EDT", "ActiveEnterTimestampMonotonic": "128142070", "ActiveExitTimestamp": "Tue 2022-06-14 17:13:39 EDT", "ActiveExitTimestampMonotonic": "127208568", "ActiveState": "active", "After": "basic.target system.slice dbus.service polkit.service", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "yes", "AssertTimestamp": "Tue 2022-06-14 17:13:40 EDT", "AssertTimestampMonotonic": "127953122", "Before": "network-pre.target shutdown.target multi-user.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedoraproject.FirewallD1", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "yes", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "yes", "ConditionTimestamp": "Tue 2022-06-14 17:13:40 EDT", "ConditionTimestampMonotonic": "127953121", "Conflicts": "ebtables.service ipset.service ip6tables.service shutdown.target iptables.service", "ControlGroup": "/system.slice/firewalld.service", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "firewalld - dynamic firewall daemon", "DevicePolicy": "auto", "Documentation": "man:firewalld(1)", "EnvironmentFile": "/etc/sysconfig/firewalld (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "20130", "ExecMainStartTimestamp": "Tue 2022-06-14 17:13:40 EDT", "ExecMainStartTimestampMonotonic": "127953899", "ExecMainStatus": "0", "ExecReload": "{ path=/bin/kill ; argv[]=/bin/kill -HUP $MAINPID ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "ExecStart": "{ path=/usr/sbin/firewalld ; argv[]=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS ; ignore_errors=no ; start_time=[Tue 2022-06-14 17:13:40 EDT] ; stop_time=[n/a] ; pid=20130 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/firewalld.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "firewalld.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestamp": "Tue 2022-06-14 17:13:40 EDT", "InactiveEnterTimestampMonotonic": "127952391", "InactiveExitTimestamp": "Tue 2022-06-14 17:13:40 EDT", "InactiveExitTimestampMonotonic": "127953940", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "mixed", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "7155", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "7155", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "20130", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "firewalld.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "null", "StandardInput": "null", "StandardOutput": "null", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "running", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "enabled", "UnitFileState": "enabled", "WantedBy": "multi-user.target", "Wants": "network-pre.target", "WatchdogTimestamp": "Tue 2022-06-14 17:13:40 EDT", "WatchdogTimestampMonotonic": "128141983", "WatchdogUSec": "0" } } TASK [fedora.linux_system_roles.firewall : Check if previous replaced is defined] *** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:9 Tuesday 14 June 2022 21:13:47 +0000 (0:00:00.671) 0:00:04.734 ********** ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__firewall_previous_replaced": false, "__firewall_python_cmd": "/usr/bin/python" }, "changed": false } TASK [fedora.linux_system_roles.firewall : Get config files, checksums before and remove] *** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:14 Tuesday 14 June 2022 21:13:47 +0000 (0:00:00.051) 0:00:04.786 ********** skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.firewall : Configure firewall] ***************** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:36 Tuesday 14 June 2022 21:13:47 +0000 (0:00:00.034) 0:00:04.821 ********** ok: [/cache/rhel-7.qcow2] => (item={'zone': 'internal', 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "state": "enabled", "zone": "internal" } } ok: [/cache/rhel-7.qcow2] => (item={'zone': 'external', 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "state": "enabled", "zone": "external" } } ok: [/cache/rhel-7.qcow2] => (item={'zone': 'trusted', 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "state": "enabled", "zone": "trusted" } } TASK [fedora.linux_system_roles.firewall : gather firewalld configuration] ***** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:63 Tuesday 14 June 2022 21:13:49 +0000 (0:00:01.640) 0:00:06.462 ********** ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "firewalld_config": { "custom": { "helpers": [], "icmptypes": [], "ipsets": [], "services": [], "zones": [] }, "default": { "helpers": [ "Q.931", "RAS", "amanda", "ftp", "h323", "irc", "netbios-ns", "pptp", "proto-gre", "sane", "sip", "snmp", "tftp" ], "icmptypes": [ "address-unreachable", "bad-header", "beyond-scope", "communication-prohibited", "destination-unreachable", "echo-reply", "echo-request", "failed-policy", "fragmentation-needed", "unknown-option", "host-precedence-violation", "host-prohibited", "host-redirect", "host-unknown", "host-unreachable", "ip-header-bad", "neighbour-advertisement", "neighbour-solicitation", "network-prohibited", "network-redirect", "network-unknown", "network-unreachable", "no-route", "packet-too-big", "parameter-problem", "port-unreachable", "precedence-cutoff", "protocol-unreachable", "redirect", "reject-route", "required-option-missing", "router-advertisement", "router-solicitation", "source-quench", "source-route-failed", "time-exceeded", "timestamp-reply", "timestamp-request", "tos-host-redirect", "tos-host-unreachable", "tos-network-redirect", "tos-network-unreachable", "ttl-zero-during-reassembly", "ttl-zero-during-transit", "unknown-header-type" ], "ipsets": [], "services": [ "jenkins", "snmp", "RH-Satellite-6-capsule", "kpasswd", "RH-Satellite-6", "kprop", "amanda-client", "kadmin", "snmptrap", "amanda-k5-client", "pmcd", "amqp", "pmproxy", "amqps", "pmwebapi", "apcupsd", "pmwebapis", "audit", "kshell", "bacula-client", "pop3", "bacula", "pop3s", "bgp", "ldap", "bitcoin-rpc", "kerberos", "squid", "bitcoin-testnet-rpc", "ldaps", "bitcoin-testnet", "postgresql", "bitcoin", "mountd", "ceph-mon", "privoxy", "ceph", "mqtt-tls", "cfengine", "kibana", "ssh", "condor-collector", "proxy-dhcp", "ctdb", "ptp", "dhcp", "mqtt", "dhcpv6-client", "pulseaudio", "dhcpv6", "puppetmaster", "distcc", "quassel", "dns", "ms-wbt", "docker-registry", "mssql", "docker-swarm", "murmur", "dropbox-lansync", "mysql", "elasticsearch", "nfs", "etcd-client", "nfs3", "etcd-server", "radius", "finger", "nmea-0183", "freeipa-ldap", "nrpe", "freeipa-ldaps", "mongodb", "svdrp", "freeipa-replication", "ntp", "freeipa-trust", "redis", "ftp", "nut", "ganglia-client", "openvpn", "ganglia-master", "rpc-bind", "git", "rsh", "gre", "klogin", "svn", "high-availability", "rsyncd", "http", "rtsp", "https", "salt-master", "imap", "samba-client", "imaps", "ovirt-imageio", "ipp-client", "samba-dc", "ipp", "samba", "ipsec", "sane", "irc", "sip", "ircs", "ovirt-storageconsole", "iscsi-target", "sips", "isns", "libvirt-tls", "slp", "libvirt", "mosh", "synergy", "lightning-network", "smtp-submission", "llmnr", "ovirt-vmconsole", "managesieve", "smtp", "matrix", "smtps", "mdns", "plex", "minidlna", "tftp-client", "syslog", "spideroak-lansync", "steam-streaming", "syncthing-gui", "syncthing", "syslog-tls", "telnet", "tftp", "tinc", "tor-socks", "transmission-client", "upnp-client", "vdsm", "vnc-server", "wbem-http", "wbem-https", "wsman", "wsmans", "xdmcp", "xmpp-bosh", "xmpp-client", "xmpp-local", "xmpp-server", "zabbix-agent", "zabbix-server" ], "zones": [ "block", "dmz", "drop", "external", "home", "internal", "public", "trusted", "work" ] } } }, "changed": false } TASK [fedora.linux_system_roles.firewall : update firewalld_config fact] ******* task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:68 Tuesday 14 June 2022 21:13:49 +0000 (0:00:00.429) 0:00:06.891 ********** ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "firewall_config": { "custom": { "helpers": [], "icmptypes": [], "ipsets": [], "services": [], "zones": [] }, "default": { "helpers": [ "Q.931", "RAS", "amanda", "ftp", "h323", "irc", "netbios-ns", "pptp", "proto-gre", "sane", "sip", "snmp", "tftp" ], "icmptypes": [ "address-unreachable", "bad-header", "beyond-scope", "communication-prohibited", "destination-unreachable", "echo-reply", "echo-request", "failed-policy", "fragmentation-needed", "unknown-option", "host-precedence-violation", "host-prohibited", "host-redirect", "host-unknown", "host-unreachable", "ip-header-bad", "neighbour-advertisement", "neighbour-solicitation", "network-prohibited", "network-redirect", "network-unknown", "network-unreachable", "no-route", "packet-too-big", "parameter-problem", "port-unreachable", "precedence-cutoff", "protocol-unreachable", "redirect", "reject-route", "required-option-missing", "router-advertisement", "router-solicitation", "source-quench", "source-route-failed", "time-exceeded", "timestamp-reply", "timestamp-request", "tos-host-redirect", "tos-host-unreachable", "tos-network-redirect", "tos-network-unreachable", "ttl-zero-during-reassembly", "ttl-zero-during-transit", "unknown-header-type" ], "ipsets": [], "services": [ "jenkins", "snmp", "RH-Satellite-6-capsule", "kpasswd", "RH-Satellite-6", "kprop", "amanda-client", "kadmin", "snmptrap", "amanda-k5-client", "pmcd", "amqp", "pmproxy", "amqps", "pmwebapi", "apcupsd", "pmwebapis", "audit", "kshell", "bacula-client", "pop3", "bacula", "pop3s", "bgp", "ldap", "bitcoin-rpc", "kerberos", "squid", "bitcoin-testnet-rpc", "ldaps", "bitcoin-testnet", "postgresql", "bitcoin", "mountd", "ceph-mon", "privoxy", "ceph", "mqtt-tls", "cfengine", "kibana", "ssh", "condor-collector", "proxy-dhcp", "ctdb", "ptp", "dhcp", "mqtt", "dhcpv6-client", "pulseaudio", "dhcpv6", "puppetmaster", "distcc", "quassel", "dns", "ms-wbt", "docker-registry", "mssql", "docker-swarm", "murmur", "dropbox-lansync", "mysql", "elasticsearch", "nfs", "etcd-client", "nfs3", "etcd-server", "radius", "finger", "nmea-0183", "freeipa-ldap", "nrpe", "freeipa-ldaps", "mongodb", "svdrp", "freeipa-replication", "ntp", "freeipa-trust", "redis", "ftp", "nut", "ganglia-client", "openvpn", "ganglia-master", "rpc-bind", "git", "rsh", "gre", "klogin", "svn", "high-availability", "rsyncd", "http", "rtsp", "https", "salt-master", "imap", "samba-client", "imaps", "ovirt-imageio", "ipp-client", "samba-dc", "ipp", "samba", "ipsec", "sane", "irc", "sip", "ircs", "ovirt-storageconsole", "iscsi-target", "sips", "isns", "libvirt-tls", "slp", "libvirt", "mosh", "synergy", "lightning-network", "smtp-submission", "llmnr", "ovirt-vmconsole", "managesieve", "smtp", "matrix", "smtps", "mdns", "plex", "minidlna", "tftp-client", "syslog", "spideroak-lansync", "steam-streaming", "syncthing-gui", "syncthing", "syslog-tls", "telnet", "tftp", "tinc", "tor-socks", "transmission-client", "upnp-client", "vdsm", "vnc-server", "wbem-http", "wbem-https", "wsman", "wsmans", "xdmcp", "xmpp-bosh", "xmpp-client", "xmpp-local", "xmpp-server", "zabbix-agent", "zabbix-server" ], "zones": [ "block", "dmz", "drop", "external", "home", "internal", "public", "trusted", "work" ] } } }, "changed": false } TASK [fedora.linux_system_roles.firewall : Get config files, checksums after] *** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:76 Tuesday 14 June 2022 21:13:49 +0000 (0:00:00.084) 0:00:06.976 ********** skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.firewall : Calculate what has changed] ********* task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:84 Tuesday 14 June 2022 21:13:49 +0000 (0:00:00.041) 0:00:07.017 ********** skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.firewall : Show diffs] ************************* task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:90 Tuesday 14 June 2022 21:13:49 +0000 (0:00:00.036) 0:00:07.054 ********** skipping: [/cache/rhel-7.qcow2] => {} META: role_complete for /cache/rhel-7.qcow2 TASK [Fail on missing zones] *************************************************** task path: /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:22 Tuesday 14 June 2022 21:13:49 +0000 (0:00:00.046) 0:00:07.100 ********** skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Setup firewalld] ********************************************************* task path: /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:28 Tuesday 14 June 2022 21:13:49 +0000 (0:00:00.036) 0:00:07.137 ********** TASK [fedora.linux_system_roles.firewall : include_tasks] ********************** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:1 Tuesday 14 June 2022 21:13:49 +0000 (0:00:00.062) 0:00:07.199 ********** included: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/firewalld.yml for /cache/rhel-7.qcow2 TASK [fedora.linux_system_roles.firewall : Ensure ansible_facts used by role] *** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/firewalld.yml:2 Tuesday 14 June 2022 21:13:50 +0000 (0:00:00.050) 0:00:07.250 ********** ok: [/cache/rhel-7.qcow2] TASK [fedora.linux_system_roles.firewall : Install firewalld] ****************** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/firewalld.yml:7 Tuesday 14 June 2022 21:13:50 +0000 (0:00:00.422) 0:00:07.673 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "firewalld-0.6.3-13.el7_9.noarch providing firewalld is already installed" ] } TASK [fedora.linux_system_roles.firewall : Install python-firewall] ************ task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/firewalld.yml:12 Tuesday 14 June 2022 21:13:50 +0000 (0:00:00.553) 0:00:08.227 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "python-firewall-0.6.3-13.el7_9.noarch providing python-firewall is already installed" ] } TASK [fedora.linux_system_roles.firewall : Install python3-firewall] *********** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/firewalld.yml:18 Tuesday 14 June 2022 21:13:51 +0000 (0:00:00.542) 0:00:08.769 ********** skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.firewall : Enable and start firewalld service] *** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:3 Tuesday 14 June 2022 21:13:51 +0000 (0:00:00.038) 0:00:08.808 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "enabled": true, "name": "firewalld", "state": "started", "status": { "ActiveEnterTimestamp": "Tue 2022-06-14 17:13:40 EDT", "ActiveEnterTimestampMonotonic": "128142070", "ActiveExitTimestamp": "Tue 2022-06-14 17:13:39 EDT", "ActiveExitTimestampMonotonic": "127208568", "ActiveState": "active", "After": "basic.target system.slice dbus.service polkit.service", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "yes", "AssertTimestamp": "Tue 2022-06-14 17:13:40 EDT", "AssertTimestampMonotonic": "127953122", "Before": "network-pre.target shutdown.target multi-user.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedoraproject.FirewallD1", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "yes", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "yes", "ConditionTimestamp": "Tue 2022-06-14 17:13:40 EDT", "ConditionTimestampMonotonic": "127953121", "Conflicts": "ebtables.service ipset.service ip6tables.service shutdown.target iptables.service", "ControlGroup": "/system.slice/firewalld.service", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "firewalld - dynamic firewall daemon", "DevicePolicy": "auto", "Documentation": "man:firewalld(1)", "EnvironmentFile": "/etc/sysconfig/firewalld (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "20130", "ExecMainStartTimestamp": "Tue 2022-06-14 17:13:40 EDT", "ExecMainStartTimestampMonotonic": "127953899", "ExecMainStatus": "0", "ExecReload": "{ path=/bin/kill ; argv[]=/bin/kill -HUP $MAINPID ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "ExecStart": "{ path=/usr/sbin/firewalld ; argv[]=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS ; ignore_errors=no ; start_time=[Tue 2022-06-14 17:13:40 EDT] ; stop_time=[n/a] ; pid=20130 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/firewalld.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "firewalld.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestamp": "Tue 2022-06-14 17:13:40 EDT", "InactiveEnterTimestampMonotonic": "127952391", "InactiveExitTimestamp": "Tue 2022-06-14 17:13:40 EDT", "InactiveExitTimestampMonotonic": "127953940", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "mixed", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "7155", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "7155", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "20130", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "firewalld.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "null", "StandardInput": "null", "StandardOutput": "null", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "running", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "enabled", "UnitFileState": "enabled", "WantedBy": "multi-user.target", "Wants": "network-pre.target", "WatchdogTimestamp": "Tue 2022-06-14 17:13:40 EDT", "WatchdogTimestampMonotonic": "128141983", "WatchdogUSec": "0" } } TASK [fedora.linux_system_roles.firewall : Check if previous replaced is defined] *** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:9 Tuesday 14 June 2022 21:13:51 +0000 (0:00:00.389) 0:00:09.197 ********** ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__firewall_previous_replaced": true, "__firewall_python_cmd": "/usr/bin/python" }, "changed": false } TASK [fedora.linux_system_roles.firewall : Get config files, checksums before and remove] *** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:14 Tuesday 14 June 2022 21:13:52 +0000 (0:00:00.052) 0:00:09.250 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0 } STDOUT: /etc/profile.d/lang.sh: line 19: warning: setlocale: LC_CTYPE: cannot change locale (C.UTF-8) STDERR: Shared connection to 127.0.0.3 closed. TASK [fedora.linux_system_roles.firewall : Configure firewall] ***************** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:36 Tuesday 14 June 2022 21:13:52 +0000 (0:00:00.227) 0:00:09.477 ********** ok: [/cache/rhel-7.qcow2] => (item={'zone': 'internal', 'service': ['tftp', 'ftp'], 'port': ['443/tcp', '443/udp'], 'forward_port': ['447/tcp;;1.2.3.4', '448/tcp;;1.2.3.5'], 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "forward_port": [ "447/tcp;;1.2.3.4", "448/tcp;;1.2.3.5" ], "port": [ "443/tcp", "443/udp" ], "service": [ "tftp", "ftp" ], "state": "enabled", "zone": "internal" } } ok: [/cache/rhel-7.qcow2] => (item={'zone': 'internal', 'service': ['tftp', 'ftp'], 'port': ['443/tcp', '443/udp'], 'forward_port': ['447/tcp;;1.2.3.4', '448/tcp;;1.2.3.5'], 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "forward_port": [ "447/tcp;;1.2.3.4", "448/tcp;;1.2.3.5" ], "port": [ "443/tcp", "443/udp" ], "service": [ "tftp", "ftp" ], "state": "enabled", "zone": "internal" } } ok: [/cache/rhel-7.qcow2] => (item={'zone': 'customzone', 'permanent': True, 'state': 'present'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "permanent": true, "state": "present", "zone": "customzone" } } ok: [/cache/rhel-7.qcow2] => (item={'zone': 'customzone', 'permanent': True, 'masquerade': True, 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "masquerade": true, "permanent": true, "state": "enabled", "zone": "customzone" } } ok: [/cache/rhel-7.qcow2] => (item={'set_default_zone': 'dmz', 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "set_default_zone": "dmz", "state": "enabled" } } ok: [/cache/rhel-7.qcow2] => (item={'service': 'http', 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "service": "http", "state": "enabled" } } TASK [fedora.linux_system_roles.firewall : gather firewalld configuration] ***** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:63 Tuesday 14 June 2022 21:13:55 +0000 (0:00:03.279) 0:00:12.756 ********** ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "firewalld_config": { "custom": { "helpers": [], "icmptypes": [], "ipsets": [], "services": [], "zones": [ "internal", "customzone", "public", "dmz" ] }, "default": { "helpers": [ "Q.931", "RAS", "amanda", "ftp", "h323", "irc", "netbios-ns", "pptp", "proto-gre", "sane", "sip", "snmp", "tftp" ], "icmptypes": [ "address-unreachable", "bad-header", "beyond-scope", "communication-prohibited", "destination-unreachable", "echo-reply", "echo-request", "failed-policy", "fragmentation-needed", "unknown-option", "host-precedence-violation", "host-prohibited", "host-redirect", "host-unknown", "host-unreachable", "ip-header-bad", "neighbour-advertisement", "neighbour-solicitation", "network-prohibited", "network-redirect", "network-unknown", "network-unreachable", "no-route", "packet-too-big", "parameter-problem", "port-unreachable", "precedence-cutoff", "protocol-unreachable", "redirect", "reject-route", "required-option-missing", "router-advertisement", "router-solicitation", "source-quench", "source-route-failed", "time-exceeded", "timestamp-reply", "timestamp-request", "tos-host-redirect", "tos-host-unreachable", "tos-network-redirect", "tos-network-unreachable", "ttl-zero-during-reassembly", "ttl-zero-during-transit", "unknown-header-type" ], "ipsets": [], "services": [ "jenkins", "snmp", "RH-Satellite-6-capsule", "kpasswd", "RH-Satellite-6", "kprop", "amanda-client", "kadmin", "snmptrap", "amanda-k5-client", "pmcd", "amqp", "pmproxy", "amqps", "pmwebapi", "apcupsd", "pmwebapis", "audit", "kshell", "bacula-client", "pop3", "bacula", "pop3s", "bgp", "ldap", "bitcoin-rpc", "kerberos", "squid", "bitcoin-testnet-rpc", "ldaps", "bitcoin-testnet", "postgresql", "bitcoin", "mountd", "ceph-mon", "privoxy", "ceph", "mqtt-tls", "cfengine", "kibana", "ssh", "condor-collector", "proxy-dhcp", "ctdb", "ptp", "dhcp", "mqtt", "dhcpv6-client", "pulseaudio", "dhcpv6", "puppetmaster", "distcc", "quassel", "dns", "ms-wbt", "docker-registry", "mssql", "docker-swarm", "murmur", "dropbox-lansync", "mysql", "elasticsearch", "nfs", "etcd-client", "nfs3", "etcd-server", "radius", "finger", "nmea-0183", "freeipa-ldap", "nrpe", "freeipa-ldaps", "mongodb", "svdrp", "freeipa-replication", "ntp", "freeipa-trust", "redis", "ftp", "nut", "ganglia-client", "openvpn", "ganglia-master", "rpc-bind", "git", "rsh", "gre", "klogin", "svn", "high-availability", "rsyncd", "http", "rtsp", "https", "salt-master", "imap", "samba-client", "imaps", "ovirt-imageio", "ipp-client", "samba-dc", "ipp", "samba", "ipsec", "sane", "irc", "sip", "ircs", "ovirt-storageconsole", "iscsi-target", "sips", "isns", "libvirt-tls", "slp", "libvirt", "mosh", "synergy", "lightning-network", "smtp-submission", "llmnr", "ovirt-vmconsole", "managesieve", "smtp", "matrix", "smtps", "mdns", "plex", "minidlna", "tftp-client", "syslog", "spideroak-lansync", "steam-streaming", "syncthing-gui", "syncthing", "syslog-tls", "telnet", "tftp", "tinc", "tor-socks", "transmission-client", "upnp-client", "vdsm", "vnc-server", "wbem-http", "wbem-https", "wsman", "wsmans", "xdmcp", "xmpp-bosh", "xmpp-client", "xmpp-local", "xmpp-server", "zabbix-agent", "zabbix-server" ], "zones": [ "block", "dmz", "drop", "external", "home", "internal", "public", "trusted", "work" ] } } }, "changed": false } TASK [fedora.linux_system_roles.firewall : update firewalld_config fact] ******* task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:68 Tuesday 14 June 2022 21:13:55 +0000 (0:00:00.314) 0:00:13.071 ********** ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "firewall_config": { "custom": { "helpers": [], "icmptypes": [], "ipsets": [], "services": [], "zones": [ "internal", "customzone", "public", "dmz" ] }, "default": { "helpers": [ "Q.931", "RAS", "amanda", "ftp", "h323", "irc", "netbios-ns", "pptp", "proto-gre", "sane", "sip", "snmp", "tftp" ], "icmptypes": [ "address-unreachable", "bad-header", "beyond-scope", "communication-prohibited", "destination-unreachable", "echo-reply", "echo-request", "failed-policy", "fragmentation-needed", "unknown-option", "host-precedence-violation", "host-prohibited", "host-redirect", "host-unknown", "host-unreachable", "ip-header-bad", "neighbour-advertisement", "neighbour-solicitation", "network-prohibited", "network-redirect", "network-unknown", "network-unreachable", "no-route", "packet-too-big", "parameter-problem", "port-unreachable", "precedence-cutoff", "protocol-unreachable", "redirect", "reject-route", "required-option-missing", "router-advertisement", "router-solicitation", "source-quench", "source-route-failed", "time-exceeded", "timestamp-reply", "timestamp-request", "tos-host-redirect", "tos-host-unreachable", "tos-network-redirect", "tos-network-unreachable", "ttl-zero-during-reassembly", "ttl-zero-during-transit", "unknown-header-type" ], "ipsets": [], "services": [ "jenkins", "snmp", "RH-Satellite-6-capsule", "kpasswd", "RH-Satellite-6", "kprop", "amanda-client", "kadmin", "snmptrap", "amanda-k5-client", "pmcd", "amqp", "pmproxy", "amqps", "pmwebapi", "apcupsd", "pmwebapis", "audit", "kshell", "bacula-client", "pop3", "bacula", "pop3s", "bgp", "ldap", "bitcoin-rpc", "kerberos", "squid", "bitcoin-testnet-rpc", "ldaps", "bitcoin-testnet", "postgresql", "bitcoin", "mountd", "ceph-mon", "privoxy", "ceph", "mqtt-tls", "cfengine", "kibana", "ssh", "condor-collector", "proxy-dhcp", "ctdb", "ptp", "dhcp", "mqtt", "dhcpv6-client", "pulseaudio", "dhcpv6", "puppetmaster", "distcc", "quassel", "dns", "ms-wbt", "docker-registry", "mssql", "docker-swarm", "murmur", "dropbox-lansync", "mysql", "elasticsearch", "nfs", "etcd-client", "nfs3", "etcd-server", "radius", "finger", "nmea-0183", "freeipa-ldap", "nrpe", "freeipa-ldaps", "mongodb", "svdrp", "freeipa-replication", "ntp", "freeipa-trust", "redis", "ftp", "nut", "ganglia-client", "openvpn", "ganglia-master", "rpc-bind", "git", "rsh", "gre", "klogin", "svn", "high-availability", "rsyncd", "http", "rtsp", "https", "salt-master", "imap", "samba-client", "imaps", "ovirt-imageio", "ipp-client", "samba-dc", "ipp", "samba", "ipsec", "sane", "irc", "sip", "ircs", "ovirt-storageconsole", "iscsi-target", "sips", "isns", "libvirt-tls", "slp", "libvirt", "mosh", "synergy", "lightning-network", "smtp-submission", "llmnr", "ovirt-vmconsole", "managesieve", "smtp", "matrix", "smtps", "mdns", "plex", "minidlna", "tftp-client", "syslog", "spideroak-lansync", "steam-streaming", "syncthing-gui", "syncthing", "syslog-tls", "telnet", "tftp", "tinc", "tor-socks", "transmission-client", "upnp-client", "vdsm", "vnc-server", "wbem-http", "wbem-https", "wsman", "wsmans", "xdmcp", "xmpp-bosh", "xmpp-client", "xmpp-local", "xmpp-server", "zabbix-agent", "zabbix-server" ], "zones": [ "block", "dmz", "drop", "external", "home", "internal", "public", "trusted", "work" ] } } }, "changed": false } TASK [fedora.linux_system_roles.firewall : Get config files, checksums after] *** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:76 Tuesday 14 June 2022 21:13:55 +0000 (0:00:00.054) 0:00:13.125 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0 } STDOUT: /etc/profile.d/lang.sh: line 19: warning: setlocale: LC_CTYPE: cannot change locale (C.UTF-8) e2b071ca9b919b8fd60a4fe1e00e4f792ec2245359e8c48027020970791176d1 /etc/firewalld/zones/internal.xml 610e6e9bafe289c126adb751e772cd0224012f12738a8b8011454b1da8865c18 /etc/firewalld/zones/customzone.xml 1fbd6fcd1ca29e4438f7c982e2b9d595a93b93c1f9bdfbbf18745493df02e13e /etc/firewalld/zones/public.xml df2e066f9b8c0677c4887aa9a7032c4f94480408ff740036d98e648d11dd84c5 /etc/firewalld/zones/dmz.xml 958dce439fe299ce0b0fdb10c4c18412269fbab3f09660e4b210962728554953 /etc/firewalld/firewalld.conf STDERR: Shared connection to 127.0.0.3 closed. TASK [fedora.linux_system_roles.firewall : Calculate what has changed] ********* task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:84 Tuesday 14 June 2022 21:13:56 +0000 (0:00:00.274) 0:00:13.400 ********** changed: [/cache/rhel-7.qcow2] => { "ansible_facts": { "firewall_lib_result": { "changed": true } }, "changed": true } TASK [fedora.linux_system_roles.firewall : Show diffs] ************************* task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:90 Tuesday 14 June 2022 21:13:56 +0000 (0:00:00.052) 0:00:13.452 ********** skipping: [/cache/rhel-7.qcow2] => {} META: role_complete for /cache/rhel-7.qcow2 TASK [Fail if no changes are done] ********************************************* task path: /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:56 Tuesday 14 June 2022 21:13:56 +0000 (0:00:00.045) 0:00:13.498 ********** skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Setup firewalld again] *************************************************** task path: /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:62 Tuesday 14 June 2022 21:13:56 +0000 (0:00:00.037) 0:00:13.536 ********** TASK [fedora.linux_system_roles.firewall : include_tasks] ********************** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:1 Tuesday 14 June 2022 21:13:56 +0000 (0:00:00.058) 0:00:13.594 ********** included: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/firewalld.yml for /cache/rhel-7.qcow2 TASK [fedora.linux_system_roles.firewall : Ensure ansible_facts used by role] *** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/firewalld.yml:2 Tuesday 14 June 2022 21:13:56 +0000 (0:00:00.048) 0:00:13.643 ********** ok: [/cache/rhel-7.qcow2] TASK [fedora.linux_system_roles.firewall : Install firewalld] ****************** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/firewalld.yml:7 Tuesday 14 June 2022 21:13:56 +0000 (0:00:00.408) 0:00:14.051 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "firewalld-0.6.3-13.el7_9.noarch providing firewalld is already installed" ] } TASK [fedora.linux_system_roles.firewall : Install python-firewall] ************ task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/firewalld.yml:12 Tuesday 14 June 2022 21:13:57 +0000 (0:00:00.522) 0:00:14.574 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "python-firewall-0.6.3-13.el7_9.noarch providing python-firewall is already installed" ] } TASK [fedora.linux_system_roles.firewall : Install python3-firewall] *********** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/firewalld.yml:18 Tuesday 14 June 2022 21:13:57 +0000 (0:00:00.525) 0:00:15.100 ********** skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.firewall : Enable and start firewalld service] *** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:3 Tuesday 14 June 2022 21:13:57 +0000 (0:00:00.040) 0:00:15.141 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "enabled": true, "name": "firewalld", "state": "started", "status": { "ActiveEnterTimestamp": "Tue 2022-06-14 17:13:40 EDT", "ActiveEnterTimestampMonotonic": "128142070", "ActiveExitTimestamp": "Tue 2022-06-14 17:13:39 EDT", "ActiveExitTimestampMonotonic": "127208568", "ActiveState": "active", "After": "basic.target system.slice dbus.service polkit.service", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "yes", "AssertTimestamp": "Tue 2022-06-14 17:13:40 EDT", "AssertTimestampMonotonic": "127953122", "Before": "network-pre.target shutdown.target multi-user.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedoraproject.FirewallD1", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "yes", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "yes", "ConditionTimestamp": "Tue 2022-06-14 17:13:40 EDT", "ConditionTimestampMonotonic": "127953121", "Conflicts": "ebtables.service ipset.service ip6tables.service shutdown.target iptables.service", "ControlGroup": "/system.slice/firewalld.service", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "firewalld - dynamic firewall daemon", "DevicePolicy": "auto", "Documentation": "man:firewalld(1)", "EnvironmentFile": "/etc/sysconfig/firewalld (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "20130", "ExecMainStartTimestamp": "Tue 2022-06-14 17:13:40 EDT", "ExecMainStartTimestampMonotonic": "127953899", "ExecMainStatus": "0", "ExecReload": "{ path=/bin/kill ; argv[]=/bin/kill -HUP $MAINPID ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "ExecStart": "{ path=/usr/sbin/firewalld ; argv[]=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS ; ignore_errors=no ; start_time=[Tue 2022-06-14 17:13:40 EDT] ; stop_time=[n/a] ; pid=20130 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/firewalld.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "firewalld.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestamp": "Tue 2022-06-14 17:13:40 EDT", "InactiveEnterTimestampMonotonic": "127952391", "InactiveExitTimestamp": "Tue 2022-06-14 17:13:40 EDT", "InactiveExitTimestampMonotonic": "127953940", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "mixed", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "7155", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "7155", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "20130", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "firewalld.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "null", "StandardInput": "null", "StandardOutput": "null", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "running", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "enabled", "UnitFileState": "enabled", "WantedBy": "multi-user.target", "Wants": "network-pre.target", "WatchdogTimestamp": "Tue 2022-06-14 17:13:40 EDT", "WatchdogTimestampMonotonic": "128141983", "WatchdogUSec": "0" } } TASK [fedora.linux_system_roles.firewall : Check if previous replaced is defined] *** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:9 Tuesday 14 June 2022 21:13:58 +0000 (0:00:00.406) 0:00:15.547 ********** ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__firewall_previous_replaced": true, "__firewall_python_cmd": "/usr/bin/python" }, "changed": false } TASK [fedora.linux_system_roles.firewall : Get config files, checksums before and remove] *** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:14 Tuesday 14 June 2022 21:13:58 +0000 (0:00:00.053) 0:00:15.600 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0 } STDOUT: /etc/profile.d/lang.sh: line 19: warning: setlocale: LC_CTYPE: cannot change locale (C.UTF-8) e2b071ca9b919b8fd60a4fe1e00e4f792ec2245359e8c48027020970791176d1 /etc/firewalld/zones/internal.xml 610e6e9bafe289c126adb751e772cd0224012f12738a8b8011454b1da8865c18 /etc/firewalld/zones/customzone.xml 1fbd6fcd1ca29e4438f7c982e2b9d595a93b93c1f9bdfbbf18745493df02e13e /etc/firewalld/zones/public.xml df2e066f9b8c0677c4887aa9a7032c4f94480408ff740036d98e648d11dd84c5 /etc/firewalld/zones/dmz.xml 958dce439fe299ce0b0fdb10c4c18412269fbab3f09660e4b210962728554953 /etc/firewalld/firewalld.conf STDERR: Shared connection to 127.0.0.3 closed. TASK [fedora.linux_system_roles.firewall : Configure firewall] ***************** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:36 Tuesday 14 June 2022 21:13:59 +0000 (0:00:01.247) 0:00:16.848 ********** ok: [/cache/rhel-7.qcow2] => (item={'zone': 'internal', 'service': ['tftp', 'ftp'], 'port': ['443/tcp', '443/udp'], 'forward_port': ['447/tcp;;1.2.3.4', '448/tcp;;1.2.3.5'], 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "forward_port": [ "447/tcp;;1.2.3.4", "448/tcp;;1.2.3.5" ], "port": [ "443/tcp", "443/udp" ], "service": [ "tftp", "ftp" ], "state": "enabled", "zone": "internal" } } ok: [/cache/rhel-7.qcow2] => (item={'zone': 'internal', 'service': ['tftp', 'ftp'], 'port': ['443/tcp', '443/udp'], 'forward_port': ['447/tcp;;1.2.3.4', '448/tcp;;1.2.3.5'], 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "forward_port": [ "447/tcp;;1.2.3.4", "448/tcp;;1.2.3.5" ], "port": [ "443/tcp", "443/udp" ], "service": [ "tftp", "ftp" ], "state": "enabled", "zone": "internal" } } ok: [/cache/rhel-7.qcow2] => (item={'zone': 'customzone', 'permanent': True, 'state': 'present'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "permanent": true, "state": "present", "zone": "customzone" } } ok: [/cache/rhel-7.qcow2] => (item={'zone': 'customzone', 'permanent': True, 'masquerade': True, 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "masquerade": true, "permanent": true, "state": "enabled", "zone": "customzone" } } ok: [/cache/rhel-7.qcow2] => (item={'set_default_zone': 'dmz', 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "set_default_zone": "dmz", "state": "enabled" } } ok: [/cache/rhel-7.qcow2] => (item={'service': 'http', 'state': 'enabled'}) => { "__firewall_changed": false, "ansible_loop_var": "item", "changed": false, "item": { "service": "http", "state": "enabled" } } TASK [fedora.linux_system_roles.firewall : gather firewalld configuration] ***** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:63 Tuesday 14 June 2022 21:14:02 +0000 (0:00:03.348) 0:00:20.197 ********** ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "firewalld_config": { "custom": { "helpers": [], "icmptypes": [], "ipsets": [], "services": [], "zones": [ "internal", "customzone", "public", "dmz" ] }, "default": { "helpers": [ "Q.931", "RAS", "amanda", "ftp", "h323", "irc", "netbios-ns", "pptp", "proto-gre", "sane", "sip", "snmp", "tftp" ], "icmptypes": [ "address-unreachable", "bad-header", "beyond-scope", "communication-prohibited", "destination-unreachable", "echo-reply", "echo-request", "failed-policy", "fragmentation-needed", "unknown-option", "host-precedence-violation", "host-prohibited", "host-redirect", "host-unknown", "host-unreachable", "ip-header-bad", "neighbour-advertisement", "neighbour-solicitation", "network-prohibited", "network-redirect", "network-unknown", "network-unreachable", "no-route", "packet-too-big", "parameter-problem", "port-unreachable", "precedence-cutoff", "protocol-unreachable", "redirect", "reject-route", "required-option-missing", "router-advertisement", "router-solicitation", "source-quench", "source-route-failed", "time-exceeded", "timestamp-reply", "timestamp-request", "tos-host-redirect", "tos-host-unreachable", "tos-network-redirect", "tos-network-unreachable", "ttl-zero-during-reassembly", "ttl-zero-during-transit", "unknown-header-type" ], "ipsets": [], "services": [ "jenkins", "snmp", "RH-Satellite-6-capsule", "kpasswd", "RH-Satellite-6", "kprop", "amanda-client", "kadmin", "snmptrap", "amanda-k5-client", "pmcd", "amqp", "pmproxy", "amqps", "pmwebapi", "apcupsd", "pmwebapis", "audit", "kshell", "bacula-client", "pop3", "bacula", "pop3s", "bgp", "ldap", "bitcoin-rpc", "kerberos", "squid", "bitcoin-testnet-rpc", "ldaps", "bitcoin-testnet", "postgresql", "bitcoin", "mountd", "ceph-mon", "privoxy", "ceph", "mqtt-tls", "cfengine", "kibana", "ssh", "condor-collector", "proxy-dhcp", "ctdb", "ptp", "dhcp", "mqtt", "dhcpv6-client", "pulseaudio", "dhcpv6", "puppetmaster", "distcc", "quassel", "dns", "ms-wbt", "docker-registry", "mssql", "docker-swarm", "murmur", "dropbox-lansync", "mysql", "elasticsearch", "nfs", "etcd-client", "nfs3", "etcd-server", "radius", "finger", "nmea-0183", "freeipa-ldap", "nrpe", "freeipa-ldaps", "mongodb", "svdrp", "freeipa-replication", "ntp", "freeipa-trust", "redis", "ftp", "nut", "ganglia-client", "openvpn", "ganglia-master", "rpc-bind", "git", "rsh", "gre", "klogin", "svn", "high-availability", "rsyncd", "http", "rtsp", "https", "salt-master", "imap", "samba-client", "imaps", "ovirt-imageio", "ipp-client", "samba-dc", "ipp", "samba", "ipsec", "sane", "irc", "sip", "ircs", "ovirt-storageconsole", "iscsi-target", "sips", "isns", "libvirt-tls", "slp", "libvirt", "mosh", "synergy", "lightning-network", "smtp-submission", "llmnr", "ovirt-vmconsole", "managesieve", "smtp", "matrix", "smtps", "mdns", "plex", "minidlna", "tftp-client", "syslog", "spideroak-lansync", "steam-streaming", "syncthing-gui", "syncthing", "syslog-tls", "telnet", "tftp", "tinc", "tor-socks", "transmission-client", "upnp-client", "vdsm", "vnc-server", "wbem-http", "wbem-https", "wsman", "wsmans", "xdmcp", "xmpp-bosh", "xmpp-client", "xmpp-local", "xmpp-server", "zabbix-agent", "zabbix-server" ], "zones": [ "block", "dmz", "drop", "external", "home", "internal", "public", "trusted", "work" ] } } }, "changed": false } TASK [fedora.linux_system_roles.firewall : update firewalld_config fact] ******* task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:68 Tuesday 14 June 2022 21:14:03 +0000 (0:00:00.349) 0:00:20.547 ********** ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "firewall_config": { "custom": { "helpers": [], "icmptypes": [], "ipsets": [], "services": [], "zones": [ "internal", "customzone", "public", "dmz" ] }, "default": { "helpers": [ "Q.931", "RAS", "amanda", "ftp", "h323", "irc", "netbios-ns", "pptp", "proto-gre", "sane", "sip", "snmp", "tftp" ], "icmptypes": [ "address-unreachable", "bad-header", "beyond-scope", "communication-prohibited", "destination-unreachable", "echo-reply", "echo-request", "failed-policy", "fragmentation-needed", "unknown-option", "host-precedence-violation", "host-prohibited", "host-redirect", "host-unknown", "host-unreachable", "ip-header-bad", "neighbour-advertisement", "neighbour-solicitation", "network-prohibited", "network-redirect", "network-unknown", "network-unreachable", "no-route", "packet-too-big", "parameter-problem", "port-unreachable", "precedence-cutoff", "protocol-unreachable", "redirect", "reject-route", "required-option-missing", "router-advertisement", "router-solicitation", "source-quench", "source-route-failed", "time-exceeded", "timestamp-reply", "timestamp-request", "tos-host-redirect", "tos-host-unreachable", "tos-network-redirect", "tos-network-unreachable", "ttl-zero-during-reassembly", "ttl-zero-during-transit", "unknown-header-type" ], "ipsets": [], "services": [ "jenkins", "snmp", "RH-Satellite-6-capsule", "kpasswd", "RH-Satellite-6", "kprop", "amanda-client", "kadmin", "snmptrap", "amanda-k5-client", "pmcd", "amqp", "pmproxy", "amqps", "pmwebapi", "apcupsd", "pmwebapis", "audit", "kshell", "bacula-client", "pop3", "bacula", "pop3s", "bgp", "ldap", "bitcoin-rpc", "kerberos", "squid", "bitcoin-testnet-rpc", "ldaps", "bitcoin-testnet", "postgresql", "bitcoin", "mountd", "ceph-mon", "privoxy", "ceph", "mqtt-tls", "cfengine", "kibana", "ssh", "condor-collector", "proxy-dhcp", "ctdb", "ptp", "dhcp", "mqtt", "dhcpv6-client", "pulseaudio", "dhcpv6", "puppetmaster", "distcc", "quassel", "dns", "ms-wbt", "docker-registry", "mssql", "docker-swarm", "murmur", "dropbox-lansync", "mysql", "elasticsearch", "nfs", "etcd-client", "nfs3", "etcd-server", "radius", "finger", "nmea-0183", "freeipa-ldap", "nrpe", "freeipa-ldaps", "mongodb", "svdrp", "freeipa-replication", "ntp", "freeipa-trust", "redis", "ftp", "nut", "ganglia-client", "openvpn", "ganglia-master", "rpc-bind", "git", "rsh", "gre", "klogin", "svn", "high-availability", "rsyncd", "http", "rtsp", "https", "salt-master", "imap", "samba-client", "imaps", "ovirt-imageio", "ipp-client", "samba-dc", "ipp", "samba", "ipsec", "sane", "irc", "sip", "ircs", "ovirt-storageconsole", "iscsi-target", "sips", "isns", "libvirt-tls", "slp", "libvirt", "mosh", "synergy", "lightning-network", "smtp-submission", "llmnr", "ovirt-vmconsole", "managesieve", "smtp", "matrix", "smtps", "mdns", "plex", "minidlna", "tftp-client", "syslog", "spideroak-lansync", "steam-streaming", "syncthing-gui", "syncthing", "syslog-tls", "telnet", "tftp", "tinc", "tor-socks", "transmission-client", "upnp-client", "vdsm", "vnc-server", "wbem-http", "wbem-https", "wsman", "wsmans", "xdmcp", "xmpp-bosh", "xmpp-client", "xmpp-local", "xmpp-server", "zabbix-agent", "zabbix-server" ], "zones": [ "block", "dmz", "drop", "external", "home", "internal", "public", "trusted", "work" ] } } }, "changed": false } TASK [fedora.linux_system_roles.firewall : Get config files, checksums after] *** task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:76 Tuesday 14 June 2022 21:14:03 +0000 (0:00:00.083) 0:00:20.631 ********** ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0 } STDOUT: /etc/profile.d/lang.sh: line 19: warning: setlocale: LC_CTYPE: cannot change locale (C.UTF-8) e2b071ca9b919b8fd60a4fe1e00e4f792ec2245359e8c48027020970791176d1 /etc/firewalld/zones/internal.xml 610e6e9bafe289c126adb751e772cd0224012f12738a8b8011454b1da8865c18 /etc/firewalld/zones/customzone.xml 1fbd6fcd1ca29e4438f7c982e2b9d595a93b93c1f9bdfbbf18745493df02e13e /etc/firewalld/zones/public.xml df2e066f9b8c0677c4887aa9a7032c4f94480408ff740036d98e648d11dd84c5 /etc/firewalld/zones/dmz.xml 958dce439fe299ce0b0fdb10c4c18412269fbab3f09660e4b210962728554953 /etc/firewalld/firewalld.conf STDERR: Shared connection to 127.0.0.3 closed. TASK [fedora.linux_system_roles.firewall : Calculate what has changed] ********* task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:84 Tuesday 14 June 2022 21:14:03 +0000 (0:00:00.280) 0:00:20.911 ********** ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "firewall_lib_result": { "changed": false } }, "changed": false } TASK [fedora.linux_system_roles.firewall : Show diffs] ************************* task path: /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:90 Tuesday 14 June 2022 21:14:03 +0000 (0:00:00.081) 0:00:20.993 ********** skipping: [/cache/rhel-7.qcow2] => {} META: role_complete for /cache/rhel-7.qcow2 TASK [Fail on newly changes] *************************************************** task path: /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:90 Tuesday 14 June 2022 21:14:03 +0000 (0:00:00.043) 0:00:21.037 ********** skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Verify firewalld zone internal services] ********************************* task path: /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:96 Tuesday 14 June 2022 21:14:03 +0000 (0:00:00.034) 0:00:21.071 ********** changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "firewall-cmd", "--permanent", "--zone=internal", "--list-services" ], "delta": "0:00:00.272252", "end": "2022-06-14 17:14:03.856883", "failed_when_result": false, "rc": 0, "start": "2022-06-14 17:14:03.584631" } STDOUT: dhcpv6-client ftp mdns samba-client ssh tftp TASK [Verify firewalld zone internal ports] ************************************ task path: /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:101 Tuesday 14 June 2022 21:14:04 +0000 (0:00:00.725) 0:00:21.797 ********** changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "firewall-cmd", "--permanent", "--zone=internal", "--list-ports" ], "delta": "0:00:00.269060", "end": "2022-06-14 17:14:04.492209", "failed_when_result": false, "rc": 0, "start": "2022-06-14 17:14:04.223149" } STDOUT: 443/tcp 443/udp TASK [Verify firewalld zone internal forward ports] **************************** task path: /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:106 Tuesday 14 June 2022 21:14:05 +0000 (0:00:00.634) 0:00:22.432 ********** changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "firewall-cmd", "--permanent", "--zone=internal", "--list-forward-ports" ], "delta": "0:00:00.273442", "end": "2022-06-14 17:14:05.114857", "failed_when_result": false, "rc": 0, "start": "2022-06-14 17:14:04.841415" } STDOUT: port=447:proto=tcp:toport=:toaddr=1.2.3.4 port=448:proto=tcp:toport=:toaddr=1.2.3.5 TASK [Verify custom zone has masquerade added to it] *************************** task path: /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:111 Tuesday 14 June 2022 21:14:05 +0000 (0:00:00.622) 0:00:23.054 ********** changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "firewall-cmd", "--permanent", "--zone=customzone", "--query-masquerade" ], "delta": "0:00:00.279338", "end": "2022-06-14 17:14:05.707491", "failed_when_result": false, "rc": 0, "start": "2022-06-14 17:14:05.428153" } STDOUT: yes TASK [Verify custom zone has masquerade added to it] *************************** task path: /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:116 Tuesday 14 June 2022 21:14:06 +0000 (0:00:00.595) 0:00:23.650 ********** changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "firewall-cmd", "--get-default-zone" ], "delta": "0:00:00.256230", "end": "2022-06-14 17:14:06.287797", "failed_when_result": false, "rc": 0, "start": "2022-06-14 17:14:06.031567" } STDOUT: dmz TASK [Verify that service http has been added to the default zone dmz] ********* task path: /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:121 Tuesday 14 June 2022 21:14:07 +0000 (0:00:00.583) 0:00:24.233 ********** changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "firewall-cmd", "--zone=dmz", "--query-service=http" ], "delta": "0:00:00.247723", "end": "2022-06-14 17:14:06.870082", "failed_when_result": false, "rc": 0, "start": "2022-06-14 17:14:06.622359" } STDOUT: yes TASK [Remove customzone zone] ************************************************** task path: /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:132 Tuesday 14 June 2022 21:14:07 +0000 (0:00:00.578) 0:00:24.811 ********** changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "firewall-cmd", "--permanent", "--delete-zone=customzone" ], "delta": "0:00:00.274774", "end": "2022-06-14 17:14:07.469767", "failed_when_result": false, "rc": 0, "start": "2022-06-14 17:14:07.194993" } STDOUT: success TASK [Reset to zone defaults] ************************************************** task path: /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:137 Tuesday 14 June 2022 21:14:08 +0000 (0:00:00.599) 0:00:25.410 ********** changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": "firewall-cmd --permanent --load-zone-defaults=internal\nfirewall-cmd --permanent --load-zone-defaults=external\nfirewall-cmd --permanent --load-zone-defaults=trusted\nfirewall-cmd --reload\n", "delta": "0:00:01.233841", "end": "2022-06-14 17:14:09.023386", "rc": 0, "start": "2022-06-14 17:14:07.789545" } STDOUT: success success STDERR: Error: NO_DEFAULTS: external Error: NO_DEFAULTS: trusted META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=43 changed=9 unreachable=0 failed=0 skipped=12 rescued=0 ignored=0 Tuesday 14 June 2022 21:14:09 +0000 (0:00:01.561) 0:00:26.972 ********** =============================================================================== fedora.linux_system_roles.firewall : Configure firewall ----------------- 6.63s /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:36 fedora.linux_system_roles.firewall : Configure firewall ----------------- 1.64s /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:36 Reset to zone defaults -------------------------------------------------- 1.56s /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:137 ---------------------------- fedora.linux_system_roles.firewall : Get config files, checksums before and remove --- 1.48s /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:14 set up internal repositories -------------------------------------------- 1.40s /cache/rhel-7_setup.yml:5 ----------------------------------------------------- Gathering Facts --------------------------------------------------------- 0.93s /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:1 ------------------------------ fedora.linux_system_roles.firewall : Enable and start firewalld service --- 0.80s /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:3 Verify firewalld zone internal services --------------------------------- 0.73s /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:96 ----------------------------- fedora.linux_system_roles.firewall : Enable and start firewalld service --- 0.67s /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:3 fedora.linux_system_roles.firewall : gather firewalld configuration ----- 0.66s /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:63 fedora.linux_system_roles.firewall : Install firewalld ------------------ 0.66s /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/firewalld.yml:7 Verify firewalld zone internal ports ------------------------------------ 0.63s /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:101 ---------------------------- Verify firewalld zone internal forward ports ---------------------------- 0.62s /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:106 ---------------------------- Remove customzone zone -------------------------------------------------- 0.60s /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:132 ---------------------------- Verify custom zone has masquerade added to it --------------------------- 0.60s /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:111 ---------------------------- Verify custom zone has masquerade added to it --------------------------- 0.58s /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:116 ---------------------------- Verify that service http has been added to the default zone dmz --------- 0.58s /tmp/tmpem3z9ofs/tests/firewall/tests_zone.yml:121 ---------------------------- fedora.linux_system_roles.firewall : Get config files, checksums after --- 0.55s /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/main.yml:76 fedora.linux_system_roles.firewall : Install firewalld ------------------ 0.55s /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/firewalld.yml:7 fedora.linux_system_roles.firewall : Install python-firewall ------------ 0.54s /tmp/tmpym83ylkt/ansible_collections/fedora/linux_system_roles/roles/firewall/tasks/firewalld.yml:12