You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm running the RHEL STIG which I derived from this project or at least that's my understanding. The ansible role is called ansible-role-rhel9-stig-main". I did confirm the issue is in both projects.
Description of problem:
In this project the file: linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/bash/shared.sh
When it gets active zones using: firewall-cmd --get-active-zones | grep -v interfaces
It can return a list that is not valid and the next task fails. This command assumes that "interfaces" is the only non zone line you can get but you can get things like "sources".
Share the context
I'm running the RHEL STIG which I derived from this project or at least that's my understanding. The ansible role is called ansible-role-rhel9-stig-main". I did confirm the issue is in both projects.
Description of problem:
In this project the file: linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/bash/shared.sh
When it gets active zones using: firewall-cmd --get-active-zones | grep -v interfaces
It can return a list that is not valid and the next task fails. This command assumes that "interfaces" is the only non zone line you can get but you can get things like "sources".
Proposed change:
change line: readarray -t firewalld_active_zones < <(firewall-cmd --get-active-zones | grep -v interfaces)
to: readarray -t firewalld_active_zones < <(firewall-cmd --get-active-zones | grep -v "^ ")
This will skip all lines that start with a space and give you only active zones.
Thank you,
The text was updated successfully, but these errors were encountered: