From 3faa78d98d9fdce2de95c7d4bd5d6f67c2d27b63 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Daniel=20P=2E=20Berrang=C3=A9?= Date: Fri, 7 Jun 2024 10:58:12 +0100 Subject: [PATCH] tools: stop checking init scripts & iptables config MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit The /etc/sysconfig/libvirtd file is a Fedora/RHEL specific concept. Since those distros switched to systemd socket activation, the existance of --listen parameter in /etc/sysconfig/libvirtd is no longer a reliable check. This was further degraded with the switch to modular daemons where virtproxyd takes over the role. The /etc/sysconfig/iptables file is a Fedora/RHEL specific concept. Since those distros switched to firewalld, this file is no longer a reliable check. Rather than complicating these checks, just remove them, so that the virt-pki-validate tool focuses exclusively on TLS configuration validation. Reviewed-by: Michal Privoznik Signed-off-by: Daniel P. Berrangé --- tools/virt-pki-validate.in | 28 ---------------------------- 1 file changed, 28 deletions(-) diff --git a/tools/virt-pki-validate.in b/tools/virt-pki-validate.in index c91f247ba5..c77daa9862 100644 --- a/tools/virt-pki-validate.in +++ b/tools/virt-pki-validate.in @@ -73,7 +73,6 @@ echo Found "$CERTOOL" # SYSCONFDIR="@sysconfdir@" PKI="$SYSCONFDIR/pki" -INITCONFDIR="@initconfdir@" if [ ! -d "$PKI" ] then echo the $PKI directory is missing, it is usually @@ -293,31 +292,4 @@ else SERVER=0 fi -if [ "$SERVER" = "1" ] -then - if [ -r "$INITCONFDIR"/libvirtd ] - then - if grep "^LIBVIRTD_ARGS.*--listen" "$INITCONFDIR"/libvirtd \ - >/dev/null 2>&1 - then - : - else - echo Make sure "$INITCONFDIR"/libvirtd is setup to listen to - echo TCP/IP connections and restart the libvirtd service - fi - fi - if [ -r "$INITCONFDIR"/iptables ] - then - if grep "$PORT" "$INITCONFDIR"/iptables >/dev/null 2>&1 - then - : - else - echo Make sure "$INITCONFDIR"/iptables is setup to allow - echo incoming TCP/IP connections on port $PORT and - echo restart the iptables service - fi - fi -fi - - exit 0 -- 2.47.3