Class: Installation::Clients::SecurityFinish
- Inherits:
-
FinishClient
- Object
- FinishClient
- Installation::Clients::SecurityFinish
- Includes:
- Yast::I18n, Yast::Logger
- Defined in:
- src/lib/installation/clients/security_finish.rb
Overview
This is a step of base installation finish and it is responsible of write the firewall proposal configuration for installation and autoinstallation modes.
Instance Attribute Summary collapse
-
#firewalld ⇒ Object
Y2Firewall::Firewalld instance.
-
#settings ⇒ Object
Installation::SecuritySettings.
Instance Method Summary collapse
-
#initialize ⇒ SecurityFinish
constructor
Constuctor.
- #modes ⇒ Object
- #title ⇒ Object
- #write ⇒ Object
Constructor Details
#initialize ⇒ SecurityFinish
Constuctor
43 44 45 46 47 48 |
# File 'src/lib/installation/clients/security_finish.rb', line 43 def initialize super textdomain "installation" @settings = ::Installation::SecuritySettings.instance @firewalld = Y2Firewall::Firewalld.instance end |
Instance Attribute Details
#firewalld ⇒ Object
Y2Firewall::Firewalld instance
40 41 42 |
# File 'src/lib/installation/clients/security_finish.rb', line 40 def firewalld @firewalld end |
#settings ⇒ Object
Installation::SecuritySettings
38 39 40 |
# File 'src/lib/installation/clients/security_finish.rb', line 38 def settings @settings end |
Instance Method Details
#modes ⇒ Object
54 55 56 |
# File 'src/lib/installation/clients/security_finish.rb', line 54 def modes [:installation, :autoinst, :update] end |
#title ⇒ Object
50 51 52 |
# File 'src/lib/installation/clients/security_finish.rb', line 50 def title _("Writing Security Configuration...") end |
#write ⇒ Object
58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 |
# File 'src/lib/installation/clients/security_finish.rb', line 58 def write write_firewall Yast::SCR.Write( Yast::Path.new(".sysconfig.security.CHECK_SIGNATURES"), Yast::SignatureCheckDialogs.CheckSignatures ) # in autoinstallation write security profile here Yast::Security.Write if Yast::Mode.autoinst # ensure we have correct ca certificates if Yast::Mode.update res = Yast::SCR.Execute(Yast::Path.new(".target.bash_output"), "/usr/sbin/update-ca-certificates") log.info("updating ca certificates result: #{res}") # Finish here as during upgrade we do not want to modify security settings return true end write_polkit # workaround missing capabilities if we use deployment from images # as tarballs which is used for images for not support it (bnc#889489) # do nothing if capabilities are properly set res = Yast::SCR.Execute(Yast::Path.new(".target.bash_output"), "/usr/bin/chkstat --system --set") log.info("updating capabilities: #{res}") # Write down the Linux Security Module configuration settings.lsm_config.save true end |