Class: Installation::Clients::SecurityFinish

Inherits:

FinishClient

Object
FinishClient
Installation::Clients::SecurityFinish

Includes:: Yast::I18n, Yast::Logger

Defined in:: src/lib/installation/clients/security_finish.rb

Overview

This is a step of base installation finish and it is responsible of write the firewall proposal configuration for installation and autoinstallation modes.

Instance Attribute Summary collapse

#firewalld ⇒ Object
Y2Firewall::Firewalld instance.
#settings ⇒ Object
Installation::SecuritySettings.

Instance Method Summary collapse

#initialize ⇒ SecurityFinish constructor
Constuctor.
#modes ⇒ Object
#title ⇒ Object
#write ⇒ Object

Constructor Details

#initialize ⇒ `SecurityFinish`

Constuctor

# File 'src/lib/installation/clients/security_finish.rb', line 43

def initialize
  super
  textdomain "installation"
  @settings = ::Installation::SecuritySettings.instance
  @firewalld = Y2Firewall::Firewalld.instance
end

Instance Attribute Details

#firewalld ⇒ `Object`

Y2Firewall::Firewalld instance


40
41
42

# File 'src/lib/installation/clients/security_finish.rb', line 40

def firewalld
  @firewalld
end

#settings ⇒ `Object`

Installation::SecuritySettings


38
39
40

# File 'src/lib/installation/clients/security_finish.rb', line 38

def settings
  @settings
end

Instance Method Details

#modes ⇒ `Object`


54
55
56

# File 'src/lib/installation/clients/security_finish.rb', line 54

def modes
  [:installation, :autoinst, :update]
end

#title ⇒ `Object`


50
51
52

# File 'src/lib/installation/clients/security_finish.rb', line 50

def title
  _("Writing Security Configuration...")
end

#write ⇒ `Object`

# File 'src/lib/installation/clients/security_finish.rb', line 58

def write
  write_firewall

  Yast::SCR.Write(
    Yast::Path.new(".sysconfig.security.CHECK_SIGNATURES"),
    Yast::SignatureCheckDialogs.CheckSignatures
  )

  # in autoinstallation write security profile here
  Yast::Security.Write if Yast::Mode.autoinst

  # ensure we have correct ca certificates
  if Yast::Mode.update
    res = Yast::SCR.Execute(Yast::Path.new(".target.bash_output"),
      "/usr/sbin/update-ca-certificates")
    log.info("updating ca certificates result: #{res}")

    # Finish here as during upgrade we do not want to modify security settings
    return true
  end

  write_polkit

  # workaround missing capabilities if we use deployment from images
  # as tarballs which is used for images for not support it (bnc#889489)
  # do nothing if capabilities are properly set
  res = Yast::SCR.Execute(Yast::Path.new(".target.bash_output"),
    "/usr/bin/chkstat --system --set")
  log.info("updating capabilities: #{res}")

  # Write down the Linux Security Module configuration
  settings.lsm_config.save

  true
end

Class: Installation::Clients::SecurityFinish

Overview

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize ⇒ SecurityFinish

Instance Attribute Details

#firewalld ⇒ Object

#settings ⇒ Object