diff --git a/CHANGELOG.md b/CHANGELOG.md index c19d0455..6defc87c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -44,6 +44,7 @@ The **patch** part changes is incremented if multiple releases happen the same m * postfix: Do not send mails through milters a second time after amavis (in packmail) * etc-git : Remount /usr in rw for git gc in in /usr/share/scripts/ * etc-git: Make evocommit fully compatible with OpenBSD +* minifirewall: fix `failed_when` condition on restart ### Removed diff --git a/evobackup-client/handlers/main.yml b/evobackup-client/handlers/main.yml index fc1b7739..de71f634 100644 --- a/evobackup-client/handlers/main.yml +++ b/evobackup-client/handlers/main.yml @@ -2,8 +2,9 @@ - name: restart minifirewall command: /etc/init.d/minifirewall restart register: minifirewall_init_restart - failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout" - changed_when: "'starting IPTables rules is now finish : OK' in minifirewall_init_restart.stdout" + failed_when: + - "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout" + - "'minifirewall started' not in minifirewall_init_restart.stdout" - name: 'created new jail' command: "bkctld restart {{ evolinux_hostname }}" diff --git a/evomaintenance/handlers/main.yml b/evomaintenance/handlers/main.yml index 85884f73..37c9af95 100644 --- a/evomaintenance/handlers/main.yml +++ b/evomaintenance/handlers/main.yml @@ -3,8 +3,9 @@ - name: restart minifirewall command: /etc/init.d/minifirewall restart register: minifirewall_init_restart - failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout" - changed_when: "'starting IPTables rules is now finish : OK' in minifirewall_init_restart.stdout" + failed_when: + - "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout" + - "'minifirewall started' not in minifirewall_init_restart.stdout" - name: restart minifirewall (noop) meta: noop diff --git a/minifirewall/tasks/config.yml b/minifirewall/tasks/config.yml index 82b5263a..1ddb9695 100644 --- a/minifirewall/tasks/config.yml +++ b/minifirewall/tasks/config.yml @@ -285,7 +285,7 @@ - name: restart minifirewall command: /etc/init.d/minifirewall restart register: minifirewall_init_restart - failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout" + failed_when: "'minifirewall failed' in minifirewall_init_restart.stdout" when: - minifirewall_restart_if_needed | bool - minifirewall_is_running.rc == 0 diff --git a/minifirewall/tasks/main.yml b/minifirewall/tasks/main.yml index f5eb9ea4..4a838ee9 100644 --- a/minifirewall/tasks/main.yml +++ b/minifirewall/tasks/main.yml @@ -95,7 +95,6 @@ command: /etc/init.d/minifirewall restart register: minifirewall_init_restart failed_when: "'minifirewall failed' in minifirewall_init_restart.stdout" - changed_when: "'minifirewall started' in minifirewall_init_restart.stdout" when: - minifirewall_install_mode != 'legacy' - minifirewall_restart_force | bool @@ -104,7 +103,6 @@ command: /etc/init.d/minifirewall restart register: minifirewall_init_restart failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout" - changed_when: "'starting IPTables rules is now finish : OK' in minifirewall_init_restart.stdout" when: - minifirewall_install_mode == 'legacy' - minifirewall_restart_force | bool \ No newline at end of file diff --git a/minifirewall/tasks/tail.yml b/minifirewall/tasks/tail.yml index ae771017..1d708fa4 100644 --- a/minifirewall/tasks/tail.yml +++ b/minifirewall/tasks/tail.yml @@ -21,8 +21,7 @@ - name: restart minifirewall command: /etc/init.d/minifirewall restart register: minifirewall_init_restart - failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout" - changed_when: "'starting IPTables rules is now finish : OK' in minifirewall_init_restart.stdout" + failed_when: "'minifirewall failed' in minifirewall_init_restart.stdout" when: - minifirewall_tail_template is changed - minifirewall_restart_if_needed | bool