diff options
Diffstat (limited to 'roles/os_firewall/tasks/firewall/firewalld.yml')
-rw-r--r-- | roles/os_firewall/tasks/firewall/firewalld.yml | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/roles/os_firewall/tasks/firewall/firewalld.yml b/roles/os_firewall/tasks/firewall/firewalld.yml index a9a69f73c..509655b0c 100644 --- a/roles/os_firewall/tasks/firewall/firewalld.yml +++ b/roles/os_firewall/tasks/firewall/firewalld.yml @@ -14,7 +14,7 @@ - iptables - ip6tables register: task_result - failed_when: "task_result|failed and 'could not' not in task_result.msg|lower" + failed_when: task_result|failed and 'could not' not in task_result.msg|lower - name: Wait 10 seconds after disabling iptables pause: @@ -34,6 +34,22 @@ pause: seconds=10 when: result | changed +- name: Restart polkitd + systemd: + name: polkit + state: restarted + when: result | changed + +# Fix suspected race between firewalld and polkit BZ1436964 +- name: Wait for polkit action to have been created + command: pkaction --action-id=org.fedoraproject.FirewallD1.config.info + ignore_errors: true + register: pkaction + changed_when: false + until: pkaction.rc == 0 + retries: 6 + delay: 10 + - name: Add firewalld allow rules firewalld: port: "{{ item.port }}" |