From 2d2672ec583c749047a30d3e024304bcfdae1d4a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Sun, 12 Mar 2017 01:50:09 +0100 Subject: [PATCH] vm/qubesvm: convert firewall_conf into dumb, read-only property Don't allow anything else than firewall.xml. --- qubes/tests/vm/qubesvm.py | 14 -------------- qubes/vm/mix/net.py | 6 ++++-- 2 files changed, 4 insertions(+), 16 deletions(-) diff --git a/qubes/tests/vm/qubesvm.py b/qubes/tests/vm/qubesvm.py index 2fe79ff7..a8d9f626 100644 --- a/qubes/tests/vm/qubesvm.py +++ b/qubes/tests/vm/qubesvm.py @@ -340,20 +340,6 @@ class TC_90_QubesVM(QubesVMTestsMixin,qubes.tests.QubesTestCase): vm = self.get_vm() self._test_generic_bool_property(vm, 'include_in_backups', True) - def test_240_firewall_conf(self): - vm = self.get_vm() - self.assertPropertyDefaultValue(vm, 'firewall_conf', 'firewall.xml') - self.assertPropertyValue(vm, 'firewall_conf', 'other.xml', - 'other.xml', 'other.xml') - del vm.firewall_conf - self.assertPropertyDefaultValue(vm, 'firewall_conf', - 'firewall.xml') - - @unittest.expectedFailure - def test_241_firewall_conf_invalid(self): - vm = self.get_vm() - self.assertPropertyInvalidValue(vm, 'firewall_conf', None) - @qubes.tests.skipUnlessDom0 def test_250_kernel(self): kernels = os.listdir(os.path.join( diff --git a/qubes/vm/mix/net.py b/qubes/vm/mix/net.py index dc7c9e95..dde78302 100644 --- a/qubes/vm/mix/net.py +++ b/qubes/vm/mix/net.py @@ -91,8 +91,10 @@ class NetVMMixin(qubes.events.Emitter): doc='''If this domain can act as network provider (formerly known as NetVM or ProxyVM)''') - firewall_conf = qubes.property('firewall_conf', type=str, - default='firewall.xml') + + @property + def firewall_conf(self): + return 'firewall.xml' # # used in networked appvms or proxyvms (netvm is not None)