firewall: fix ZONE_CONFLICT when removing interface from zone

The firewalld removeInterface call fails with ZONE_CONFLICT when removing an interface from a wrong zone. This can happen, when the connection gets modified, while being active (which is related to bgo#724041). By not specifying any zone, we remove the interface from the zone where it currently is added. This behavior was introduced in upstream firewalld with commit cc3101ab70a3997228be7bc9f45a069c7fccfa36, March 2012, r0_2_3-1. This is the behavior we actually want and we don't have to keep proper track of the current zone. https://bugzilla.redhat.com/show_bug.cgi?id=1103782 Signed-off-by: Thomas Haller <thaller@redhat.com>
2026-01-03 00:00:14 +01:00 · 2014-06-02 18:11:54 +02:00 · 2014-06-02 18:11:54 +02:00 · c598336de8
commit c598336de8
parent 3bc38ad531
1 changed files with 1 additions and 3 deletions
--- a/src/devices/nm-device.c
+++ b/src/devices/nm-device.c
@ -4899,7 +4899,6 @@ nm_device_cleanup (NMDevice *self, NMDeviceStateReason reason)
 	NMDevicePrivate *priv;
 	NMDeviceStateReason ignored = NM_DEVICE_STATE_REASON_NONE;
 	NMConnection *connection = NULL;
-	NMSettingConnection *s_con = NULL;
 	int ifindex;

 	g_return_if_fail (NM_IS_DEVICE (self));
@ -4924,10 +4923,9 @@ nm_device_cleanup (NMDevice *self, NMDeviceStateReason reason)
 	if (priv->act_request)
 		connection = nm_act_request_get_connection (priv->act_request);
 	if (connection) {
-		s_con = nm_connection_get_setting_connection (connection);
 		nm_firewall_manager_remove_from_zone (priv->fw_manager,
 		                                      nm_device_get_ip_iface (self),
-		                                      nm_setting_connection_get_zone (s_con));
+		                                      NULL);
 	}

 	ip_check_gw_ping_cleanup (self);