network: ignore/don't log errors when unsetting firewalld zone

The most common "error" when trying to unset the firewalld zone of an interface is for firewalld to tell us that the interface already isn't in any zone. Since this is what we want, no need to alarm the user by logging it as an error. Signed-off-by: Laine Stump <laine@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
2024-12-22 13:45:38 +00:00 · 2024-10-21 13:55:16 -04:00 · 2024-10-21 13:55:16 -04:00 · e8228a9e79
commit e8228a9e79
parent dbc9fbf644
2 changed files with 23 additions and 12 deletions
--- a/src/util/virfirewalld.c
+++ b/src/util/virfirewalld.c
@ -449,26 +449,37 @@ virFirewallDInterfaceSetZone(const char *iface,
 }


-int
+void
 virFirewallDInterfaceUnsetZone(const char *iface)
 {
    GDBusConnection *sysbus = virGDBusGetSystemBus();
    g_autoptr(GVariant) message = NULL;
+    g_autoptr(virError) error = NULL;

    if (!sysbus)
-        return -1;
+        return;
+
+    /* we are sending virGDBusCallMethod an error object so that it
+     * will put the error message there rather than logging it,
+     * because we want to ignore any error as it doesn't matter - the
+     * most common "error" is to inform us that the interface is
+     * already not in any zone, and that is of course just fine, since
+     * that's what we're trying to do anyway. If there is an error,
+     * we'll just throw it away without logging it anywhere.
+     */
+    error = g_new0(virError, 1);

    message = g_variant_new("(ss)", "", iface);

-    return virGDBusCallMethod(sysbus,
-                              NULL,
-                              NULL,
-                              NULL,
-                              VIR_FIREWALL_FIREWALLD_SERVICE,
-                              "/org/fedoraproject/FirewallD1",
-                              "org.fedoraproject.FirewallD1.zone",
-                              "removeInterface",
-                              message);
+    virGDBusCallMethod(sysbus,
+                       NULL,
+                       NULL,
+                       error,
+                       VIR_FIREWALL_FIREWALLD_SERVICE,
+                       "/org/fedoraproject/FirewallD1",
+                       "org.fedoraproject.FirewallD1.zone",
+                       "removeInterface",
+                       message);
 }


--- a/src/util/virfirewalld.h
+++ b/src/util/virfirewalld.h
@ -46,6 +46,6 @@ int virFirewallDApplyRule(virFirewallLayer layer,
 int virFirewallDInterfaceSetZone(const char *iface,
                                 const char *zone);

-int virFirewallDInterfaceUnsetZone(const char *iface);
+void virFirewallDInterfaceUnsetZone(const char *iface);

 void virFirewallDSynchronize(void);