diff options
author | Gilad Arnold <garnold@google.com> | 2015-08-20 17:37:02 -0700 |
---|---|---|
committer | Gilad Arnold <garnold@google.com> | 2015-08-20 17:37:02 -0700 |
commit | 1d8560568ca741cf360924509afe97be0384aa4c (patch) | |
tree | 5d8b0f47eff6f4bbc6ea9962257eaa9ba3f85579 | |
parent | f3ecb5dfac621af83bc5e5809cc34910dae8c4c1 (diff) | |
download | firewalld-1d8560568ca741cf360924509afe97be0384aa4c.tar.gz |
Change how we start firewalld, again.
This puts firewalld back in the 'main' class, but initially disabled. It
is only enabled once initial firewall setup is completed.
Bug: 23064386
Change-Id: I1d8a530153c5dc624a7d499cc10b840b46294af0
-rw-r--r-- | init.firewalld.rc | 8 |
1 files changed, 2 insertions, 6 deletions
diff --git a/init.firewalld.rc b/init.firewalld.rc index e273a2e..306b6aa 100644 --- a/init.firewalld.rc +++ b/init.firewalld.rc @@ -1,10 +1,6 @@ -# TODO(garnold) While we want firewalld to only start after basic firewall -# rules are setup, its lifespan should be tied to class main, like other -# services. This needs to be fixed. -on property:brillo.setup_firewall=1 - start firewalld - service firewalld /system/bin/firewalld + class main user system group system dbus net_admin net_raw seclabel u:r:brillo:s0 + disabled |