summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGilad Arnold <garnold@google.com>2015-08-20 17:37:02 -0700
committerGilad Arnold <garnold@google.com>2015-08-20 17:37:02 -0700
commit1d8560568ca741cf360924509afe97be0384aa4c (patch)
tree5d8b0f47eff6f4bbc6ea9962257eaa9ba3f85579
parentf3ecb5dfac621af83bc5e5809cc34910dae8c4c1 (diff)
downloadfirewalld-1d8560568ca741cf360924509afe97be0384aa4c.tar.gz
Change how we start firewalld, again.
This puts firewalld back in the 'main' class, but initially disabled. It is only enabled once initial firewall setup is completed. Bug: 23064386 Change-Id: I1d8a530153c5dc624a7d499cc10b840b46294af0
Diffstat
-rw-r--r--init.firewalld.rc8
1 files changed, 2 insertions, 6 deletions
diff --git a/init.firewalld.rc b/init.firewalld.rc
index e273a2e..306b6aa 100644
--- a/init.firewalld.rc
+++ b/init.firewalld.rc
@@ -1,10 +1,6 @@
-# TODO(garnold) While we want firewalld to only start after basic firewall
-# rules are setup, its lifespan should be tied to class main, like other
-# services. This needs to be fixed.
-on property:brillo.setup_firewall=1
- start firewalld
-
service firewalld /system/bin/firewalld
+ class main
user system
group system dbus net_admin net_raw
seclabel u:r:brillo:s0
+ disabled
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-19 17:32:50 +0000