From 18ed1c926720942d56ed3804fba0268ba9c8fece Mon Sep 17 00:00:00 2001
From: Sunil Mohan Adapa <sunil@medhas.org>
Date: Sun, 28 Nov 2021 12:24:42 -0800
Subject: [PATCH] firewall: Allow configuration upgrade to version 1.0.x

Closes: #2133.

There are two new defaults which need not be altered in FreedomBox:

CleanupModulesOnExit=no
(removed) AllowZoneDrifting=no

Tests:

- Without the patch, on a testing system with firewalld 0.9.x installed, run apt
update. FreedomBox considers firewalld for force upgrade and then ignores it as
shown in the logs.

- With the patch, firewalld is upgraded to 1.0.x version by FreedomBox using
force upgrade as shown in logs. After upgrade, the default zone is external and
backend is nftables.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
---
 plinth/modules/firewall/__init__.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/plinth/modules/firewall/__init__.py b/plinth/modules/firewall/__init__.py
index 6bc78f56f..ec3e029cd 100644
--- a/plinth/modules/firewall/__init__.py
+++ b/plinth/modules/firewall/__init__.py
@@ -107,9 +107,9 @@ def force_upgrade(helper, packages):
     if 'firewalld' not in packages:
         return False
 
-    # firewalld 0.6.x -> 0.7.x, 0.6.x -> 0.8.x, 0.7.x -> 0.8.x
+    # firewalld 0.6.x -> 0.7.x, 0.6.x -> 0.8.x, 0.7.x -> 0.8.x, 0.9.x -> 1.0.x
     package = packages['firewalld']
-    if Version(package['current_version']) >= Version('0.9') or \
+    if Version(package['current_version']) >= Version('1.0') or \
        Version(package['new_version']) < Version('0.7'):
         return False