WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-04-27 03:52:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

base / iptables: don't remove iptables for now

Browse Source 
This was a good change in theory, but in practice it's not.
The 'iptables-legacy' package provides 'iptables' so it gets removed,
but there's some things we still install that depend on it, so it just
gets pulled in later as a dependency.

Examples:

build* machines install oz and ImageFactory that need it
(but we can possibly drop those now)

virthosts have some libvirt subpackages that require it.

I'm not sure we can readd this in a targeted way or should just drop it
for now entirely.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This commit is contained in:
Kevin Fenzi
2025-08-09 09:14:09 -07:00
parent b9c73dd6ee
commit 2a2f75daf1
1 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
roles/base/tasks/main.yml
View File

@@ -168,12 +168,12 @@
- base
when: nftables
- name: Ensure iptables is not installed
ansible.builtin.package: state=absent name=iptables
tags:
- packages
- base
when: nftables
#- name: Ensure iptables is not installed
# ansible.builtin.package: state=absent name=iptables
# tags:
# - packages
# - base
# when: nftables
- name: Ensure ipset is installed
ansible.builtin.package: state=present name=ipset