tools: stop checking init scripts & iptables config

The /etc/sysconfig/libvirtd file is a Fedora/RHEL specific concept.
Since those distros switched to systemd socket activation, the
existance of --listen parameter in /etc/sysconfig/libvirtd is no
longer a reliable check. This was further degraded with the switch
to modular daemons where virtproxyd takes over the role.

The /etc/sysconfig/iptables file is a Fedora/RHEL specific concept.
Since those distros switched to firewalld, this file is no longer
a reliable check.

Rather than complicating these checks, just remove them, so that
the virt-pki-validate tool focuses exclusively on TLS configuration
validation.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

diff --git a/tools/virt-pki-validate.in b/tools/virt-pki-validate.in
index c91f247ba507d7011639b615f910d3790f5c95e0..c77daa9862a67664a5c1ef0a8359f5a3a8c24fdb 100644 (file)
--- a/tools/virt-pki-validate.in
+++ b/tools/virt-pki-validate.in
@@ -73,7 +73,6 @@ echo Found "$CERTOOL"
 #
 SYSCONFDIR="@sysconfdir@"
 PKI="$SYSCONFDIR/pki"
-INITCONFDIR="@initconfdir@"
 if [ ! -d "$PKI" ]
 then
     echo the $PKI directory is missing, it is usually
@@ -293,31 +292,4 @@ else
     SERVER=0
 fi
 
-if [ "$SERVER" = "1" ]
-then
-    if [ -r "$INITCONFDIR"/libvirtd ]
-    then
-        if grep "^LIBVIRTD_ARGS.*--listen" "$INITCONFDIR"/libvirtd \
-            >/dev/null 2>&1
-        then
-            :
-        else
-            echo Make sure "$INITCONFDIR"/libvirtd is setup to listen to
-            echo TCP/IP connections and restart the libvirtd service
-        fi
-    fi
-    if [ -r "$INITCONFDIR"/iptables ]
-    then
-        if grep "$PORT" "$INITCONFDIR"/iptables >/dev/null 2>&1
-        then
-            :
-        else
-            echo Make sure "$INITCONFDIR"/iptables is setup to allow
-            echo incoming TCP/IP connections on port $PORT and
-            echo restart the iptables service
-        fi
-    fi
-fi
-
-
 exit 0