From 47ed5aabad59a77fc904e7b9d0ccfd926722de34 Mon Sep 17 00:00:00 2001
From: Paul Belanger <pabelanger@redhat.com>
Date: Tue, 5 Jul 2016 17:24:20 -0400
Subject: [PATCH] Ensure service logic run regardless of using chroot

We want to stop notify from working in a chroot, however we need to
make sure we properly setup our Service correctly. As a result, move
the logic outside of our chroot checks.

Change-Id: I4c9284ed8ed23944aa3649338b1a09abdc8b80df
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
---
 manifests/init.pp | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/manifests/init.pp b/manifests/init.pp
index 4693d3e..5dc5723 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -30,14 +30,6 @@ class iptables(
     $notify_iptables = []
   }
   else {
-    service { 'iptables':
-      name       => $::iptables::params::service_name,
-      require    => Package['iptables'],
-      hasstatus  => $::iptables::params::service_has_status,
-      status     => $::iptables::params::service_status_cmd,
-      hasrestart => $::iptables::params::service_has_restart,
-      enable     => true,
-    }
     $notify_iptables = Service['iptables']
 
     # On centos 7 firewalld and iptables-service confuse each other and you
@@ -56,6 +48,15 @@ class iptables(
     }
   }
 
+  service { 'iptables':
+    name       => $::iptables::params::service_name,
+    require    => Package['iptables'],
+    hasstatus  => $::iptables::params::service_has_status,
+    status     => $::iptables::params::service_status_cmd,
+    hasrestart => $::iptables::params::service_has_restart,
+    enable     => true,
+  }
+
   file { $::iptables::params::rules_dir:
     ensure  => directory,
     require => Package['iptables'],