[arch-commits] Commit in firewalld/trunk (PKGBUILD firewalld-arch.patch)
Maxime Gauduin
alucryd at archlinux.org
Thu Jan 25 21:32:08 UTC 2018
Date: Thursday, January 25, 2018 @ 21:32:07
Author: alucryd
Revision: 286962
upgpkg: firewalld 0.5.0-1
Modified:
firewalld/trunk/PKGBUILD
firewalld/trunk/firewalld-arch.patch
----------------------+
PKGBUILD | 10 +--
firewalld-arch.patch | 132 ++++++++++++-------------------------------------
2 files changed, 40 insertions(+), 102 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2018-01-25 21:09:07 UTC (rev 286961)
+++ PKGBUILD 2018-01-25 21:32:07 UTC (rev 286962)
@@ -4,7 +4,7 @@
# Contributor: speed145a <jonathan at tagchapter.com>
pkgname=firewalld
-pkgver=0.4.4.6
+pkgver=0.5.0
pkgrel=1
pkgdesc='Firewall daemon with D-Bus interface'
arch=('any')
@@ -22,8 +22,8 @@
'etc/firewalld/firewalld.conf')
source=("firewalld-${pkgver}.tar.gz::https://github.com/t-woerner/firewalld/archive/v${pkgver}.tar.gz"
'firewalld-arch.patch')
-sha256sums=('a7bf9dd341f3f4c261fa8a8e217160ec815e9dbf32edc25aed44719a2273e94e'
- '5c0c49e125426d561c4099df639ab6dd7073a6d17ae1c130d235cc2397c568c2')
+sha256sums=('ecd3adb714fe2ead77253d505cf430c6c640f2c088f2a779c0459f399629ab38'
+ '14a05a2f5eccbb6c30e775877706a90fd4ad524cdd13ea76f3a23b09b9d4212e')
prepare() {
cd firewalld-${pkgver}
@@ -41,8 +41,8 @@
--localstatedir='/var' \
--sbindir='/usr/bin' \
--sysconfdir='/etc' \
- --with-sysconfigdir='/etc/conf.d' \
- --disable-schemas-compile
+ --disable-schemas-compile \
+ --disable-sysconfig
make
}
Modified: firewalld-arch.patch
===================================================================
--- firewalld-arch.patch 2018-01-25 21:09:07 UTC (rev 286961)
+++ firewalld-arch.patch 2018-01-25 21:32:07 UTC (rev 286962)
@@ -1,7 +1,7 @@
-diff -rupN firewalld-0.4.3.2.orig/config/firewalld.service.in firewalld-0.4.3.2/config/firewalld.service.in
---- firewalld-0.4.3.2.orig/config/firewalld.service.in 2016-08-11 13:51:30.222192739 +0200
-+++ firewalld-0.4.3.2/config/firewalld.service.in 2016-08-11 14:00:09.330037527 +0200
-@@ -9,7 +9,7 @@ Conflicts=iptables.service ip6tables.ser
+diff -rupN firewalld-0.5.0.orig/config/firewalld.service.in firewalld-0.5.0/config/firewalld.service.in
+--- firewalld-0.5.0.orig/config/firewalld.service.in 2018-01-25 22:14:21.796600916 +0100
++++ firewalld-0.5.0/config/firewalld.service.in 2018-01-25 22:15:29.448820083 +0100
+@@ -8,7 +8,7 @@ Conflicts=iptables.service ip6tables.ser
Documentation=man:firewalld(1)
[Service]
@@ -10,10 +10,10 @@
ExecStart=@sbindir@/firewalld --nofork --nopid $FIREWALLD_ARGS
ExecReload=/bin/kill -HUP $MAINPID
# supress to log debug and error output also to /var/log/messages
-diff -rupN firewalld-0.4.3.2.orig/config/Makefile.am firewalld-0.4.3.2/config/Makefile.am
---- firewalld-0.4.3.2.orig/config/Makefile.am 2016-08-11 13:51:30.222192739 +0200
-+++ firewalld-0.4.3.2/config/Makefile.am 2016-08-11 14:00:59.039831081 +0200
-@@ -205,12 +205,12 @@ firewalld.service: firewalld.service.in
+diff -rupN firewalld-0.5.0.orig/config/Makefile.am firewalld-0.5.0/config/Makefile.am
+--- firewalld-0.5.0.orig/config/Makefile.am 2018-01-25 22:14:21.796600916 +0100
++++ firewalld-0.5.0/config/Makefile.am 2018-01-25 22:17:25.497003199 +0100
+@@ -308,12 +308,12 @@ firewalld-sysctls.conf: firewalld-sysctl
$(edit) $< >$@
install-sysconfig:
@@ -30,45 +30,21 @@
install-rpmmacros:
$(MKDIR_P) $(DESTDIR)$(prefix)/lib/rpm/macros.d
-diff -rupN firewalld-0.4.3.2.orig/doc/xml/firewall-cmd.xml firewalld-0.4.3.2/doc/xml/firewall-cmd.xml
---- firewalld-0.4.3.2.orig/doc/xml/firewall-cmd.xml 2016-08-11 13:51:30.235526017 +0200
-+++ firewalld-0.4.3.2/doc/xml/firewall-cmd.xml 2016-08-11 14:02:21.729487648 +0200
-@@ -852,7 +852,7 @@ For interfaces that are not under contro
- </para>
- <para>
- As a end user you don't need this in most cases, because NetworkManager (or legacy network service) adds interfaces into zones automatically (according to <option>ZONE=</option> option from ifcfg-<replaceable>interface</replaceable> file) if <replaceable>NM_CONTROLLED=no</replaceable> is not set.
-- You should do it only if there's no /etc/sysconfig/network-scripts/ifcfg-<replaceable>interface</replaceable> file.
-+ You should do it only if there's no /etc/conf.d/network-scripts/ifcfg-<replaceable>interface</replaceable> file.
- If there is such file and you add interface to zone with this <option>--add-interface</option> option, make sure the zone is the same in both cases, otherwise the behaviour would be undefined.
- Please also have a look at the <citerefentry><refentrytitle>firewalld</refentrytitle><manvolnum>1</manvolnum></citerefentry> man page in the <replaceable>Concepts</replaceable> section.
- For permanent association of interface with a zone, see also 'How to set or change a zone for a connection?' in <citerefentry><refentrytitle>firewalld.zones</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
-diff -rupN firewalld-0.4.3.2.orig/doc/xml/firewallctl.xml firewalld-0.4.3.2/doc/xml/firewallctl.xml
---- firewalld-0.4.3.2.orig/doc/xml/firewallctl.xml 2016-08-11 13:51:30.235526017 +0200
-+++ firewalld-0.4.3.2/doc/xml/firewallctl.xml 2016-08-11 14:01:52.559608802 +0200
-@@ -548,7 +548,7 @@ For interfaces that are not under contro
- </para>
- <para>
- As a end user you don't need to create or change zone bindings of interfaces in most cases, because NetworkManager (or legacy network service) adds interfaces into zones automatically (according to <option>ZONE=</option> option from ifcfg-<replaceable>interface</replaceable> file) if <replaceable>NM_CONTROLLED=no</replaceable> is not set.
-- You should do it only if there's no /etc/sysconfig/network-scripts/ifcfg-<replaceable>interface</replaceable> file.
-+ You should do it only if there's no /etc/conf.d/network-scripts/ifcfg-<replaceable>interface</replaceable> file.
- If there is such file and you add interface to zone with this <option>--add-interface</option> option, make sure the zone is the same in both cases, otherwise the behaviour would be undefined.
- Please also have a look at the <citerefentry><refentrytitle>firewalld</refentrytitle><manvolnum>1</manvolnum></citerefentry> man page in the <replaceable>Concepts</replaceable> section.
- For permanent association of interface with a zone, see also 'How to set or change a zone for a connection?' in <citerefentry><refentrytitle>firewalld.zones</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
-diff -rupN firewalld-0.4.3.2.orig/doc/xml/firewalld.xml firewalld-0.4.3.2/doc/xml/firewalld.xml
---- firewalld-0.4.3.2.orig/doc/xml/firewalld.xml 2016-08-11 13:51:30.235526017 +0200
-+++ firewalld-0.4.3.2/doc/xml/firewalld.xml 2016-08-11 14:03:07.599297125 +0200
-@@ -130,7 +130,7 @@
- </para>
- <para>
- You can add these interfaces to a zone with <command>firewall-cmd [--permanent] --zone=<replaceable>zone</replaceable> --add-interface=<replaceable>interface</replaceable></command>.
-- If there is a /etc/sysconfig/network-scripts/ifcfg-<replaceable>interface</replaceable> file, firewalld tries to change the ZONE=<replaceable>zone</replaceable> setting in this file.
-+ If there is a /etc/conf.d/network-scripts/ifcfg-<replaceable>interface</replaceable> file, firewalld tries to change the ZONE=<replaceable>zone</replaceable> setting in this file.
- </para>
- <para>
- If firewalld gets reloaded, it will restore the interface bindings that were in place before reloading to keep interface bindings stable in the case of NetworkManager uncontrolled interfaces.
-diff -rupN firewalld-0.4.3.2.orig/doc/xml/firewall-offline-cmd.xml firewalld-0.4.3.2/doc/xml/firewall-offline-cmd.xml
---- firewalld-0.4.3.2.orig/doc/xml/firewall-offline-cmd.xml 2016-08-11 13:51:30.235526017 +0200
-+++ firewalld-0.4.3.2/doc/xml/firewall-offline-cmd.xml 2016-08-11 14:02:41.129407071 +0200
+diff -rupN firewalld-0.5.0.orig/configure.ac firewalld-0.5.0/configure.ac
+--- firewalld-0.5.0.orig/configure.ac 2018-01-25 22:14:21.796600916 +0100
++++ firewalld-0.5.0/configure.ac 2018-01-25 22:18:20.346179951 +0100
+@@ -71,7 +71,7 @@ AC_SUBST(BASHCOMPLETIONDIR)
+
+ AC_ARG_WITH([ifcfgdir],
+ AS_HELP_STRING([--with-ifcfgdir=DIR], [The ifcfg configuration directory]),
+- [IFCFGDIR=$withval], [IFCFGDIR="/etc/sysconfig/network-scripts"])
++ [IFCFGDIR=$withval], [IFCFGDIR="/etc/conf.d/network-scripts"])
+ AC_SUBST(IFCFGDIR)
+
+ # Extend PATH to include /sbin etc in case we are building as non-root
+diff -rupN firewalld-0.5.0.orig/doc/xml/firewall-offline-cmd.xml firewalld-0.5.0/doc/xml/firewall-offline-cmd.xml
+--- firewalld-0.5.0.orig/doc/xml/firewall-offline-cmd.xml 2018-01-25 22:14:21.799934194 +0100
++++ firewalld-0.5.0/doc/xml/firewall-offline-cmd.xml 2018-01-25 22:18:43.412506403 +0100
@@ -68,7 +68,7 @@
<refsect1 id="options">
<title>Options</title>
@@ -76,45 +52,24 @@
- If no options are given, configuration from <command>/etc/sysconfig/system-config-firewall</command> will be migrated.
+ If no options are given, configuration from <command>/etc/conf.d/system-config-firewall</command> will be migrated.
</para>
+
<para>
- The following options are supported:
-diff -rupN firewalld-0.4.3.2.orig/firewalld.spec firewalld-0.4.3.2/firewalld.spec
---- firewalld-0.4.3.2.orig/firewalld.spec 2016-08-11 13:51:30.222192739 +0200
-+++ firewalld-0.4.3.2/firewalld.spec 2016-08-11 14:03:48.909125535 +0200
-@@ -222,7 +222,7 @@ fi
- %dir %{_datadir}/firewalld/tests
- %{_datadir}/firewalld/tests
- %defattr(0644,root,root)
--%config(noreplace) %{_sysconfdir}/sysconfig/firewalld
-+%config(noreplace) %{_sysconfdir}/conf.d/firewalld
- #%attr(0755,root,root) %{_initrddir}/firewalld
- %{_unitdir}/firewalld.service
- %config(noreplace) %{_sysconfdir}/dbus-1/system.d/FirewallD.conf
-diff -rupN firewalld-0.4.3.2.orig/src/firewall/config/__init__.py.in firewalld-0.4.3.2/src/firewall/config/__init__.py.in
---- firewalld-0.4.3.2.orig/src/firewall/config/__init__.py.in 2016-08-11 13:51:30.275525851 +0200
-+++ firewalld-0.4.3.2/src/firewall/config/__init__.py.in 2016-08-11 14:05:29.355374948 +0200
-@@ -85,7 +85,7 @@ FIREWALLD_DIRECT = ETC_FIREWALLD + '/dir
+diff -rupN firewalld-0.5.0.orig/src/firewall/config/__init__.py.in firewalld-0.5.0/src/firewall/config/__init__.py.in
+--- firewalld-0.5.0.orig/src/firewall/config/__init__.py.in 2018-01-25 22:14:21.803267471 +0100
++++ firewalld-0.5.0/src/firewall/config/__init__.py.in 2018-01-25 22:19:44.971614279 +0100
+@@ -96,7 +96,7 @@ FIREWALLD_PIDFILE = "/var/run/firewalld.
- LOCKDOWN_WHITELIST = ETC_FIREWALLD + '/lockdown-whitelist.xml'
+ FIREWALLD_TEMPDIR = '/run/firewalld'
-SYSCONFIGDIR = '/etc/sysconfig'
+SYSCONFIGDIR = '/etc/conf.d'
- IFCFGDIR = SYSCONFIGDIR + '/network-scripts'
+ IFCFGDIR = "@IFCFGDIR@"
SYSCTL_CONFIG = '/etc/sysctl.conf'
-diff -rupN firewalld-0.4.3.2.orig/src/tests/firewall-offline-cmd_test.sh firewalld-0.4.3.2/src/tests/firewall-offline-cmd_test.sh
---- firewalld-0.4.3.2.orig/src/tests/firewall-offline-cmd_test.sh 2016-08-11 13:51:30.302192407 +0200
-+++ firewalld-0.4.3.2/src/tests/firewall-offline-cmd_test.sh 2016-08-11 14:04:51.418865874 +0200
-@@ -176,7 +176,7 @@ assert_good "--query-forward-port ${
- failures=0
-
- while true; do
-- read -p "This test overwrites your /etc/firewalld/zones/* and /etc/sysconfig/system-config-firewall. Do you want to continue ?" yn
-+ read -p "This test overwrites your /etc/firewalld/zones/* and /etc/conf.d/system-config-firewall. Do you want to continue ?" yn
- case $yn in
- [Yy]* ) break;;
- [Nn]* ) exit;;
-@@ -201,14 +201,14 @@ fw_port2="port=333:proto=udp:toport=444"
+diff -rupN firewalld-0.5.0.orig/src/tests/legacy/firewall-offline-cmd_test.sh firewalld-0.5.0/src/tests/legacy/firewall-offline-cmd_test.sh
+--- firewalld-0.5.0.orig/src/tests/legacy/firewall-offline-cmd_test.sh 2018-01-25 22:14:21.806600748 +0100
++++ firewalld-0.5.0/src/tests/legacy/firewall-offline-cmd_test.sh 2018-01-25 22:19:19.201985041 +0100
+@@ -218,7 +218,7 @@ fw_port2="port=333:proto=udp:toport=444"
lokkit_opts="--enabled --addmodule=abc --addmodule=efg --removemodule=xyz
--trust=${trusted_iface1} --trust=${trusted_iface2}
--masq=tun+ --masq=tap+ --port=7:tcp --port=666:udp
@@ -123,15 +78,7 @@
--service=${service1} --service=${service2} --remove-service=${service3}
--block-icmp=${icmp1} --block-icmp=${icmp2}
--forward-port=if=ippp+:${fw_port1}
- --forward-port=if=ippp+:${fw_port2}"
- test_lokkit_opts
-
--cat << EOF > /etc/sysconfig/system-config-firewall
-+cat << EOF > /etc/conf.d/system-config-firewall
- --enabled
- --addmodule=abc
- --addmodule=efg
-@@ -219,7 +219,7 @@ cat << EOF > /etc/sysconfig/system-confi
+@@ -236,7 +236,7 @@ cat << EOF > ./system-config-firewall
--masq=tap+
--port=7:tcp
--port=666:udp
@@ -140,12 +87,3 @@
--service=${service1}
--service=${service2}
--remove-service=${service3}
-@@ -229,7 +229,7 @@ cat << EOF > /etc/sysconfig/system-confi
- --forward-port=if=ippp+:${fw_port2}
- EOF
-
--# running firewall-offline-cmd without options should import /etc/sysconfig/system-config-firewall
-+# running firewall-offline-cmd without options should import /etc/conf.d/system-config-firewall
- lokkit_opts=""
- test_lokkit_opts
-
More information about the arch-commits
mailing list