Date: Thursday, January 25, 2018 @ 21:32:07 Author: alucryd Revision: 286962
upgpkg: firewalld 0.5.0-1 Modified: firewalld/trunk/PKGBUILD firewalld/trunk/firewalld-arch.patch ----------------------+ PKGBUILD | 10 +-- firewalld-arch.patch | 132 ++++++++++++------------------------------------- 2 files changed, 40 insertions(+), 102 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2018-01-25 21:09:07 UTC (rev 286961) +++ PKGBUILD 2018-01-25 21:32:07 UTC (rev 286962) @@ -4,7 +4,7 @@ # Contributor: speed145a <[email protected]> pkgname=firewalld -pkgver=0.4.4.6 +pkgver=0.5.0 pkgrel=1 pkgdesc='Firewall daemon with D-Bus interface' arch=('any') @@ -22,8 +22,8 @@ 'etc/firewalld/firewalld.conf') source=("firewalld-${pkgver}.tar.gz::https://github.com/t-woerner/firewalld/archive/v${pkgver}.tar.gz"; 'firewalld-arch.patch') -sha256sums=('a7bf9dd341f3f4c261fa8a8e217160ec815e9dbf32edc25aed44719a2273e94e' - '5c0c49e125426d561c4099df639ab6dd7073a6d17ae1c130d235cc2397c568c2') +sha256sums=('ecd3adb714fe2ead77253d505cf430c6c640f2c088f2a779c0459f399629ab38' + '14a05a2f5eccbb6c30e775877706a90fd4ad524cdd13ea76f3a23b09b9d4212e') prepare() { cd firewalld-${pkgver} @@ -41,8 +41,8 @@ --localstatedir='/var' \ --sbindir='/usr/bin' \ --sysconfdir='/etc' \ - --with-sysconfigdir='/etc/conf.d' \ - --disable-schemas-compile + --disable-schemas-compile \ + --disable-sysconfig make } Modified: firewalld-arch.patch =================================================================== --- firewalld-arch.patch 2018-01-25 21:09:07 UTC (rev 286961) +++ firewalld-arch.patch 2018-01-25 21:32:07 UTC (rev 286962) @@ -1,7 +1,7 @@ -diff -rupN firewalld-0.4.3.2.orig/config/firewalld.service.in firewalld-0.4.3.2/config/firewalld.service.in ---- firewalld-0.4.3.2.orig/config/firewalld.service.in 2016-08-11 13:51:30.222192739 +0200 -+++ firewalld-0.4.3.2/config/firewalld.service.in 2016-08-11 14:00:09.330037527 +0200 -@@ -9,7 +9,7 @@ Conflicts=iptables.service ip6tables.ser +diff -rupN firewalld-0.5.0.orig/config/firewalld.service.in firewalld-0.5.0/config/firewalld.service.in +--- firewalld-0.5.0.orig/config/firewalld.service.in 2018-01-25 22:14:21.796600916 +0100 ++++ firewalld-0.5.0/config/firewalld.service.in 2018-01-25 22:15:29.448820083 +0100 +@@ -8,7 +8,7 @@ Conflicts=iptables.service ip6tables.ser Documentation=man:firewalld(1) [Service] @@ -10,10 +10,10 @@ ExecStart=@sbindir@/firewalld --nofork --nopid $FIREWALLD_ARGS ExecReload=/bin/kill -HUP $MAINPID # supress to log debug and error output also to /var/log/messages -diff -rupN firewalld-0.4.3.2.orig/config/Makefile.am firewalld-0.4.3.2/config/Makefile.am ---- firewalld-0.4.3.2.orig/config/Makefile.am 2016-08-11 13:51:30.222192739 +0200 -+++ firewalld-0.4.3.2/config/Makefile.am 2016-08-11 14:00:59.039831081 +0200 -@@ -205,12 +205,12 @@ firewalld.service: firewalld.service.in +diff -rupN firewalld-0.5.0.orig/config/Makefile.am firewalld-0.5.0/config/Makefile.am +--- firewalld-0.5.0.orig/config/Makefile.am 2018-01-25 22:14:21.796600916 +0100 ++++ firewalld-0.5.0/config/Makefile.am 2018-01-25 22:17:25.497003199 +0100 +@@ -308,12 +308,12 @@ firewalld-sysctls.conf: firewalld-sysctl $(edit) $< >$@ install-sysconfig: @@ -30,45 +30,21 @@ install-rpmmacros: $(MKDIR_P) $(DESTDIR)$(prefix)/lib/rpm/macros.d -diff -rupN firewalld-0.4.3.2.orig/doc/xml/firewall-cmd.xml firewalld-0.4.3.2/doc/xml/firewall-cmd.xml ---- firewalld-0.4.3.2.orig/doc/xml/firewall-cmd.xml 2016-08-11 13:51:30.235526017 +0200 -+++ firewalld-0.4.3.2/doc/xml/firewall-cmd.xml 2016-08-11 14:02:21.729487648 +0200 -@@ -852,7 +852,7 @@ For interfaces that are not under contro - </para> - <para> - As a end user you don't need this in most cases, because NetworkManager (or legacy network service) adds interfaces into zones automatically (according to <option>ZONE=</option> option from ifcfg-<replaceable>interface</replaceable> file) if <replaceable>NM_CONTROLLED=no</replaceable> is not set. -- You should do it only if there's no /etc/sysconfig/network-scripts/ifcfg-<replaceable>interface</replaceable> file. -+ You should do it only if there's no /etc/conf.d/network-scripts/ifcfg-<replaceable>interface</replaceable> file. - If there is such file and you add interface to zone with this <option>--add-interface</option> option, make sure the zone is the same in both cases, otherwise the behaviour would be undefined. - Please also have a look at the <citerefentry><refentrytitle>firewalld</refentrytitle><manvolnum>1</manvolnum></citerefentry> man page in the <replaceable>Concepts</replaceable> section. - For permanent association of interface with a zone, see also 'How to set or change a zone for a connection?' in <citerefentry><refentrytitle>firewalld.zones</refentrytitle><manvolnum>5</manvolnum></citerefentry>. -diff -rupN firewalld-0.4.3.2.orig/doc/xml/firewallctl.xml firewalld-0.4.3.2/doc/xml/firewallctl.xml ---- firewalld-0.4.3.2.orig/doc/xml/firewallctl.xml 2016-08-11 13:51:30.235526017 +0200 -+++ firewalld-0.4.3.2/doc/xml/firewallctl.xml 2016-08-11 14:01:52.559608802 +0200 -@@ -548,7 +548,7 @@ For interfaces that are not under contro - </para> - <para> - As a end user you don't need to create or change zone bindings of interfaces in most cases, because NetworkManager (or legacy network service) adds interfaces into zones automatically (according to <option>ZONE=</option> option from ifcfg-<replaceable>interface</replaceable> file) if <replaceable>NM_CONTROLLED=no</replaceable> is not set. -- You should do it only if there's no /etc/sysconfig/network-scripts/ifcfg-<replaceable>interface</replaceable> file. -+ You should do it only if there's no /etc/conf.d/network-scripts/ifcfg-<replaceable>interface</replaceable> file. - If there is such file and you add interface to zone with this <option>--add-interface</option> option, make sure the zone is the same in both cases, otherwise the behaviour would be undefined. - Please also have a look at the <citerefentry><refentrytitle>firewalld</refentrytitle><manvolnum>1</manvolnum></citerefentry> man page in the <replaceable>Concepts</replaceable> section. - For permanent association of interface with a zone, see also 'How to set or change a zone for a connection?' in <citerefentry><refentrytitle>firewalld.zones</refentrytitle><manvolnum>5</manvolnum></citerefentry>. -diff -rupN firewalld-0.4.3.2.orig/doc/xml/firewalld.xml firewalld-0.4.3.2/doc/xml/firewalld.xml ---- firewalld-0.4.3.2.orig/doc/xml/firewalld.xml 2016-08-11 13:51:30.235526017 +0200 -+++ firewalld-0.4.3.2/doc/xml/firewalld.xml 2016-08-11 14:03:07.599297125 +0200 -@@ -130,7 +130,7 @@ - </para> - <para> - You can add these interfaces to a zone with <command>firewall-cmd [--permanent] --zone=<replaceable>zone</replaceable> --add-interface=<replaceable>interface</replaceable></command>. -- If there is a /etc/sysconfig/network-scripts/ifcfg-<replaceable>interface</replaceable> file, firewalld tries to change the ZONE=<replaceable>zone</replaceable> setting in this file. -+ If there is a /etc/conf.d/network-scripts/ifcfg-<replaceable>interface</replaceable> file, firewalld tries to change the ZONE=<replaceable>zone</replaceable> setting in this file. - </para> - <para> - If firewalld gets reloaded, it will restore the interface bindings that were in place before reloading to keep interface bindings stable in the case of NetworkManager uncontrolled interfaces. -diff -rupN firewalld-0.4.3.2.orig/doc/xml/firewall-offline-cmd.xml firewalld-0.4.3.2/doc/xml/firewall-offline-cmd.xml ---- firewalld-0.4.3.2.orig/doc/xml/firewall-offline-cmd.xml 2016-08-11 13:51:30.235526017 +0200 -+++ firewalld-0.4.3.2/doc/xml/firewall-offline-cmd.xml 2016-08-11 14:02:41.129407071 +0200 +diff -rupN firewalld-0.5.0.orig/configure.ac firewalld-0.5.0/configure.ac +--- firewalld-0.5.0.orig/configure.ac 2018-01-25 22:14:21.796600916 +0100 ++++ firewalld-0.5.0/configure.ac 2018-01-25 22:18:20.346179951 +0100 +@@ -71,7 +71,7 @@ AC_SUBST(BASHCOMPLETIONDIR) + + AC_ARG_WITH([ifcfgdir], + AS_HELP_STRING([--with-ifcfgdir=DIR], [The ifcfg configuration directory]), +- [IFCFGDIR=$withval], [IFCFGDIR="/etc/sysconfig/network-scripts"]) ++ [IFCFGDIR=$withval], [IFCFGDIR="/etc/conf.d/network-scripts"]) + AC_SUBST(IFCFGDIR) + + # Extend PATH to include /sbin etc in case we are building as non-root +diff -rupN firewalld-0.5.0.orig/doc/xml/firewall-offline-cmd.xml firewalld-0.5.0/doc/xml/firewall-offline-cmd.xml +--- firewalld-0.5.0.orig/doc/xml/firewall-offline-cmd.xml 2018-01-25 22:14:21.799934194 +0100 ++++ firewalld-0.5.0/doc/xml/firewall-offline-cmd.xml 2018-01-25 22:18:43.412506403 +0100 @@ -68,7 +68,7 @@ <refsect1 id="options"> <title>Options</title> @@ -76,45 +52,24 @@ - If no options are given, configuration from <command>/etc/sysconfig/system-config-firewall</command> will be migrated. + If no options are given, configuration from <command>/etc/conf.d/system-config-firewall</command> will be migrated. </para> + <para> - The following options are supported: -diff -rupN firewalld-0.4.3.2.orig/firewalld.spec firewalld-0.4.3.2/firewalld.spec ---- firewalld-0.4.3.2.orig/firewalld.spec 2016-08-11 13:51:30.222192739 +0200 -+++ firewalld-0.4.3.2/firewalld.spec 2016-08-11 14:03:48.909125535 +0200 -@@ -222,7 +222,7 @@ fi - %dir %{_datadir}/firewalld/tests - %{_datadir}/firewalld/tests - %defattr(0644,root,root) --%config(noreplace) %{_sysconfdir}/sysconfig/firewalld -+%config(noreplace) %{_sysconfdir}/conf.d/firewalld - #%attr(0755,root,root) %{_initrddir}/firewalld - %{_unitdir}/firewalld.service - %config(noreplace) %{_sysconfdir}/dbus-1/system.d/FirewallD.conf -diff -rupN firewalld-0.4.3.2.orig/src/firewall/config/__init__.py.in firewalld-0.4.3.2/src/firewall/config/__init__.py.in ---- firewalld-0.4.3.2.orig/src/firewall/config/__init__.py.in 2016-08-11 13:51:30.275525851 +0200 -+++ firewalld-0.4.3.2/src/firewall/config/__init__.py.in 2016-08-11 14:05:29.355374948 +0200 -@@ -85,7 +85,7 @@ FIREWALLD_DIRECT = ETC_FIREWALLD + '/dir +diff -rupN firewalld-0.5.0.orig/src/firewall/config/__init__.py.in firewalld-0.5.0/src/firewall/config/__init__.py.in +--- firewalld-0.5.0.orig/src/firewall/config/__init__.py.in 2018-01-25 22:14:21.803267471 +0100 ++++ firewalld-0.5.0/src/firewall/config/__init__.py.in 2018-01-25 22:19:44.971614279 +0100 +@@ -96,7 +96,7 @@ FIREWALLD_PIDFILE = "/var/run/firewalld. - LOCKDOWN_WHITELIST = ETC_FIREWALLD + '/lockdown-whitelist.xml' + FIREWALLD_TEMPDIR = '/run/firewalld' -SYSCONFIGDIR = '/etc/sysconfig' +SYSCONFIGDIR = '/etc/conf.d' - IFCFGDIR = SYSCONFIGDIR + '/network-scripts' + IFCFGDIR = "@IFCFGDIR@" SYSCTL_CONFIG = '/etc/sysctl.conf' -diff -rupN firewalld-0.4.3.2.orig/src/tests/firewall-offline-cmd_test.sh firewalld-0.4.3.2/src/tests/firewall-offline-cmd_test.sh ---- firewalld-0.4.3.2.orig/src/tests/firewall-offline-cmd_test.sh 2016-08-11 13:51:30.302192407 +0200 -+++ firewalld-0.4.3.2/src/tests/firewall-offline-cmd_test.sh 2016-08-11 14:04:51.418865874 +0200 -@@ -176,7 +176,7 @@ assert_good "--query-forward-port ${ - failures=0 - - while true; do -- read -p "This test overwrites your /etc/firewalld/zones/* and /etc/sysconfig/system-config-firewall. Do you want to continue ?" yn -+ read -p "This test overwrites your /etc/firewalld/zones/* and /etc/conf.d/system-config-firewall. Do you want to continue ?" yn - case $yn in - [Yy]* ) break;; - [Nn]* ) exit;; -@@ -201,14 +201,14 @@ fw_port2="port=333:proto=udp:toport=444" +diff -rupN firewalld-0.5.0.orig/src/tests/legacy/firewall-offline-cmd_test.sh firewalld-0.5.0/src/tests/legacy/firewall-offline-cmd_test.sh +--- firewalld-0.5.0.orig/src/tests/legacy/firewall-offline-cmd_test.sh 2018-01-25 22:14:21.806600748 +0100 ++++ firewalld-0.5.0/src/tests/legacy/firewall-offline-cmd_test.sh 2018-01-25 22:19:19.201985041 +0100 +@@ -218,7 +218,7 @@ fw_port2="port=333:proto=udp:toport=444" lokkit_opts="--enabled --addmodule=abc --addmodule=efg --removemodule=xyz --trust=${trusted_iface1} --trust=${trusted_iface2} --masq=tun+ --masq=tap+ --port=7:tcp --port=666:udp @@ -123,15 +78,7 @@ --service=${service1} --service=${service2} --remove-service=${service3} --block-icmp=${icmp1} --block-icmp=${icmp2} --forward-port=if=ippp+:${fw_port1} - --forward-port=if=ippp+:${fw_port2}" - test_lokkit_opts - --cat << EOF > /etc/sysconfig/system-config-firewall -+cat << EOF > /etc/conf.d/system-config-firewall - --enabled - --addmodule=abc - --addmodule=efg -@@ -219,7 +219,7 @@ cat << EOF > /etc/sysconfig/system-confi +@@ -236,7 +236,7 @@ cat << EOF > ./system-config-firewall --masq=tap+ --port=7:tcp --port=666:udp @@ -140,12 +87,3 @@ --service=${service1} --service=${service2} --remove-service=${service3} -@@ -229,7 +229,7 @@ cat << EOF > /etc/sysconfig/system-confi - --forward-port=if=ippp+:${fw_port2} - EOF - --# running firewall-offline-cmd without options should import /etc/sysconfig/system-config-firewall -+# running firewall-offline-cmd without options should import /etc/conf.d/system-config-firewall - lokkit_opts="" - test_lokkit_opts -
