Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2024-01-09 20:48:31 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new.21961 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "firewalld" Tue Jan 9 20:48:31 2024 rev:86 rq:1137494 version:2.1.0 Changes: -------- --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2023-11-30 21:59:47.953695644 +0100 +++ /work/SRC/openSUSE:Factory/.firewalld.new.21961/firewalld.changes 2024-01-09 20:48:43.842207429 +0100 @@ -1,0 +2,14 @@ +Mon Jan 8 07:30:21 UTC 2024 - Mohd Saquib <[email protected]> + +- update to 2.1.0: + * eat(service): add DNS over QUIC (DoQ) Service (5130430) + * feat(icmp): add ICMPv6 Multicast Listener Discovery (MLD) types (dd88bbf) + * feat(fw): add ReloadPolicy option in firewalld.conf (0019371) + * feat(service): add submission service (tcp 587) (d6a9561) + * feat(service): Add alvr (3a92358) + * feat(service): add vrrp (d62fc8d) + [* Renamed patch 0002-Disable-FlushAllOnReload-option.patch to + 0001-Disable-FlushAllOnReload-option.patch + [* Renamed patch firewalld-runstatedir.patch to 0002-firewalld-runstatedir.patch] + +------------------------------------------------------------------- Old: ---- 0002-Disable-FlushAllOnReload-option.patch firewalld-2.0.2.tar.bz2 firewalld-runstatedir.patch New: ---- 0001-Disable-FlushAllOnReload-option.patch 0002-firewalld-runstatedir.patch firewalld-2.1.0.tar.bz2 BETA DEBUG BEGIN: Old: * feat(service): add vrrp (d62fc8d) [* Renamed patch 0002-Disable-FlushAllOnReload-option.patch to 0001-Disable-FlushAllOnReload-option.patch Old: 0001-Disable-FlushAllOnReload-option.patch [* Renamed patch firewalld-runstatedir.patch to 0002-firewalld-runstatedir.patch] BETA DEBUG END: BETA DEBUG BEGIN: New: [* Renamed patch 0002-Disable-FlushAllOnReload-option.patch to 0001-Disable-FlushAllOnReload-option.patch [* Renamed patch firewalld-runstatedir.patch to 0002-firewalld-runstatedir.patch] New: 0001-Disable-FlushAllOnReload-option.patch [* Renamed patch firewalld-runstatedir.patch to 0002-firewalld-runstatedir.patch] BETA DEBUG END: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ firewalld.spec ++++++ --- /var/tmp/diff_new_pack.0UFV8q/_old 2024-01-09 20:48:44.614235498 +0100 +++ /var/tmp/diff_new_pack.0UFV8q/_new 2024-01-09 20:48:44.614235498 +0100 @@ -1,7 +1,7 @@ # # spec file for package firewalld # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -27,7 +27,7 @@ %global modprobe_d_files firewalld-sysctls.conf Name: firewalld -Version: 2.0.2 +Version: 2.1.0 Release: 0 Summary: A firewall daemon with D-Bus interface providing a dynamic firewall License: GPL-2.0-or-later @@ -35,8 +35,8 @@ URL: https://www.firewalld.org Source0: https://github.com/firewalld/firewalld/releases/download/v%{version}/firewalld-%{version}.tar.bz2 Source1: docker-zone.xml -Patch0: 0002-Disable-FlushAllOnReload-option.patch -Patch1: firewalld-runstatedir.patch +Patch0: 0001-Disable-FlushAllOnReload-option.patch +Patch1: 0002-firewalld-runstatedir.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: desktop-file-utils @@ -285,12 +285,15 @@ %dir %{_prefix}/lib/firewalld/zones %dir %{_prefix}/lib/firewalld/helpers %dir %{_prefix}/lib/firewalld/policies +%dir %{_prefix}/lib/firewalld/xmlschema %{_prefix}/lib/firewalld/icmptypes/*.xml %{_prefix}/lib/firewalld/ipsets/README.md %{_prefix}/lib/firewalld/services/*.xml %{_prefix}/lib/firewalld/zones/*.xml %{_prefix}/lib/firewalld/helpers/*.xml %{_prefix}/lib/firewalld/policies/*.xml +%{_prefix}/lib/firewalld/xmlschema/check.sh +%{_prefix}/lib/firewalld/xmlschema/*.xsd %{_datadir}/polkit-1 %dir %{_datadir}/dbus-1 %dir %{_datadir}/dbus-1/system.d ++++++ 0002-Disable-FlushAllOnReload-option.patch -> 0001-Disable-FlushAllOnReload-option.patch ++++++ --- /work/SRC/openSUSE:Factory/firewalld/0002-Disable-FlushAllOnReload-option.patch 2023-06-25 21:42:00.256955642 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new.21961/0001-Disable-FlushAllOnReload-option.patch 2024-01-09 20:48:43.782205248 +0100 @@ -1,57 +1,68 @@ -From b1145d3efc58220f58a4e67189c4ff4a8bd789ce Mon Sep 17 00:00:00 2001 -From: Michal Rostecki <[email protected]> -Date: Mon, 25 Jan 2021 12:58:00 +0100 -Subject: [PATCH] Disable FlushAllOnReload option +From 98c87acce02c1963644455933ce7c2d40015d295 Mon Sep 17 00:00:00 2001 +From: Mohd Saquib <[email protected]> +Date: Mon, 8 Jan 2024 12:34:35 +0530 +Subject: [PATCH] Disable FlushAllOnReload option by default Disabling the FlushAllOnReload option restores the old behavior where --reload does not retain interface to zone assignmnets and direct rules. We want to keep that behavior in openSUSE and SLE Signed-off-by: Michal Rostecki <[email protected]> +Signed-off-by: Mohd Saquib <[email protected]> + --- - config/firewalld.conf | 4 ++-- - doc/xml/firewalld.conf.xml | 2 +- + config/firewalld.conf | 8 ++++---- + doc/xml/firewalld.conf.xml | 4 ++-- src/firewall/config/__init__.py.in | 2 +- - 3 files changed, 4 insertions(+), 4 deletions(-) + 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/config/firewalld.conf b/config/firewalld.conf -index 7c9305e..43663b3 100644 +index 2d1a0cb..af42478 100644 --- a/config/firewalld.conf +++ b/config/firewalld.conf -@@ -63,8 +63,8 @@ FirewallBackend=nftables +@@ -61,10 +61,10 @@ FirewallBackend=nftables + # FlushAllOnReload + # Flush all runtime rules on a reload. In previous releases some runtime # configuration was retained during a reload, namely; interface to zone - # assignment, and direct rules. This was confusing to users. To get the old - # behavior set this to "no". +-# assignment, and direct rules. This was confusing to users. To get the old +-# behavior set this to "no". -# Default: yes -FlushAllOnReload=yes ++# assignment, and direct rules. This was confusing to users. To override this ++# behavior set this to "yes". +# Default: no +FlushAllOnReload=no - # RFC3964_IPv4 - # As per RFC 3964, filter IPv6 traffic with 6to4 destination addresses that + # ReloadPolicy + # Policy during reload. By default all traffic except for established diff --git a/doc/xml/firewalld.conf.xml b/doc/xml/firewalld.conf.xml -index 1b74f70..a45c8df 100644 +index 6bb8069..e226113 100644 --- a/doc/xml/firewalld.conf.xml +++ b/doc/xml/firewalld.conf.xml -@@ -190,7 +190,7 @@ +@@ -179,8 +179,8 @@ + Flush all runtime rules on a reload. In previous releases some runtime configuration was retained during a reload, namely; interface to zone assignment, and direct rules. This was - confusing to users. To get the old behavior set this to "no". +- confusing to users. To get the old behavior set this to "no". - Defaults to "yes". ++ confusing to users. To override this behavior set this to "yes". + Defaults to "no". </para> </listitem> </varlistentry> diff --git a/src/firewall/config/__init__.py.in b/src/firewall/config/__init__.py.in -index 468daf5..5ec116c 100644 +index 12b694e..2c7be57 100644 --- a/src/firewall/config/__init__.py.in +++ b/src/firewall/config/__init__.py.in -@@ -132,7 +132,7 @@ FALLBACK_INDIVIDUAL_CALLS = False +@@ -124,7 +124,7 @@ FALLBACK_INDIVIDUAL_CALLS = False FALLBACK_LOG_DENIED = "off" FALLBACK_AUTOMATIC_HELPERS = "no" FALLBACK_FIREWALL_BACKEND = "nftables" -FALLBACK_FLUSH_ALL_ON_RELOAD = True +FALLBACK_FLUSH_ALL_ON_RELOAD = False + FALLBACK_RELOAD_POLICY = "INPUT:DROP,FORWARD:DROP,OUTPUT:DROP" FALLBACK_RFC3964_IPV4 = True FALLBACK_ALLOW_ZONE_DRIFTING = False - FALLBACK_NFTABLES_FLOWTABLE = "off" +-- +2.35.3 + ++++++ 0002-firewalld-runstatedir.patch ++++++ >From 0b9644ab645d69877f3bef50ede50cb30972e2e1 Mon Sep 17 00:00:00 2001 From: Mohd Saquib <[email protected]> Date: Mon, 8 Jan 2024 12:57:34 +0530 Subject: [PATCH] Change firewalld pid from /var/run to /run --- src/firewall/config/__init__.py.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/firewall/config/__init__.py.in b/src/firewall/config/__init__.py.in index 12b694e..3914c90 100644 --- a/src/firewall/config/__init__.py.in +++ b/src/firewall/config/__init__.py.in @@ -87,7 +87,7 @@ FIREWALLD_LOGFILE = "/var/log/firewalld" FIREWALLD_LOGTARGET = "@DEFAULT_LOG_TARGET@" -FIREWALLD_PIDFILE = "/var/run/firewalld.pid" +FIREWALLD_PIDFILE = "/run/firewalld.pid" FIREWALLD_TEMPDIR = "/run/firewalld" -- 2.35.3 ++++++ firewalld-2.0.2.tar.bz2 -> firewalld-2.1.0.tar.bz2 ++++++ ++++ 140961 lines of diff (skipped)
