Hello community, here is the log from the commit of package yast2-http-server for openSUSE:Factory checked in at 2018-01-28 20:32:07 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yast2-http-server (Old) and /work/SRC/openSUSE:Factory/.yast2-http-server.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yast2-http-server" Sun Jan 28 20:32:07 2018 rev:79 rq:569889 version:4.0.0 Changes: -------- --- /work/SRC/openSUSE:Factory/yast2-http-server/yast2-http-server.changes 2017-03-22 23:18:14.280137020 +0100 +++ /work/SRC/openSUSE:Factory/.yast2-http-server.new/yast2-http-server.changes 2018-01-28 20:33:25.942864390 +0100 @@ -1,0 +2,6 @@ +Tue Jan 23 07:28:19 UTC 2018 - [email protected] + +- Replace SuSEFirewall2 by firewalld. (fate#323460) +- 4.0.0 + +------------------------------------------------------------------- Old: ---- yast2-http-server-3.2.2.tar.bz2 New: ---- yast2-http-server-4.0.0.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-http-server.spec ++++++ --- /var/tmp/diff_new_pack.e0nXfp/_old 2018-01-28 20:33:26.454840475 +0100 +++ /var/tmp/diff_new_pack.e0nXfp/_new 2018-01-28 20:33:26.454840475 +0100 @@ -1,7 +1,7 @@ # # spec file for package yast2-http-server # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: yast2-http-server -Version: 3.2.2 +Version: 4.0.0 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -31,7 +31,7 @@ BuildRequires: popt-devel BuildRequires: sgml-skel BuildRequires: update-desktop-files -BuildRequires: yast2 >= 3.1.118 +BuildRequires: yast2 >= 4.0.36 BuildRequires: yast2-devtools >= 3.1.10 BuildRequires: yast2-network BuildRequires: yast2-packagemanager-devel @@ -40,8 +40,8 @@ Requires: libzio Requires: yast2-network Requires: yast2-perl-bindings -# FileChanges.created_files (bsc#1027582) -Requires: yast2 >= 3.2.16 +# SuSEFirewall2 replaced by firewalld yast2.rpm (fate#323460) +Requires: yast2 >= 4.0.39 BuildArch: noarch ++++++ yast2-http-server-3.2.2.tar.bz2 -> yast2-http-server-4.0.0.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-http-server-3.2.2/package/yast2-http-server.changes new/yast2-http-server-4.0.0/package/yast2-http-server.changes --- old/yast2-http-server-3.2.2/package/yast2-http-server.changes 2017-03-16 15:50:52.468870962 +0100 +++ new/yast2-http-server-4.0.0/package/yast2-http-server.changes 2018-01-26 15:33:40.000000000 +0100 @@ -1,4 +1,10 @@ ------------------------------------------------------------------- +Tue Jan 23 07:28:19 UTC 2018 - [email protected] + +- Replace SuSEFirewall2 by firewalld. (fate#323460) +- 4.0.0 + +------------------------------------------------------------------- Wed Mar 15 14:27:23 UTC 2017 - [email protected] - Create a backup at startup of the vhost configuration files to diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-http-server-3.2.2/package/yast2-http-server.spec new/yast2-http-server-4.0.0/package/yast2-http-server.spec --- old/yast2-http-server-3.2.2/package/yast2-http-server.spec 2017-03-16 15:50:52.468870962 +0100 +++ new/yast2-http-server-4.0.0/package/yast2-http-server.spec 2018-01-26 15:33:40.000000000 +0100 @@ -17,7 +17,7 @@ Name: yast2-http-server -Version: 3.2.2 +Version: 4.0.0 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -27,10 +27,10 @@ License: GPL-2.0 BuildRequires: yast2-network docbook-xsl-stylesheets doxygen libxslt perl-XML-Writer popt-devel sgml-skel update-desktop-files yast2-packagemanager-devel yast2-perl-bindings yast2-testsuite libzio BuildRequires: yast2-devtools >= 3.1.10 -BuildRequires: yast2 >= 3.1.118 +BuildRequires: yast2 >= 4.0.36 Requires: yast2-network yast2-perl-bindings libzio -# FileChanges.created_files (bsc#1027582) -Requires: yast2 >= 3.2.16 +# SuSEFirewall2 replaced by firewalld yast2.rpm (fate#323460) +Requires: yast2 >= 4.0.39 BuildArchitectures: noarch diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-http-server-3.2.2/src/modules/HttpServer.rb new/yast2-http-server-4.0.0/src/modules/HttpServer.rb --- old/yast2-http-server-3.2.2/src/modules/HttpServer.rb 2017-03-16 15:50:52.484870962 +0100 +++ new/yast2-http-server-4.0.0/src/modules/HttpServer.rb 2018-01-26 15:33:40.000000000 +0100 @@ -10,6 +10,7 @@ # Representation of the configuration of http-server. # Input and output routines. require "yast" +require "y2firewall/firewalld" module Yast class HttpServerClass < Module @@ -33,9 +34,7 @@ Yast.import "Popup" Yast.import "DnsServerAPI" Yast.import "NetworkService" - Yast.import "SuSEFirewall" Yast.import "Confirm" - Yast.import "SuSEFirewallServices" Yast.import "FileChanges" Yast.import "Label" @@ -80,6 +79,10 @@ IGNORED_FILES = ["vhost.template", "vhost-ssl.template"] APACHE_VHOSTS_DIR = "/etc/apache2/vhosts.d" + def firewalld + Y2Firewall::Firewalld.instance + end + def dynamic_files_to_check files = SCR.Read(path(".target.dir"), APACHE_VHOSTS_DIR) files.reject! { |f| IGNORED_FILES.include?(f) } @@ -261,7 +264,7 @@ end old_progress = Progress.set(false) #off(); - SuSEFirewall.Read + firewalld.read if Package.Installed("bind") if Ops.greater_than( Builtins.size( @@ -455,7 +458,6 @@ backup_vhost_config YaST::HTTPDData.WriteHosts Progress.NextStage - Yast.import "SuSEFirewall" old_progress = Progress.set(false) # off(); # always adapt firewall @@ -470,12 +472,15 @@ Builtins.foreach(YaST::HTTPDData.GetCurrentListen) do |row| ports = Builtins.add(ports, Ops.get_string(row, "PORT", "")) end - SuSEFirewallServices.SetNeededPortsAndProtocols( - "service:apache2", - { "tcp_ports" => ports, "udp_ports" => [] } - ) - SuSEFirewall.Write + begin + Y2Firewall::Firewalld::Service.modify_ports(name: "apache2", tcp_ports: ports) + firewalld.write + rescue Y2Firewall::Firewalld::Service::NotFound + log.info("The apache2 service is not defined in firewalld") + end + + DnsServerAPI.Write if @configured_dns Progress.set(old_progress) YaST::HTTPDData.WriteModuleList diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-http-server-3.2.2/src/modules/HttpServerWidgets.rb new/yast2-http-server-4.0.0/src/modules/HttpServerWidgets.rb --- old/yast2-http-server-3.2.2/src/modules/HttpServerWidgets.rb 2017-03-16 15:50:52.496870962 +0100 +++ new/yast2-http-server-4.0.0/src/modules/HttpServerWidgets.rb 2018-01-26 15:33:40.000000000 +0100 @@ -30,7 +30,6 @@ Yast.import "HttpServer" Yast.import "YaST::HTTPDData" Yast.import "Confirm" - Yast.import "SuSEFirewall" Yast.import "CWMServiceStart" Yast.import "CWMFirewallInterfaces" Yast.import "Punycode" @@ -370,12 +369,15 @@ ), "handle_events" => ["enabled", "disabled"], "opt" => [:notify], - "help" => Ops.get_string(@HELPS, "server_enable", "") + "help" => @HELPS["server_enable"] }, "firewall_adapt" => CWMFirewallInterfaces.CreateOpenFirewallWidget( { - "services" => ["service:apache2", "service:apache2-ssl"], - "help" => Ops.get_string(@HELPS, "firewall_adapt", ""), + # Firewalld already defines the http and https services. This + # module modifies the service adding custom ports, taking that in + # account we will continue using apache2 and apache2-ssl. + "services" => ["apache2", "apache2-ssl"], + "help" => @HELPS["firewall_adapt"], "display_details" => true } ), diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-http-server-3.2.2/src/modules/YaPI/HTTPD.pm new/yast2-http-server-4.0.0/src/modules/YaPI/HTTPD.pm --- old/yast2-http-server-3.2.2/src/modules/YaPI/HTTPD.pm 2017-03-16 15:50:52.504870962 +0100 +++ new/yast2-http-server-4.0.0/src/modules/YaPI/HTTPD.pm 2018-01-26 15:33:40.000000000 +0100 @@ -85,13 +85,13 @@ $fromPort and $toPort are the listen ports. They can be the same. $address is the bind address and can be an empty string for 'all' - $doFirewall is a boolean to write the listen data to the SuSEFirewall2 + $doFirewall is a boolean to write the listen data to firewalld DeleteListen($fromPort,$toPort,$address,$doFirewall) $fromPort and $toPort are the listen ports. They can be the same. $address is the bind address and can be an empty string for 'all' - $doFirewall is a boolean to delete the listen data from the SuSEFirewall2 + $doFirewall is a boolean to delete the listen data from firewalld $curListen = GetCurrentListen() @@ -306,7 +306,7 @@ @YaPI::HTTPD::ISA = qw( YaPI YaST::httpdUtils YaST::HTTPDData ); YaST::YCP::Import ("SCR"); YaST::YCP::Import ("Service"); -YaST::YCP::Import ("SuSEFirewall"); +YaST::YCP::Import ("FirewalldWrapper"); textdomain "http-server"; ####################################################### @@ -1236,8 +1236,8 @@ the webserver is listening on. $fromPort and $toPort can have the same value. $listen must be a network interface of the host but can be an empty string for 'all' interfaces. -The $doFirewall boolean indicates if the SuSEFirewall2 shall -be configured for the settings. +The $doFirewall boolean indicates if 'firewalld' shall be +configured for the settings. EXAMPLE @@ -1272,12 +1272,12 @@ if( $doFirewall ) { my $ip2device = $self->ip2device(); my $if = exists($newEntry{ADDRESS})?$ip2device->{$newEntry{ADDRESS}}:'all'; - SuSEFirewall->Read(); - unless( SuSEFirewall->AddService( $newEntry{PORT}, "TCP", $if ) ) { + FirewalldWrapper->read(); + unless( FirewalldWrapper->add_port( $newEntry{PORT}, "TCP", $if ) ) { return $self->SetError( code => 'SET_FW_FAILED', summary => __('writing the firewall rules failed') ); } else { - SuSEFirewall->Write(); + FirewalldWrapper->write(); } } return 1; @@ -1291,8 +1291,8 @@ the same value. $listen must be a network interface of the host but can be an empty string for 'all' interfaces. If the listen parameter can't be found, undef is returned. -The $doFirewall boolean indicates if the SuSEFirewall2 shall -be configured for the settings. +The $doFirewall boolean indicates if firewalld shall be +configured for the settings. EXAMPLE @@ -1330,9 +1330,9 @@ my $ip2device = $self->ip2device(); my $if = $ip?$ip2device->{$ip}:'all'; my $port = ($fromPort eq $toPort)?($fromPort):("$fromPort-$toPort"); - SuSEFirewall->Read(); - SuSEFirewall->RemoveService( $port, "TCP", $if ); - SuSEFirewall->Write(); + FirewalldWrapper->read(); + FirewallWrapper->remove_port( $port, "TCP", $if ); + FirewalldWrapper->write(); } return 1; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-http-server-3.2.2/src/modules/YaST/httpdUtils.pm new/yast2-http-server-4.0.0/src/modules/YaST/httpdUtils.pm --- old/yast2-http-server-3.2.2/src/modules/YaST/httpdUtils.pm 2017-03-16 15:50:52.516870962 +0100 +++ new/yast2-http-server-4.0.0/src/modules/YaST/httpdUtils.pm 2018-01-26 15:33:40.000000000 +0100 @@ -3,7 +3,7 @@ use YaPI; textdomain "http-server"; -YaST::YCP::Import ("SuSEFirewall"); +YaST::YCP::Import ("FirewalldWrapper"); YaST::YCP::Import ("NetworkInterfaces"); YaST::YCP::Import ("Progress"); YaST::YCP::Import ("SCR"); @@ -154,7 +154,7 @@ my $self = shift; my %ip2device; Progress->off(); - SuSEFirewall->Read(); + FirewalldWrapper->read(); NetworkInterfaces->Read(); my $devices = NetworkInterfaces->Locate("BOOTPROTO", "static"); foreach my $dev ( @$devices ) {
