Hello community, here is the log from the commit of package conntrack-tools for openSUSE:Factory checked in at 2018-02-10 17:57:55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/conntrack-tools (Old) and /work/SRC/openSUSE:Factory/.conntrack-tools.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "conntrack-tools" Sat Feb 10 17:57:55 2018 rev:29 rq:573850 version:1.4.4 Changes: -------- --- /work/SRC/openSUSE:Factory/conntrack-tools/conntrack-tools.changes 2016-08-28 12:17:57.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.conntrack-tools.new/conntrack-tools.changes 2018-02-10 17:58:00.392481170 +0100 @@ -1,0 +2,9 @@ +Tue Jan 16 13:47:25 UTC 2018 - [email protected] + +- submission from [email protected], partially applied +- split out new subpackage "conntrackd" for the eponymous + daemon (has systemd dependencies) +- add systemd service, logrotate config, sample sysconfig, + and sample config file. + +------------------------------------------------------------------- New: ---- conntrackd.README.SUSE conntrackd.conf conntrackd.logrotate conntrackd.service conntrackd.sysconfig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ conntrack-tools.spec ++++++ --- /var/tmp/diff_new_pack.itU2e5/_old 2018-02-10 17:58:02.280412827 +0100 +++ /var/tmp/diff_new_pack.itU2e5/_new 2018-02-10 17:58:02.284412682 +0100 @@ -1,7 +1,7 @@ # # spec file for package conntrack-tools # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,6 +16,11 @@ # +%if !%{defined _fillupdir} +# Leap/TW 15+ +%define _fillupdir /var/adm/fillup-templates +%endif + Name: conntrack-tools Version: 1.4.4 Release: 0 @@ -28,6 +33,11 @@ Source: ftp://ftp.netfilter.org/pub/conntrack-tools/%name-%version.tar.bz2 Source2: ftp://ftp.netfilter.org/pub/conntrack-tools/%name-%version.tar.bz2.sig Source3: %name.keyring +Source5: conntrackd.service +Source6: conntrackd.README.SUSE +Source7: conntrackd.logrotate +Source8: conntrackd.sysconfig +Source9: conntrackd.conf BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: automake @@ -35,6 +45,7 @@ BuildRequires: flex >= 2.5.33 BuildRequires: libtool BuildRequires: pkg-config >= 0.21 +BuildRequires: systemd-rpm-macros BuildRequires: xz BuildRequires: pkgconfig(libmnl) >= 1.0.3 BuildRequires: pkgconfig(libnetfilter_conntrack) >= 1.0.6 @@ -42,49 +53,86 @@ BuildRequires: pkgconfig(libnetfilter_cttimeout) >= 1.0.0 BuildRequires: pkgconfig(libnetfilter_queue) >= 1.0.2 BuildRequires: pkgconfig(libnfnetlink) >= 1.0.1 -%if 0%{?suse_version} >= 1330 BuildRequires: pkgconfig(libsystemd) >= 227 -%endif %description -The conntrack-tools are a set of tools targeted at system -administrators. They are conntrack, the userspace command line -interface, and conntrackd, the userspace daemon. The tool conntrack -provides a full featured interface that has replaced the old procfs -interface. Using conntrack, you can view and manage the in-kernel -connection tracking state table from userspace. On the other hand, -conntrackd covers the specific aspects of stateful firewalls to -enable highly available scenarios, and can be used as statistics -collector as well. +The conntrack/nfct utilities provide the userspace interface to the +Netfilter connection tracking, replacing +/proc/net/ip_conntrack. The tools can be used to search, list, +inspect and maintain the connection tracking subsystem of the Linux +kernel. + +%package -n conntrackd +Summary: Connection tracking daemon +Group: Productivity/Networking/Security +Provides: conntrack-tools:/usr/sbin/conntrackd +Requires: conntrack-tools = %version-%release +Requires(post): fillup +Recommends: logrotate +%{?systemd_requires} + +%description -n conntrackd +conntrackd is the user-space daemon for the Netfilter connection tracking +system. This daemon synchronizes connection tracking states between several +replica firewalls. %prep %setup -q -find doc -type f -name '*.orig' -delete +find doc -type f -name "*.orig" -delete +find doc -type f -exec chmod -x "{}" "+" %build -%configure \ -%if 0%{?suse_version} >= 1330 - --enable-systemd \ -%endif - --disable-static +%configure --disable-static --enable-systemd # CC read_config_lex.o #read_config_lex.l:24:28: fatal error: read_config_yy.h: No such file or #directory -make %{?_smp_mflags} -j1 +make %{?_smp_mflags} -j1 V=1 %install +%make_install b="%buildroot" -make install DESTDIR="$b" +ln -s service "$b/%_sbindir/rcconntrackd" find "$b/%_libdir" -type f -name "*.la" -delete +install -Dpm0644 "%_sourcedir"/conntrackd.service "$b/%_unitdir/conntrackd.service" +install -Dpm0644 "%_sourcedir/conntrackd.sysconfig" "$b/%_fillupdir/sysconfig.conntrackd" +install -Dpm0644 "%_sourcedir/conntrackd.logrotate" "$b/%_sysconfdir/logrotate.d/conntrackd" +b="%buildroot/%_docdir/%name" +mkdir -p "$b" +cp -a "%_sourcedir/conntrackd.README.SUSE" "%_sourcedir/conntrackd.conf" "$b/" + +%pre -n conntrackd +%service_add_pre conntrackd.service + +%post -n conntrackd +%fillup_only -n conntrackd +if [ "$1" -eq 1 -a ! -e "%_sysconfdir/conntrackd/conntrackd.conf" ]; then + install -Dpm0644 "%_docdir/%name/conntrackd.conf" "%_sysconfdir/conntrackd/conntrackd.conf" +fi +%service_add_post conntrackd.service + +%preun -n conntrackd +%service_del_preun conntrackd.service + +%postun -n conntrackd +%service_del_postun conntrackd.service %files -%defattr(-,root,root) -%doc AUTHORS TODO doc/stats doc/helper %_sbindir/conntrack -%_sbindir/conntrackd %_sbindir/nfct +%_mandir/man8/conntrack.8* +%_mandir/man8/nfct.8* +# Shared betweenn nfct and conntrackd: %_libdir/%name -%_mandir/man5/* -%_mandir/man8/* + +%files -n conntrackd +%_sysconfdir/logrotate.d/conntrackd* +%_sbindir/conntrackd +%_sbindir/rcconntrackd +%_mandir/man5/conntrackd* +%_mandir/man8/conntrackd* +%dir %_docdir/%name +%_docdir/%name/conntrackd* +%_unitdir/conntrackd* +%_fillupdir/*conntrackd %changelog ++++++ conntrackd.README.SUSE ++++++ The conntrackd daemon comes with an example conntrackd.conf configuration file in /etc/conntrackd/ - please adjust to your needs (the file will not get overwritten during package updates) to your needs. If you want to start conntrackd with additional options (see `man 8 conntrackd`), please add them in /etc/sysconfig/conntrackd. ++++++ conntrackd.conf ++++++ # This is a set of SUSE-provided recommendations. To use it or make # modifications to it, copy it to /etc/conntrackd/conntrackd.conf and adjust # /etc/sysconfig/conntrackd. General { Nice -5 HashSize 32768 HashLimit 131072 # LogFile on Syslog on LockFile /var/run/lock/conntrackd.lock UNIX { Path /var/run/conntrackd.sock Backlog 20 } # NetlinkBufferSize 2097152 # NetlinkBufferSizeMaxGrowth 8388608 SocketBufferSize 262142 SocketBufferSizeMaxGrown 655355 # Filter From Userspace { # Address Ignore { # IPv4_address 127.0.0.1 # loopback # IPv6_address ::1 # loopback # } # } # default SUSE systemd service unit file is of Type=notify Systemd on } Stats { LogFile on } ++++++ conntrackd.logrotate ++++++ /var/log/conntrackd-stats.log { compress dateext notifempty missingok nocreate weekly rotate 2 copytruncate postrotate /usr/sbin/rcconntrackd try-restart >/dev/null 2>&1 endscript } ++++++ conntrackd.service ++++++ [Unit] Description=Connection tracking userspace daemon Documentation=man:conntrackd(8) man:conntrackd.conf(5) After=network-online.target Wants=network-online.target [Service] Type=notify NotifyAccess=main EnvironmentFile=-/etc/sysconfig/conntrackd # daemon will not start if lock file is left dangling ExecStartPre=/bin/rm -f $CONNTRACKD_LOCKFILE ExecStart=/usr/sbin/conntrackd $CONNTRACKD_OPTIONS ExecReload=/bin/kill -HUP $MAINPID Restart=on-failure ProtectSystem=full ProtectHome=true WatchdogSec=60 [Install] WantedBy=multi-user.target ++++++ conntrackd.sysconfig ++++++ ## Path: Network/Conntrackd ## Description: Basic Configuration of the connection tracking daemon ## Default: "" ## ServiceRestart: conntrackd # # If you want to start conntrackd with additional options (see # `man 8 conntrackd`), please add them here. # CONNTRACKD_OPTIONS="" ## Description: The lock file of the running service ## Default: '/var/run/lock/conntrackd.lock' ## ServiceRestart: conntrackd # # Conntrackd holds a lock file when it iss started. Under normal # conditions your should not need to modify anything here and # leave the option as is. # As the daemon will not start if the lock file is left dangling, # the sysvinit and systemd scripts will try to remove any left # over files first. CONNTRACKD_LOCKFILE="/var/run/lock/conntrackd.lock"
