On Wed, Oct 07, 2020 at 01:38:15PM -0700, Tom Eastep wrote: > On 10/7/20 12:20 PM, Simon Matter wrote: > >> On Wed, 7 Oct 2020 18:26:36 +0200 > >> Matt Darfeuille <m...@shorewall.org> wrote: > >> > >>> -------- Forwarded Message -------- > >>> Subject: Re: [Shorewall-users] Shorewall reload doesn't reload? > >>> Date: Wed, 7 Oct 2020 08:49:47 -0700 > >>> From: Tom Eastep <teas...@shorewall.net> > >>> Reply-To: Shorewall Users <shorewall-us...@lists.sourceforge.net> > >>> To: shorewall-us...@lists.sourceforge.net > >>> > >> > >> Hmh. shorewall6 part of patch has a typo, easy to fix, just add missing > >> / char. > >> > >> I don't like this work-around. It is not a real solution, it is just > >> work-around. > >> > >> Better solution would be to do compile after package upgrade. > >> > > > > I don't understand why you think of it as a work-around? It's a fix for > > the problem that in some cases, shorewall reload doesn't reload because > > the logic to detect changes fails on package updates which don't set > > current timestamps. > > > > I'd never want to have automatic recompilation on package upgrade - not > > for firewall code which may cut my line I'm using while doing the upgrade. > > > > On package upgrade, you don't see any error messages (with rpm, deb is > > different). How do you handle cases where compilaton fails? > > > > For me that's too dangerous. I do package upgrade, merge config files, > > reload, diff generated firewall and be happy. > > > > Another approach would be to simply 'touch' a file in > /usr/share/shorewall (/usr/share/shorewall/version, for example). > > That would allow 'reload' to force recompilation. > I'm not sure if that would work for RPM, but I am fairly certain that it would be considered a policy violation to do that from a Debian package maintainer script. Would touching a file in /var/lib/shorewall work?
Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com _______________________________________________ Shorewall-devel mailing list Shorewall-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-devel
