On Thu, Oct 2, 2014, at 04:37 PM, Tom Eastep wrote:
> > Specifically, sandboxing multiple installs. "Everything" installed under a
> > selected $PREFIX.
>
> The install system is not designed to be able to have multiple runnable
> installations on a single system. You can have multiple inert
> installations by simply running install.sh as:
>
> DESTDIR=/dir/where/I/want/everything ./install.sh
> All paths set in shorewallrc are simply appended to $DESTDIR.
I have to now recollect why I chose NOT to do that. There WAS a 'very valid'
reason a couple of eves ago ...
I'd rather that the ./install.sh, at least, had an option/flag to leave the
decision about 'runable' to me -- letting the user enable/disable the services,
in lieu of the script doing it.
> Don't specify both INITFILE and SYSTEMD. There is no need to install the
> sysV init file if systemd is in use.
The 'need' is to be able to *have* both sets of init-files as references in the
target, install 'sandbox'. I do not expect to 'exec' them from there (I have
chkconfing-/systemctl-containing scripts that manage the toggling outside of
SW).
> The SYSTEMD variable names the directory where *systemd* expects to find
> its .service files.
To me that's a very strange option to have. systemd on the OS defines the
allowed/expected paths where it expects to find its .service files. I'm just
trying to get the files installed somewhere in the sandbox that I can
reference/copy them.
> That won't work with Shorewall-init. If you set VARDIR to anything but
> /VARLIB/$PRODUCT then Shorewall-init won't work.
I suppose I, then,
VARLIB=/var/lib/sw-custom
VARDIR=${VARLIB}/$PRODUCT
is allowed? I don't care which works, as long as I can segregate
> > In any case, NOT having SW's install scripts
> >
> > (1) fail
> > (2) install the wrong thing in the wrong place.
> > (3) make automated presumptions (e.g. enabling a service) that can't be
> > overridden
>
> Your two emails were identical except for the subject, so I only know
> about the third issue.
Agh, again. Copy-n-paste-itis. Sry. THIS email was SUPPOSED to have the
FOLLOWING content (Now that I've royally screwed this up, I'll just paste it
here, rather than tryting to edit/change titles.)
----------------------------------------
installing tarball builds
if I install PRODUCTS = shorewall-core shorewall-lite
cd ./shorewall-core-4.6.4-Beta2-19-g205dd6e
cat shorewallrc.suse
HOST=suse
PREFIX=/usr/local/shorewall-custom
SHAREDIR=${PREFIX}/share
LIBEXECDIR=${PREFIX}/lib
PERLLIBDIR=${PREFIX}/lib/perl5
CONFDIR=${PREFIX}/etc
SBINDIR=${PREFIX}/usr/sbin
MANDIR=${PREFIX}/man/
INITDIR=${PREFIX}/etc/init.d
INITSOURCE=init.suse.sh
INITFILE=${PRODUCT}
AUXINITSOURCE=
AUXINITFILE=
SYSTEMD=${PREFIX}/etc/systemd
SERVICEFILE=${PRODUCT}.service
SYSCONFFILE=sysconfig
SYSCONFDIR=${PREFIX}/etc/sysconfig/
SPARSE=
ANNOTATED=
VARLIB=/var/lib
VARDIR=${VARLIB}/${PRODUCT}-custom
rm -rf /usr/local/shorewall-custom
./install.sh shorewallrc.suse
ls -al /usr/local/shorewall-custom/etc/init.d
ls: cannot access /usr/local/shorewall-custom/etc/init.d: No
such file or directory
I see an install fail for a missing init.d dir
cd ../shorewall-lite-4.6.4-Beta2-19-g205dd6e
./install.sh shorewallrc.suse
Installing Suse-specific configuration...
Installing Shorewall Lite Version 4.6.4-Beta2-19-g205dd6e
Shorewall Lite control program installed in
/usr/local/shorewall-custom/usr/sbin/shorewall-lite
install: cannot create regular file
‘//usr/local/shorewall-custom/etc/init.d/shorewall-lite’: No such file or
directory
ERROR: Failed to install -T -o root -g root -m 0544
init.suse.sh //usr/local/shorewall-custom/etc/init.d/shorewall-lite
ls -al /usr/local/shorewall-custom/etc/init.d
ls: cannot access /usr/local/shorewall-custom/etc/init.d: No
such file or directory
OTOH, if I install PRODUCTS = shorewall-core shorewall shorewall-lite
cd ./shorewall-core-4.6.4-Beta2-19-g205dd6e
rm -rf /usr/local/shorewall-custom
./install.sh shorewallrc.suse
cd ../shorewall-4.6.4-Beta2-19-g205dd6e
./install.sh shorewallrc.suse
ls -al /usr/local/shorewall-custom/etc/init.d
total 12K
drwxr-xr-x+ 2 root root 4.0K Oct 2 13:37 ./
drwxr-xr-x+ 6 root root 4.0K Oct 2 13:37 ../
-r-xr--r--+ 1 root root 3.0K Oct 2 13:37 shorewall*
the init.d dir is 1st created by the shorewall PRODUCT install, then
cd ../shorewall-lite-4.6.4-Beta2-19-g205dd6e
./install.sh shorewallrc.suse
...
Shorewall Lite will start automatically at boot
(this ^^^ is an issue I raised in a prior post ...)
...
Shorewall Lite Version 4.6.4-Beta2-19-g205dd6e Installed
init.d dir, as specified in shorewallrc* ./install.sh target should be created
either
(1) in shorewall-core's ./install.sh, as a default
(2) in each PRODUCT's ./install.sh, so as not to cause failures
----------------------------------------
------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
