Annotation of /trunk/firewalld/patches/firewalld-0.4.4.4-confd.patch
Parent Directory | Revision Log
Revision 2919 -
(hide annotations)
(download)
Thu May 18 12:14:34 2017 UTC (7 years, 1 month ago) by niro
File size: 9238 byte(s)
Thu May 18 12:14:34 2017 UTC (7 years, 1 month ago) by niro
File size: 9238 byte(s)
-re-diffed for 0.4.4.4
1 | niro | 2919 | diff -Naur firewalld-0.4.4.4/config/firewalld.init firewalld-0.4.4.4-confd/config/firewalld.init |
2 | --- firewalld-0.4.4.4/config/firewalld.init 2017-03-27 19:17:41.000000000 +0200 | ||
3 | +++ firewalld-0.4.4.4-confd/config/firewalld.init 2017-05-18 13:42:39.643047882 +0200 | ||
4 | @@ -29,7 +29,7 @@ | ||
5 | prog="firewalld" | ||
6 | #config="/etc/firewalld/firewalld.conf" | ||
7 | |||
8 | -[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog | ||
9 | +[ -e /etc/conf.d/$prog ] && . /etc/conf.d/$prog | ||
10 | |||
11 | lockfile=/var/lock/subsys/$prog | ||
12 | |||
13 | diff -Naur firewalld-0.4.4.4/config/firewalld.service.in firewalld-0.4.4.4-confd/config/firewalld.service.in | ||
14 | --- firewalld-0.4.4.4/config/firewalld.service.in 2017-03-27 19:17:41.000000000 +0200 | ||
15 | +++ firewalld-0.4.4.4-confd/config/firewalld.service.in 2017-05-18 13:42:54.438886706 +0200 | ||
16 | @@ -8,7 +8,7 @@ | ||
17 | Documentation=man:firewalld(1) | ||
18 | |||
19 | [Service] | ||
20 | -EnvironmentFile=-/etc/sysconfig/firewalld | ||
21 | +EnvironmentFile=-/etc/conf.d/firewalld | ||
22 | ExecStart=@sbindir@/firewalld --nofork --nopid $FIREWALLD_ARGS | ||
23 | ExecReload=/bin/kill -HUP $MAINPID | ||
24 | # supress to log debug and error output also to /var/log/messages | ||
25 | diff -Naur firewalld-0.4.4.4/config/Makefile.am firewalld-0.4.4.4-confd/config/Makefile.am | ||
26 | --- firewalld-0.4.4.4/config/Makefile.am 2017-03-27 19:17:41.000000000 +0200 | ||
27 | +++ firewalld-0.4.4.4-confd/config/Makefile.am 2017-05-18 13:44:04.884122732 +0200 | ||
28 | @@ -275,12 +275,12 @@ | ||
29 | $(edit) $< >$@ | ||
30 | |||
31 | install-sysconfig: | ||
32 | - $(MKDIR_P) $(DESTDIR)$(sysconfdir)/sysconfig | ||
33 | - $(INSTALL_DATA) $(srcdir)/firewalld.sysconfig $(DESTDIR)$(sysconfdir)/sysconfig/firewalld | ||
34 | + $(MKDIR_P) $(DESTDIR)$(sysconfdir)/conf.d | ||
35 | + $(INSTALL_DATA) $(srcdir)/firewalld.sysconfig $(DESTDIR)$(sysconfdir)/conf.d/firewalld | ||
36 | |||
37 | uninstall-sysconfig: | ||
38 | - rm -f $(DESTDIR)$(sysconfdir)/sysconfig/firewalld | ||
39 | - rmdir $(DESTDIR)$(sysconfdir)/sysconfig || : | ||
40 | + rm -f $(DESTDIR)$(sysconfdir)/conf.d/firewalld | ||
41 | + rmdir $(DESTDIR)$(sysconfdir)/conf.d || : | ||
42 | |||
43 | install-rpmmacros: | ||
44 | $(MKDIR_P) $(DESTDIR)$(prefix)/lib/rpm/macros.d | ||
45 | diff -Naur firewalld-0.4.4.4/doc/xml/firewall-cmd.xml firewalld-0.4.4.4-confd/doc/xml/firewall-cmd.xml | ||
46 | --- firewalld-0.4.4.4/doc/xml/firewall-cmd.xml 2017-03-27 19:17:41.000000000 +0200 | ||
47 | +++ firewalld-0.4.4.4-confd/doc/xml/firewall-cmd.xml 2017-05-18 13:45:53.477954732 +0200 | ||
48 | @@ -900,7 +900,7 @@ | ||
49 | </para> | ||
50 | <para> | ||
51 | As a end user you don't need this in most cases, because NetworkManager (or legacy network service) adds interfaces into zones automatically (according to <option>ZONE=</option> option from ifcfg-<replaceable>interface</replaceable> file) if <replaceable>NM_CONTROLLED=no</replaceable> is not set. | ||
52 | - You should do it only if there's no /etc/sysconfig/network-scripts/ifcfg-<replaceable>interface</replaceable> file. | ||
53 | + You should do it only if there's no /etc/conf.d/network-scripts/ifcfg-<replaceable>interface</replaceable> file. | ||
54 | If there is such file and you add interface to zone with this <option>--add-interface</option> option, make sure the zone is the same in both cases, otherwise the behaviour would be undefined. | ||
55 | Please also have a look at the <citerefentry><refentrytitle>firewalld</refentrytitle><manvolnum>1</manvolnum></citerefentry> man page in the <replaceable>Concepts</replaceable> section. | ||
56 | For permanent association of interface with a zone, see also 'How to set or change a zone for a connection?' in <citerefentry><refentrytitle>firewalld.zones</refentrytitle><manvolnum>5</manvolnum></citerefentry>. | ||
57 | diff -Naur firewalld-0.4.4.4/doc/xml/firewallctl.xml firewalld-0.4.4.4-confd/doc/xml/firewallctl.xml | ||
58 | --- firewalld-0.4.4.4/doc/xml/firewallctl.xml 2017-03-27 19:17:41.000000000 +0200 | ||
59 | +++ firewalld-0.4.4.4-confd/doc/xml/firewallctl.xml 2017-05-18 13:46:13.166744073 +0200 | ||
60 | @@ -601,7 +601,7 @@ | ||
61 | </para> | ||
62 | <para> | ||
63 | As a end user you don't need to create or change zone bindings of interfaces in most cases, because NetworkManager (or legacy network service) adds interfaces into zones automatically (according to <option>ZONE=</option> option from ifcfg-<replaceable>interface</replaceable> file) if <replaceable>NM_CONTROLLED=no</replaceable> is not set. | ||
64 | - You should do it only if there's no /etc/sysconfig/network-scripts/ifcfg-<replaceable>interface</replaceable> file. | ||
65 | + You should do it only if there's no /etc/conf.d/network-scripts/ifcfg-<replaceable>interface</replaceable> file. | ||
66 | If there is such file and you add interface to zone with this <option>--add-interface</option> option, make sure the zone is the same in both cases, otherwise the behaviour would be undefined. | ||
67 | Please also have a look at the <citerefentry><refentrytitle>firewalld</refentrytitle><manvolnum>1</manvolnum></citerefentry> man page in the <replaceable>Concepts</replaceable> section. | ||
68 | For permanent association of interface with a zone, see also 'How to set or change a zone for a connection?' in <citerefentry><refentrytitle>firewalld.zones</refentrytitle><manvolnum>5</manvolnum></citerefentry>. | ||
69 | diff -Naur firewalld-0.4.4.4/doc/xml/firewalld.xml firewalld-0.4.4.4-confd/doc/xml/firewalld.xml | ||
70 | --- firewalld-0.4.4.4/doc/xml/firewalld.xml 2017-03-27 19:17:41.000000000 +0200 | ||
71 | +++ firewalld-0.4.4.4-confd/doc/xml/firewalld.xml 2017-05-18 13:45:27.919228681 +0200 | ||
72 | @@ -130,7 +130,7 @@ | ||
73 | </para> | ||
74 | <para> | ||
75 | You can add these interfaces to a zone with <command>firewall-cmd [--permanent] --zone=<replaceable>zone</replaceable> --add-interface=<replaceable>interface</replaceable></command>. | ||
76 | - If there is a /etc/sysconfig/network-scripts/ifcfg-<replaceable>interface</replaceable> file, firewalld tries to change the ZONE=<replaceable>zone</replaceable> setting in this file. | ||
77 | + If there is a /etc/conf.d/network-scripts/ifcfg-<replaceable>interface</replaceable> file, firewalld tries to change the ZONE=<replaceable>zone</replaceable> setting in this file. | ||
78 | </para> | ||
79 | <para> | ||
80 | If firewalld gets reloaded, it will restore the interface bindings that were in place before reloading to keep interface bindings stable in the case of NetworkManager uncontrolled interfaces. | ||
81 | diff -Naur firewalld-0.4.4.4/doc/xml/firewall-offline-cmd.xml firewalld-0.4.4.4-confd/doc/xml/firewall-offline-cmd.xml | ||
82 | --- firewalld-0.4.4.4/doc/xml/firewall-offline-cmd.xml 2017-03-27 19:17:41.000000000 +0200 | ||
83 | +++ firewalld-0.4.4.4-confd/doc/xml/firewall-offline-cmd.xml 2017-05-18 13:45:41.549082524 +0200 | ||
84 | @@ -68,7 +68,7 @@ | ||
85 | <refsect1 id="options"> | ||
86 | <title>Options</title> | ||
87 | <para> | ||
88 | - If no options are given, configuration from <command>/etc/sysconfig/system-config-firewall</command> will be migrated. | ||
89 | + If no options are given, configuration from <command>/etc/conf.d/system-config-firewall</command> will be migrated. | ||
90 | </para> | ||
91 | |||
92 | <para> | ||
93 | diff -Naur firewalld-0.4.4.4/src/firewall/config/__init__.py.in firewalld-0.4.4.4-confd/src/firewall/config/__init__.py.in | ||
94 | --- firewalld-0.4.4.4/src/firewall/config/__init__.py.in 2017-03-27 19:17:41.000000000 +0200 | ||
95 | +++ firewalld-0.4.4.4-confd/src/firewall/config/__init__.py.in 2017-05-18 13:47:28.374942140 +0200 | ||
96 | @@ -87,7 +87,7 @@ | ||
97 | |||
98 | LOCKDOWN_WHITELIST = ETC_FIREWALLD + '/lockdown-whitelist.xml' | ||
99 | |||
100 | -SYSCONFIGDIR = '/etc/sysconfig' | ||
101 | +SYSCONFIGDIR = '/etc/conf.d' | ||
102 | IFCFGDIR = SYSCONFIGDIR + '/network-scripts' | ||
103 | |||
104 | SYSCTL_CONFIG = '/etc/sysctl.conf' | ||
105 | diff -Naur firewalld-0.4.4.4/src/tests/firewall-offline-cmd_test.sh firewalld-0.4.4.4-confd/src/tests/firewall-offline-cmd_test.sh | ||
106 | --- firewalld-0.4.4.4/src/tests/firewall-offline-cmd_test.sh 2017-03-27 19:17:41.000000000 +0200 | ||
107 | +++ firewalld-0.4.4.4-confd/src/tests/firewall-offline-cmd_test.sh 2017-05-18 13:46:51.941330110 +0200 | ||
108 | @@ -190,7 +190,7 @@ | ||
109 | failures=0 | ||
110 | |||
111 | while true; do | ||
112 | - read -p "This test overwrites your /etc/firewalld/zones/* and /etc/sysconfig/system-config-firewall. Do you want to continue ?" yn | ||
113 | + read -p "This test overwrites your /etc/firewalld/zones/* and /etc/conf.d/system-config-firewall. Do you want to continue ?" yn | ||
114 | case $yn in | ||
115 | [Yy]* ) break;; | ||
116 | [Nn]* ) exit;; | ||
117 | @@ -215,14 +215,14 @@ | ||
118 | lokkit_opts="--enabled --addmodule=abc --addmodule=efg --removemodule=xyz | ||
119 | --trust=${trusted_iface1} --trust=${trusted_iface2} | ||
120 | --masq=tun+ --masq=tap+ --port=7:tcp --port=666:udp | ||
121 | - --custom-rules=ipv4:mangle:/etc/sysconfig/ebtables-config | ||
122 | + --custom-rules=ipv4:mangle:/etc/conf.d/ebtables-config | ||
123 | --service=${service1} --service=${service2} --remove-service=${service3} | ||
124 | --block-icmp=${icmp1} --block-icmp=${icmp2} | ||
125 | --forward-port=if=ippp+:${fw_port1} | ||
126 | --forward-port=if=ippp+:${fw_port2}" | ||
127 | test_lokkit_opts | ||
128 | |||
129 | -cat << EOF > /etc/sysconfig/system-config-firewall | ||
130 | +cat << EOF > /etc/conf.d/system-config-firewall | ||
131 | --enabled | ||
132 | --addmodule=abc | ||
133 | --addmodule=efg | ||
134 | @@ -233,7 +233,7 @@ | ||
135 | --masq=tap+ | ||
136 | --port=7:tcp | ||
137 | --port=666:udp | ||
138 | ---custom-rules=ipv4:mangle:/etc/sysconfig/ebtables-config | ||
139 | +--custom-rules=ipv4:mangle:/etc/conf.d/ebtables-config | ||
140 | --service=${service1} | ||
141 | --service=${service2} | ||
142 | --remove-service=${service3} | ||
143 | @@ -243,7 +243,7 @@ | ||
144 | --forward-port=if=ippp+:${fw_port2} | ||
145 | EOF | ||
146 | |||
147 | -# running firewall-offline-cmd without options should import /etc/sysconfig/system-config-firewall | ||
148 | +# running firewall-offline-cmd without options should import /etc/conf.d/system-config-firewall | ||
149 | lokkit_opts="" | ||
150 | test_lokkit_opts | ||
151 |