Contents of /trunk/firewalld/patches/firewalld-0.4.4.4-confd.patch
Parent Directory | Revision Log
Revision 2919 -
(show annotations)
(download)
Thu May 18 12:14:34 2017 UTC (7 years, 4 months ago) by niro
File size: 9238 byte(s)
Thu May 18 12:14:34 2017 UTC (7 years, 4 months ago) by niro
File size: 9238 byte(s)
-re-diffed for 0.4.4.4
1 | diff -Naur firewalld-0.4.4.4/config/firewalld.init firewalld-0.4.4.4-confd/config/firewalld.init |
2 | --- firewalld-0.4.4.4/config/firewalld.init 2017-03-27 19:17:41.000000000 +0200 |
3 | +++ firewalld-0.4.4.4-confd/config/firewalld.init 2017-05-18 13:42:39.643047882 +0200 |
4 | @@ -29,7 +29,7 @@ |
5 | prog="firewalld" |
6 | #config="/etc/firewalld/firewalld.conf" |
7 | |
8 | -[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog |
9 | +[ -e /etc/conf.d/$prog ] && . /etc/conf.d/$prog |
10 | |
11 | lockfile=/var/lock/subsys/$prog |
12 | |
13 | diff -Naur firewalld-0.4.4.4/config/firewalld.service.in firewalld-0.4.4.4-confd/config/firewalld.service.in |
14 | --- firewalld-0.4.4.4/config/firewalld.service.in 2017-03-27 19:17:41.000000000 +0200 |
15 | +++ firewalld-0.4.4.4-confd/config/firewalld.service.in 2017-05-18 13:42:54.438886706 +0200 |
16 | @@ -8,7 +8,7 @@ |
17 | Documentation=man:firewalld(1) |
18 | |
19 | [Service] |
20 | -EnvironmentFile=-/etc/sysconfig/firewalld |
21 | +EnvironmentFile=-/etc/conf.d/firewalld |
22 | ExecStart=@sbindir@/firewalld --nofork --nopid $FIREWALLD_ARGS |
23 | ExecReload=/bin/kill -HUP $MAINPID |
24 | # supress to log debug and error output also to /var/log/messages |
25 | diff -Naur firewalld-0.4.4.4/config/Makefile.am firewalld-0.4.4.4-confd/config/Makefile.am |
26 | --- firewalld-0.4.4.4/config/Makefile.am 2017-03-27 19:17:41.000000000 +0200 |
27 | +++ firewalld-0.4.4.4-confd/config/Makefile.am 2017-05-18 13:44:04.884122732 +0200 |
28 | @@ -275,12 +275,12 @@ |
29 | $(edit) $< >$@ |
30 | |
31 | install-sysconfig: |
32 | - $(MKDIR_P) $(DESTDIR)$(sysconfdir)/sysconfig |
33 | - $(INSTALL_DATA) $(srcdir)/firewalld.sysconfig $(DESTDIR)$(sysconfdir)/sysconfig/firewalld |
34 | + $(MKDIR_P) $(DESTDIR)$(sysconfdir)/conf.d |
35 | + $(INSTALL_DATA) $(srcdir)/firewalld.sysconfig $(DESTDIR)$(sysconfdir)/conf.d/firewalld |
36 | |
37 | uninstall-sysconfig: |
38 | - rm -f $(DESTDIR)$(sysconfdir)/sysconfig/firewalld |
39 | - rmdir $(DESTDIR)$(sysconfdir)/sysconfig || : |
40 | + rm -f $(DESTDIR)$(sysconfdir)/conf.d/firewalld |
41 | + rmdir $(DESTDIR)$(sysconfdir)/conf.d || : |
42 | |
43 | install-rpmmacros: |
44 | $(MKDIR_P) $(DESTDIR)$(prefix)/lib/rpm/macros.d |
45 | diff -Naur firewalld-0.4.4.4/doc/xml/firewall-cmd.xml firewalld-0.4.4.4-confd/doc/xml/firewall-cmd.xml |
46 | --- firewalld-0.4.4.4/doc/xml/firewall-cmd.xml 2017-03-27 19:17:41.000000000 +0200 |
47 | +++ firewalld-0.4.4.4-confd/doc/xml/firewall-cmd.xml 2017-05-18 13:45:53.477954732 +0200 |
48 | @@ -900,7 +900,7 @@ |
49 | </para> |
50 | <para> |
51 | As a end user you don't need this in most cases, because NetworkManager (or legacy network service) adds interfaces into zones automatically (according to <option>ZONE=</option> option from ifcfg-<replaceable>interface</replaceable> file) if <replaceable>NM_CONTROLLED=no</replaceable> is not set. |
52 | - You should do it only if there's no /etc/sysconfig/network-scripts/ifcfg-<replaceable>interface</replaceable> file. |
53 | + You should do it only if there's no /etc/conf.d/network-scripts/ifcfg-<replaceable>interface</replaceable> file. |
54 | If there is such file and you add interface to zone with this <option>--add-interface</option> option, make sure the zone is the same in both cases, otherwise the behaviour would be undefined. |
55 | Please also have a look at the <citerefentry><refentrytitle>firewalld</refentrytitle><manvolnum>1</manvolnum></citerefentry> man page in the <replaceable>Concepts</replaceable> section. |
56 | For permanent association of interface with a zone, see also 'How to set or change a zone for a connection?' in <citerefentry><refentrytitle>firewalld.zones</refentrytitle><manvolnum>5</manvolnum></citerefentry>. |
57 | diff -Naur firewalld-0.4.4.4/doc/xml/firewallctl.xml firewalld-0.4.4.4-confd/doc/xml/firewallctl.xml |
58 | --- firewalld-0.4.4.4/doc/xml/firewallctl.xml 2017-03-27 19:17:41.000000000 +0200 |
59 | +++ firewalld-0.4.4.4-confd/doc/xml/firewallctl.xml 2017-05-18 13:46:13.166744073 +0200 |
60 | @@ -601,7 +601,7 @@ |
61 | </para> |
62 | <para> |
63 | As a end user you don't need to create or change zone bindings of interfaces in most cases, because NetworkManager (or legacy network service) adds interfaces into zones automatically (according to <option>ZONE=</option> option from ifcfg-<replaceable>interface</replaceable> file) if <replaceable>NM_CONTROLLED=no</replaceable> is not set. |
64 | - You should do it only if there's no /etc/sysconfig/network-scripts/ifcfg-<replaceable>interface</replaceable> file. |
65 | + You should do it only if there's no /etc/conf.d/network-scripts/ifcfg-<replaceable>interface</replaceable> file. |
66 | If there is such file and you add interface to zone with this <option>--add-interface</option> option, make sure the zone is the same in both cases, otherwise the behaviour would be undefined. |
67 | Please also have a look at the <citerefentry><refentrytitle>firewalld</refentrytitle><manvolnum>1</manvolnum></citerefentry> man page in the <replaceable>Concepts</replaceable> section. |
68 | For permanent association of interface with a zone, see also 'How to set or change a zone for a connection?' in <citerefentry><refentrytitle>firewalld.zones</refentrytitle><manvolnum>5</manvolnum></citerefentry>. |
69 | diff -Naur firewalld-0.4.4.4/doc/xml/firewalld.xml firewalld-0.4.4.4-confd/doc/xml/firewalld.xml |
70 | --- firewalld-0.4.4.4/doc/xml/firewalld.xml 2017-03-27 19:17:41.000000000 +0200 |
71 | +++ firewalld-0.4.4.4-confd/doc/xml/firewalld.xml 2017-05-18 13:45:27.919228681 +0200 |
72 | @@ -130,7 +130,7 @@ |
73 | </para> |
74 | <para> |
75 | You can add these interfaces to a zone with <command>firewall-cmd [--permanent] --zone=<replaceable>zone</replaceable> --add-interface=<replaceable>interface</replaceable></command>. |
76 | - If there is a /etc/sysconfig/network-scripts/ifcfg-<replaceable>interface</replaceable> file, firewalld tries to change the ZONE=<replaceable>zone</replaceable> setting in this file. |
77 | + If there is a /etc/conf.d/network-scripts/ifcfg-<replaceable>interface</replaceable> file, firewalld tries to change the ZONE=<replaceable>zone</replaceable> setting in this file. |
78 | </para> |
79 | <para> |
80 | If firewalld gets reloaded, it will restore the interface bindings that were in place before reloading to keep interface bindings stable in the case of NetworkManager uncontrolled interfaces. |
81 | diff -Naur firewalld-0.4.4.4/doc/xml/firewall-offline-cmd.xml firewalld-0.4.4.4-confd/doc/xml/firewall-offline-cmd.xml |
82 | --- firewalld-0.4.4.4/doc/xml/firewall-offline-cmd.xml 2017-03-27 19:17:41.000000000 +0200 |
83 | +++ firewalld-0.4.4.4-confd/doc/xml/firewall-offline-cmd.xml 2017-05-18 13:45:41.549082524 +0200 |
84 | @@ -68,7 +68,7 @@ |
85 | <refsect1 id="options"> |
86 | <title>Options</title> |
87 | <para> |
88 | - If no options are given, configuration from <command>/etc/sysconfig/system-config-firewall</command> will be migrated. |
89 | + If no options are given, configuration from <command>/etc/conf.d/system-config-firewall</command> will be migrated. |
90 | </para> |
91 | |
92 | <para> |
93 | diff -Naur firewalld-0.4.4.4/src/firewall/config/__init__.py.in firewalld-0.4.4.4-confd/src/firewall/config/__init__.py.in |
94 | --- firewalld-0.4.4.4/src/firewall/config/__init__.py.in 2017-03-27 19:17:41.000000000 +0200 |
95 | +++ firewalld-0.4.4.4-confd/src/firewall/config/__init__.py.in 2017-05-18 13:47:28.374942140 +0200 |
96 | @@ -87,7 +87,7 @@ |
97 | |
98 | LOCKDOWN_WHITELIST = ETC_FIREWALLD + '/lockdown-whitelist.xml' |
99 | |
100 | -SYSCONFIGDIR = '/etc/sysconfig' |
101 | +SYSCONFIGDIR = '/etc/conf.d' |
102 | IFCFGDIR = SYSCONFIGDIR + '/network-scripts' |
103 | |
104 | SYSCTL_CONFIG = '/etc/sysctl.conf' |
105 | diff -Naur firewalld-0.4.4.4/src/tests/firewall-offline-cmd_test.sh firewalld-0.4.4.4-confd/src/tests/firewall-offline-cmd_test.sh |
106 | --- firewalld-0.4.4.4/src/tests/firewall-offline-cmd_test.sh 2017-03-27 19:17:41.000000000 +0200 |
107 | +++ firewalld-0.4.4.4-confd/src/tests/firewall-offline-cmd_test.sh 2017-05-18 13:46:51.941330110 +0200 |
108 | @@ -190,7 +190,7 @@ |
109 | failures=0 |
110 | |
111 | while true; do |
112 | - read -p "This test overwrites your /etc/firewalld/zones/* and /etc/sysconfig/system-config-firewall. Do you want to continue ?" yn |
113 | + read -p "This test overwrites your /etc/firewalld/zones/* and /etc/conf.d/system-config-firewall. Do you want to continue ?" yn |
114 | case $yn in |
115 | [Yy]* ) break;; |
116 | [Nn]* ) exit;; |
117 | @@ -215,14 +215,14 @@ |
118 | lokkit_opts="--enabled --addmodule=abc --addmodule=efg --removemodule=xyz |
119 | --trust=${trusted_iface1} --trust=${trusted_iface2} |
120 | --masq=tun+ --masq=tap+ --port=7:tcp --port=666:udp |
121 | - --custom-rules=ipv4:mangle:/etc/sysconfig/ebtables-config |
122 | + --custom-rules=ipv4:mangle:/etc/conf.d/ebtables-config |
123 | --service=${service1} --service=${service2} --remove-service=${service3} |
124 | --block-icmp=${icmp1} --block-icmp=${icmp2} |
125 | --forward-port=if=ippp+:${fw_port1} |
126 | --forward-port=if=ippp+:${fw_port2}" |
127 | test_lokkit_opts |
128 | |
129 | -cat << EOF > /etc/sysconfig/system-config-firewall |
130 | +cat << EOF > /etc/conf.d/system-config-firewall |
131 | --enabled |
132 | --addmodule=abc |
133 | --addmodule=efg |
134 | @@ -233,7 +233,7 @@ |
135 | --masq=tap+ |
136 | --port=7:tcp |
137 | --port=666:udp |
138 | ---custom-rules=ipv4:mangle:/etc/sysconfig/ebtables-config |
139 | +--custom-rules=ipv4:mangle:/etc/conf.d/ebtables-config |
140 | --service=${service1} |
141 | --service=${service2} |
142 | --remove-service=${service3} |
143 | @@ -243,7 +243,7 @@ |
144 | --forward-port=if=ippp+:${fw_port2} |
145 | EOF |
146 | |
147 | -# running firewall-offline-cmd without options should import /etc/sysconfig/system-config-firewall |
148 | +# running firewall-offline-cmd without options should import /etc/conf.d/system-config-firewall |
149 | lokkit_opts="" |
150 | test_lokkit_opts |
151 |