firewalld/patches/firewalld-0.4.4.4-confd.patch

diff -Naur firewalld-0.4.4.4/config/firewalld.init firewalld-0.4.4.4-confd/config/firewalld.init
--- firewalld-0.4.4.4/config/firewalld.init	2017-03-27 19:17:41.000000000 +0200
+++ firewalld-0.4.4.4-confd/config/firewalld.init	2017-05-18 13:42:39.643047882 +0200
@@ -29,7 +29,7 @@
 prog="firewalld"
 #config="/etc/firewalld/firewalld.conf"
 
-[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
+[ -e /etc/conf.d/$prog ] && . /etc/conf.d/$prog
 
 lockfile=/var/lock/subsys/$prog
 
diff -Naur firewalld-0.4.4.4/config/firewalld.service.in firewalld-0.4.4.4-confd/config/firewalld.service.in
--- firewalld-0.4.4.4/config/firewalld.service.in	2017-03-27 19:17:41.000000000 +0200
+++ firewalld-0.4.4.4-confd/config/firewalld.service.in	2017-05-18 13:42:54.438886706 +0200
@@ -8,7 +8,7 @@
 Documentation=man:firewalld(1)
 
 [Service]
-EnvironmentFile=-/etc/sysconfig/firewalld
+EnvironmentFile=-/etc/conf.d/firewalld
 ExecStart=@sbindir@/firewalld --nofork --nopid $FIREWALLD_ARGS
 ExecReload=/bin/kill -HUP $MAINPID
 # supress to log debug and error output also to /var/log/messages
diff -Naur firewalld-0.4.4.4/config/Makefile.am firewalld-0.4.4.4-confd/config/Makefile.am
--- firewalld-0.4.4.4/config/Makefile.am	2017-03-27 19:17:41.000000000 +0200
+++ firewalld-0.4.4.4-confd/config/Makefile.am	2017-05-18 13:44:04.884122732 +0200
@@ -275,12 +275,12 @@
 	$(edit) $< >$@
 
 install-sysconfig:
-	$(MKDIR_P) $(DESTDIR)$(sysconfdir)/sysconfig
-	$(INSTALL_DATA) $(srcdir)/firewalld.sysconfig $(DESTDIR)$(sysconfdir)/sysconfig/firewalld
+	$(MKDIR_P) $(DESTDIR)$(sysconfdir)/conf.d
+	$(INSTALL_DATA) $(srcdir)/firewalld.sysconfig $(DESTDIR)$(sysconfdir)/conf.d/firewalld
 
 uninstall-sysconfig:
-	rm -f $(DESTDIR)$(sysconfdir)/sysconfig/firewalld
-	rmdir $(DESTDIR)$(sysconfdir)/sysconfig || :
+	rm -f $(DESTDIR)$(sysconfdir)/conf.d/firewalld
+	rmdir $(DESTDIR)$(sysconfdir)/conf.d || :
 
 install-rpmmacros:
 	$(MKDIR_P) $(DESTDIR)$(prefix)/lib/rpm/macros.d
diff -Naur firewalld-0.4.4.4/doc/xml/firewall-cmd.xml firewalld-0.4.4.4-confd/doc/xml/firewall-cmd.xml
--- firewalld-0.4.4.4/doc/xml/firewall-cmd.xml	2017-03-27 19:17:41.000000000 +0200
+++ firewalld-0.4.4.4-confd/doc/xml/firewall-cmd.xml	2017-05-18 13:45:53.477954732 +0200
@@ -900,7 +900,7 @@
 	    </para>
 	    <para>
 	      As a end user you don't need this in most cases, because NetworkManager (or legacy network service) adds interfaces into zones automatically (according to <option>ZONE=</option> option from ifcfg-<replaceable>interface</replaceable> file) if <replaceable>NM_CONTROLLED=no</replaceable> is not set.
-	      You should do it only if there's no /etc/sysconfig/network-scripts/ifcfg-<replaceable>interface</replaceable> file.
+	      You should do it only if there's no /etc/conf.d/network-scripts/ifcfg-<replaceable>interface</replaceable> file.
 	      If there is such file and you add interface to zone with this <option>--add-interface</option> option, make sure the zone is the same in both cases, otherwise the behaviour would be undefined.
 	      Please also have a look at the <citerefentry><refentrytitle>firewalld</refentrytitle><manvolnum>1</manvolnum></citerefentry> man page in the <replaceable>Concepts</replaceable> section.
 	      For permanent association of interface with a zone, see also 'How to set or change a zone for a connection?' in <citerefentry><refentrytitle>firewalld.zones</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
diff -Naur firewalld-0.4.4.4/doc/xml/firewallctl.xml firewalld-0.4.4.4-confd/doc/xml/firewallctl.xml
--- firewalld-0.4.4.4/doc/xml/firewallctl.xml	2017-03-27 19:17:41.000000000 +0200
+++ firewalld-0.4.4.4-confd/doc/xml/firewallctl.xml	2017-05-18 13:46:13.166744073 +0200
@@ -601,7 +601,7 @@
 	    </para>
 	    <para>
 	      As a end user you don't need to create or change zone bindings of interfaces in most cases, because NetworkManager (or legacy network service) adds interfaces into zones automatically (according to <option>ZONE=</option> option from ifcfg-<replaceable>interface</replaceable> file) if <replaceable>NM_CONTROLLED=no</replaceable> is not set.
-	      You should do it only if there's no /etc/sysconfig/network-scripts/ifcfg-<replaceable>interface</replaceable> file.
+	      You should do it only if there's no /etc/conf.d/network-scripts/ifcfg-<replaceable>interface</replaceable> file.
 	      If there is such file and you add interface to zone with this <option>--add-interface</option> option, make sure the zone is the same in both cases, otherwise the behaviour would be undefined.
 	      Please also have a look at the <citerefentry><refentrytitle>firewalld</refentrytitle><manvolnum>1</manvolnum></citerefentry> man page in the <replaceable>Concepts</replaceable> section.
 	      For permanent association of interface with a zone, see also 'How to set or change a zone for a connection?' in <citerefentry><refentrytitle>firewalld.zones</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
diff -Naur firewalld-0.4.4.4/doc/xml/firewalld.xml firewalld-0.4.4.4-confd/doc/xml/firewalld.xml
--- firewalld-0.4.4.4/doc/xml/firewalld.xml	2017-03-27 19:17:41.000000000 +0200
+++ firewalld-0.4.4.4-confd/doc/xml/firewalld.xml	2017-05-18 13:45:27.919228681 +0200
@@ -130,7 +130,7 @@
     </para>
     <para>
       You can add these interfaces to a zone with <command>firewall-cmd [--permanent] --zone=<replaceable>zone</replaceable> --add-interface=<replaceable>interface</replaceable></command>.
-      If there is a /etc/sysconfig/network-scripts/ifcfg-<replaceable>interface</replaceable> file, firewalld tries to change the ZONE=<replaceable>zone</replaceable> setting in this file.
+      If there is a /etc/conf.d/network-scripts/ifcfg-<replaceable>interface</replaceable> file, firewalld tries to change the ZONE=<replaceable>zone</replaceable> setting in this file.
     </para>
     <para>
       If firewalld gets reloaded, it will restore the interface bindings that were in place before reloading to keep interface bindings stable in the case of NetworkManager uncontrolled interfaces.
diff -Naur firewalld-0.4.4.4/doc/xml/firewall-offline-cmd.xml firewalld-0.4.4.4-confd/doc/xml/firewall-offline-cmd.xml
--- firewalld-0.4.4.4/doc/xml/firewall-offline-cmd.xml	2017-03-27 19:17:41.000000000 +0200
+++ firewalld-0.4.4.4-confd/doc/xml/firewall-offline-cmd.xml	2017-05-18 13:45:41.549082524 +0200
@@ -68,7 +68,7 @@
   <refsect1 id="options">
     <title>Options</title>
     <para>
-      If no options are given, configuration from <command>/etc/sysconfig/system-config-firewall</command> will be migrated.
+      If no options are given, configuration from <command>/etc/conf.d/system-config-firewall</command> will be migrated.
     </para>
 
     <para>
diff -Naur firewalld-0.4.4.4/src/firewall/config/__init__.py.in firewalld-0.4.4.4-confd/src/firewall/config/__init__.py.in
--- firewalld-0.4.4.4/src/firewall/config/__init__.py.in	2017-03-27 19:17:41.000000000 +0200
+++ firewalld-0.4.4.4-confd/src/firewall/config/__init__.py.in	2017-05-18 13:47:28.374942140 +0200
@@ -87,7 +87,7 @@
 
 LOCKDOWN_WHITELIST = ETC_FIREWALLD + '/lockdown-whitelist.xml'
 
-SYSCONFIGDIR = '/etc/sysconfig'
+SYSCONFIGDIR = '/etc/conf.d'
 IFCFGDIR = SYSCONFIGDIR + '/network-scripts'
 
 SYSCTL_CONFIG = '/etc/sysctl.conf'
diff -Naur firewalld-0.4.4.4/src/tests/firewall-offline-cmd_test.sh firewalld-0.4.4.4-confd/src/tests/firewall-offline-cmd_test.sh
--- firewalld-0.4.4.4/src/tests/firewall-offline-cmd_test.sh	2017-03-27 19:17:41.000000000 +0200
+++ firewalld-0.4.4.4-confd/src/tests/firewall-offline-cmd_test.sh	2017-05-18 13:46:51.941330110 +0200
@@ -190,7 +190,7 @@
 failures=0
 
 while true; do
-    read -p "This test overwrites your /etc/firewalld/zones/* and /etc/sysconfig/system-config-firewall. Do you want to continue ?" yn
+    read -p "This test overwrites your /etc/firewalld/zones/* and /etc/conf.d/system-config-firewall. Do you want to continue ?" yn
     case $yn in
         [Yy]* ) break;;
         [Nn]* ) exit;;
@@ -215,14 +215,14 @@
 lokkit_opts="--enabled --addmodule=abc --addmodule=efg --removemodule=xyz
  --trust=${trusted_iface1} --trust=${trusted_iface2}
  --masq=tun+ --masq=tap+ --port=7:tcp --port=666:udp
- --custom-rules=ipv4:mangle:/etc/sysconfig/ebtables-config
+ --custom-rules=ipv4:mangle:/etc/conf.d/ebtables-config
  --service=${service1} --service=${service2} --remove-service=${service3}
  --block-icmp=${icmp1} --block-icmp=${icmp2}
  --forward-port=if=ippp+:${fw_port1}
  --forward-port=if=ippp+:${fw_port2}"
 test_lokkit_opts
 
-cat << EOF > /etc/sysconfig/system-config-firewall
+cat << EOF > /etc/conf.d/system-config-firewall
 --enabled
 --addmodule=abc
 --addmodule=efg
@@ -233,7 +233,7 @@
 --masq=tap+
 --port=7:tcp
 --port=666:udp
---custom-rules=ipv4:mangle:/etc/sysconfig/ebtables-config
+--custom-rules=ipv4:mangle:/etc/conf.d/ebtables-config
 --service=${service1}
 --service=${service2}
 --remove-service=${service3}
@@ -243,7 +243,7 @@
 --forward-port=if=ippp+:${fw_port2}
 EOF
 
-# running firewall-offline-cmd without options should import /etc/sysconfig/system-config-firewall
+# running firewall-offline-cmd without options should import /etc/conf.d/system-config-firewall
 lokkit_opts=""
 test_lokkit_opts
 
1	diff -Naur firewalld-0.4.4.4/config/firewalld.init firewalld-0.4.4.4-confd/config/firewalld.init
2	--- firewalld-0.4.4.4/config/firewalld.init 2017-03-27 19:17:41.000000000 +0200
3	+++ firewalld-0.4.4.4-confd/config/firewalld.init 2017-05-18 13:42:39.643047882 +0200
4	@@ -29,7 +29,7 @@
5	prog="firewalld"
6	#config="/etc/firewalld/firewalld.conf"
7
8	-[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
9	+[ -e /etc/conf.d/$prog ] && . /etc/conf.d/$prog
10
11	lockfile=/var/lock/subsys/$prog
12
13	diff -Naur firewalld-0.4.4.4/config/firewalld.service.in firewalld-0.4.4.4-confd/config/firewalld.service.in
14	--- firewalld-0.4.4.4/config/firewalld.service.in 2017-03-27 19:17:41.000000000 +0200
15	+++ firewalld-0.4.4.4-confd/config/firewalld.service.in 2017-05-18 13:42:54.438886706 +0200
16	@@ -8,7 +8,7 @@
17	Documentation=man:firewalld(1)
18
19	[Service]
20	-EnvironmentFile=-/etc/sysconfig/firewalld
21	+EnvironmentFile=-/etc/conf.d/firewalld
22	ExecStart=@sbindir@/firewalld --nofork --nopid $FIREWALLD_ARGS
23	ExecReload=/bin/kill -HUP $MAINPID
24	# supress to log debug and error output also to /var/log/messages
25	diff -Naur firewalld-0.4.4.4/config/Makefile.am firewalld-0.4.4.4-confd/config/Makefile.am
26	--- firewalld-0.4.4.4/config/Makefile.am 2017-03-27 19:17:41.000000000 +0200
27	+++ firewalld-0.4.4.4-confd/config/Makefile.am 2017-05-18 13:44:04.884122732 +0200
28	@@ -275,12 +275,12 @@
29	$(edit) $< >$@
30
31	install-sysconfig:
32	- $(MKDIR_P) $(DESTDIR)$(sysconfdir)/sysconfig
33	- $(INSTALL_DATA) $(srcdir)/firewalld.sysconfig $(DESTDIR)$(sysconfdir)/sysconfig/firewalld
34	+ $(MKDIR_P) $(DESTDIR)$(sysconfdir)/conf.d
35	+ $(INSTALL_DATA) $(srcdir)/firewalld.sysconfig $(DESTDIR)$(sysconfdir)/conf.d/firewalld
36
37	uninstall-sysconfig:
38	- rm -f $(DESTDIR)$(sysconfdir)/sysconfig/firewalld
39	- rmdir $(DESTDIR)$(sysconfdir)/sysconfig \|\| :
40	+ rm -f $(DESTDIR)$(sysconfdir)/conf.d/firewalld
41	+ rmdir $(DESTDIR)$(sysconfdir)/conf.d \|\| :
42
43	install-rpmmacros:
44	$(MKDIR_P) $(DESTDIR)$(prefix)/lib/rpm/macros.d
45	diff -Naur firewalld-0.4.4.4/doc/xml/firewall-cmd.xml firewalld-0.4.4.4-confd/doc/xml/firewall-cmd.xml
46	--- firewalld-0.4.4.4/doc/xml/firewall-cmd.xml 2017-03-27 19:17:41.000000000 +0200
47	+++ firewalld-0.4.4.4-confd/doc/xml/firewall-cmd.xml 2017-05-18 13:45:53.477954732 +0200
48	@@ -900,7 +900,7 @@
49	</para>
50	<para>
51	As a end user you don't need this in most cases, because NetworkManager (or legacy network service) adds interfaces into zones automatically (according to <option>ZONE=</option> option from ifcfg-<replaceable>interface</replaceable> file) if <replaceable>NM_CONTROLLED=no</replaceable> is not set.
52	- You should do it only if there's no /etc/sysconfig/network-scripts/ifcfg-<replaceable>interface</replaceable> file.
53	+ You should do it only if there's no /etc/conf.d/network-scripts/ifcfg-<replaceable>interface</replaceable> file.
54	If there is such file and you add interface to zone with this <option>--add-interface</option> option, make sure the zone is the same in both cases, otherwise the behaviour would be undefined.
55	Please also have a look at the <citerefentry><refentrytitle>firewalld</refentrytitle><manvolnum>1</manvolnum></citerefentry> man page in the <replaceable>Concepts</replaceable> section.
56	For permanent association of interface with a zone, see also 'How to set or change a zone for a connection?' in <citerefentry><refentrytitle>firewalld.zones</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
57	diff -Naur firewalld-0.4.4.4/doc/xml/firewallctl.xml firewalld-0.4.4.4-confd/doc/xml/firewallctl.xml
58	--- firewalld-0.4.4.4/doc/xml/firewallctl.xml 2017-03-27 19:17:41.000000000 +0200
59	+++ firewalld-0.4.4.4-confd/doc/xml/firewallctl.xml 2017-05-18 13:46:13.166744073 +0200
60	@@ -601,7 +601,7 @@
61	</para>
62	<para>
63	As a end user you don't need to create or change zone bindings of interfaces in most cases, because NetworkManager (or legacy network service) adds interfaces into zones automatically (according to <option>ZONE=</option> option from ifcfg-<replaceable>interface</replaceable> file) if <replaceable>NM_CONTROLLED=no</replaceable> is not set.
64	- You should do it only if there's no /etc/sysconfig/network-scripts/ifcfg-<replaceable>interface</replaceable> file.
65	+ You should do it only if there's no /etc/conf.d/network-scripts/ifcfg-<replaceable>interface</replaceable> file.
66	If there is such file and you add interface to zone with this <option>--add-interface</option> option, make sure the zone is the same in both cases, otherwise the behaviour would be undefined.
67	Please also have a look at the <citerefentry><refentrytitle>firewalld</refentrytitle><manvolnum>1</manvolnum></citerefentry> man page in the <replaceable>Concepts</replaceable> section.
68	For permanent association of interface with a zone, see also 'How to set or change a zone for a connection?' in <citerefentry><refentrytitle>firewalld.zones</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
69	diff -Naur firewalld-0.4.4.4/doc/xml/firewalld.xml firewalld-0.4.4.4-confd/doc/xml/firewalld.xml
70	--- firewalld-0.4.4.4/doc/xml/firewalld.xml 2017-03-27 19:17:41.000000000 +0200
71	+++ firewalld-0.4.4.4-confd/doc/xml/firewalld.xml 2017-05-18 13:45:27.919228681 +0200
72	@@ -130,7 +130,7 @@
73	</para>
74	<para>
75	You can add these interfaces to a zone with <command>firewall-cmd [--permanent] --zone=<replaceable>zone</replaceable> --add-interface=<replaceable>interface</replaceable></command>.
76	- If there is a /etc/sysconfig/network-scripts/ifcfg-<replaceable>interface</replaceable> file, firewalld tries to change the ZONE=<replaceable>zone</replaceable> setting in this file.
77	+ If there is a /etc/conf.d/network-scripts/ifcfg-<replaceable>interface</replaceable> file, firewalld tries to change the ZONE=<replaceable>zone</replaceable> setting in this file.
78	</para>
79	<para>
80	If firewalld gets reloaded, it will restore the interface bindings that were in place before reloading to keep interface bindings stable in the case of NetworkManager uncontrolled interfaces.
81	diff -Naur firewalld-0.4.4.4/doc/xml/firewall-offline-cmd.xml firewalld-0.4.4.4-confd/doc/xml/firewall-offline-cmd.xml
82	--- firewalld-0.4.4.4/doc/xml/firewall-offline-cmd.xml 2017-03-27 19:17:41.000000000 +0200
83	+++ firewalld-0.4.4.4-confd/doc/xml/firewall-offline-cmd.xml 2017-05-18 13:45:41.549082524 +0200
84	@@ -68,7 +68,7 @@
85	<refsect1 id="options">
86	<title>Options</title>
87	<para>
88	- If no options are given, configuration from <command>/etc/sysconfig/system-config-firewall</command> will be migrated.
89	+ If no options are given, configuration from <command>/etc/conf.d/system-config-firewall</command> will be migrated.
90	</para>
91
92	<para>
93	diff -Naur firewalld-0.4.4.4/src/firewall/config/__init__.py.in firewalld-0.4.4.4-confd/src/firewall/config/__init__.py.in
94	--- firewalld-0.4.4.4/src/firewall/config/__init__.py.in 2017-03-27 19:17:41.000000000 +0200
95	+++ firewalld-0.4.4.4-confd/src/firewall/config/__init__.py.in 2017-05-18 13:47:28.374942140 +0200
96	@@ -87,7 +87,7 @@
97
98	LOCKDOWN_WHITELIST = ETC_FIREWALLD + '/lockdown-whitelist.xml'
99
100	-SYSCONFIGDIR = '/etc/sysconfig'
101	+SYSCONFIGDIR = '/etc/conf.d'
102	IFCFGDIR = SYSCONFIGDIR + '/network-scripts'
103
104	SYSCTL_CONFIG = '/etc/sysctl.conf'
105	diff -Naur firewalld-0.4.4.4/src/tests/firewall-offline-cmd_test.sh firewalld-0.4.4.4-confd/src/tests/firewall-offline-cmd_test.sh
106	--- firewalld-0.4.4.4/src/tests/firewall-offline-cmd_test.sh 2017-03-27 19:17:41.000000000 +0200
107	+++ firewalld-0.4.4.4-confd/src/tests/firewall-offline-cmd_test.sh 2017-05-18 13:46:51.941330110 +0200
108	@@ -190,7 +190,7 @@
109	failures=0
110
111	while true; do
112	- read -p "This test overwrites your /etc/firewalld/zones/* and /etc/sysconfig/system-config-firewall. Do you want to continue ?" yn
113	+ read -p "This test overwrites your /etc/firewalld/zones/* and /etc/conf.d/system-config-firewall. Do you want to continue ?" yn
114	case $yn in
115	[Yy]* ) break;;
116	[Nn]* ) exit;;
117	@@ -215,14 +215,14 @@
118	lokkit_opts="--enabled --addmodule=abc --addmodule=efg --removemodule=xyz
119	--trust=${trusted_iface1} --trust=${trusted_iface2}
120	--masq=tun+ --masq=tap+ --port=7:tcp --port=666:udp
121	- --custom-rules=ipv4:mangle:/etc/sysconfig/ebtables-config
122	+ --custom-rules=ipv4:mangle:/etc/conf.d/ebtables-config
123	--service=${service1} --service=${service2} --remove-service=${service3}
124	--block-icmp=${icmp1} --block-icmp=${icmp2}
125	--forward-port=if=ippp+:${fw_port1}
126	--forward-port=if=ippp+:${fw_port2}"
127	test_lokkit_opts
128
129	-cat << EOF > /etc/sysconfig/system-config-firewall
130	+cat << EOF > /etc/conf.d/system-config-firewall
131	--enabled
132	--addmodule=abc
133	--addmodule=efg
134	@@ -233,7 +233,7 @@
135	--masq=tap+
136	--port=7:tcp
137	--port=666:udp
138	---custom-rules=ipv4:mangle:/etc/sysconfig/ebtables-config
139	+--custom-rules=ipv4:mangle:/etc/conf.d/ebtables-config
140	--service=${service1}
141	--service=${service2}
142	--remove-service=${service3}
143	@@ -243,7 +243,7 @@
144	--forward-port=if=ippp+:${fw_port2}
145	EOF
146
147	-# running firewall-offline-cmd without options should import /etc/sysconfig/system-config-firewall
148	+# running firewall-offline-cmd without options should import /etc/conf.d/system-config-firewall
149	lokkit_opts=""
150	test_lokkit_opts
151