summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
author stormtracknole2020-03-20 13:11:39 +0100
committer Willy Sudiarto Raharjo2020-03-20 13:11:39 +0100
commit4de5fb1d7a3290fb6a04369e993e9e500d48bb5e (patch)
treef98555f42e4cf005cc3b966ebb6efe6668a7c366
parent431e5229c4beec6bd98e135d446bc5bab5b376e4 (diff)
downloadslackbuilds-4de5fb1d7a3290fb6a04369e993e9e500d48bb5e.tar.gz
network/firewalld: Update script.
Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
-rw-r--r--network/firewalld/README4
-rw-r--r--network/firewalld/README.SLACKWARE20
-rw-r--r--network/firewalld/doinst.sh3
-rw-r--r--network/firewalld/firewalld.SlackBuild20
-rw-r--r--network/firewalld/init.patch11
-rw-r--r--network/firewalld/rc.firewalld56
6 files changed, 110 insertions, 4 deletions
diff --git a/network/firewalld/README b/network/firewalld/README
index 75d957740a..1821f7afae 100644
--- a/network/firewalld/README
+++ b/network/firewalld/README
@@ -1,6 +1,8 @@
-firewalld provides a dynamically managed firewall with support for
+Firewalld provides a dynamically managed firewall with support for
network or firewall zones to define the trust level of network
connections or interfaces. It has support for IPv4, IPv6 firewall
settings and for ethernet bridges and a separation of runtime and
permanent configuration options. It also provides an interface for
services or applications to add ip*tables and ebtables rules directly.
+
+Please read the README.SLACKWARE file for additional information.
diff --git a/network/firewalld/README.SLACKWARE b/network/firewalld/README.SLACKWARE
new file mode 100644
index 0000000000..a5a7404a61
--- /dev/null
+++ b/network/firewalld/README.SLACKWARE
@@ -0,0 +1,20 @@
+The package provided by the upstream project already includes
+/etc/init.d/firewalld which will get executed on boot by
+/etc/rc.d/rc.sysvinit. So technically, you don't have to
+use the custom rc.firewalld. I have provided a patch that
+changes /etc/sysconfig/ to /etc/default in order to source
+any custom arguments.
+
+Otherwise, feel free to chmod -x /etc/init.d/firewalld
+and chmod +x /etc/rc.d/rc.firewalld then add it to your
+/etc/rc.d/rc.local like so:
+
+if [ -x /etc/rc.d/rc.firewalld ]; then
+ /etc/rc.d/rc.firewalld start
+fi
+
+and the following to /etc/rc.d/rc.local_shutdown:
+
+if [ -x /etc/rc.d/rc.firewalld ]; then
+ /etc/rc.d/rc.firewalld stop
+fi
diff --git a/network/firewalld/doinst.sh b/network/firewalld/doinst.sh
index 9f4fb5fbe4..592ffcdaef 100644
--- a/network/firewalld/doinst.sh
+++ b/network/firewalld/doinst.sh
@@ -26,7 +26,8 @@ config etc/dbus-1/system.d/FirewallD.conf.new
config etc/firewall/applet.conf.new
config etc/firewalld/firewalld.conf.new
config etc/default/firewalld.new
-preserve_perms etc/rc.d/rc.FireWallD.new
+preserve_perms etc/rc.d/rc.firewalld.new
+preserve_perms etc/rc.d/init.d/firewalld.new
if [ -x /usr/bin/update-desktop-database ]; then
/usr/bin/update-desktop-database -q usr/share/applications >/dev/null 2>&1
diff --git a/network/firewalld/firewalld.SlackBuild b/network/firewalld/firewalld.SlackBuild
index ad54c23725..b244425797 100644
--- a/network/firewalld/firewalld.SlackBuild
+++ b/network/firewalld/firewalld.SlackBuild
@@ -21,10 +21,18 @@
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# ChangeLog
+#
+# Thu Mar 19 12:19:48 UTC 2020
+#
+# * Added patch to change the source file from /etc/sysconfig to /etc/default
+# in the provided /etc/init.d/firewalld file.
+#
PRGNAM=firewalld
VERSION=${VERSION:-0.5.1}
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-3}
TAG=${TAG:-_SBo}
if [ -z "$ARCH" ]; then
@@ -69,6 +77,10 @@ find -L . \
\( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
-o -perm 440 -o -perm 400 \) -exec chmod 644 {} \;
+# Let's patch the init.d script to use /etc/default instead of
+# /etc/sysconfig to source arguments.
+patch -p1 < $CWD/init.patch
+
./autogen.sh
CFLAGS="$SLKCFLAGS" \
@@ -95,8 +107,9 @@ mv $PKG/etc/sysconfig/firewalld $PKG/etc/sysconfig/firewalld.new
mv $PKG/etc/sysconfig $PKG/etc/default
mkdir -p $PKG/etc/rc.d
-cat $CWD/rc.FireWallD > $PKG/etc/rc.d/rc.FireWallD.new
+cat $CWD/rc.firewalld > $PKG/etc/rc.d/rc.firewalld.new
+# We don't need systemd here.
rm -rf $PKG/usr/lib/systemd
find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \
@@ -115,5 +128,8 @@ mkdir -p $PKG/install
cat $CWD/slack-desc > $PKG/install/slack-desc
cat $CWD/doinst.sh > $PKG/install/doinst.sh
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
+
cd $PKG
/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz}
diff --git a/network/firewalld/init.patch b/network/firewalld/init.patch
new file mode 100644
index 0000000000..675dee356f
--- /dev/null
+++ b/network/firewalld/init.patch
@@ -0,0 +1,11 @@
+--- firewalld-0.5.1/config/firewalld.init 2020-03-19 08:05:08.660103937 -0400
++++ firewalld-0.5.1-new/config/firewalld.init 2020-03-19 08:10:25.695336773 -0400
+@@ -29,7 +29,7 @@
+ prog="firewalld"
+ #config="/etc/firewalld/firewalld.conf"
+
+-[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
++[ -e /etc/default/$prog ] && . /etc/default/$prog
+
+ lockfile=/var/lock/subsys/$prog
+
diff --git a/network/firewalld/rc.firewalld b/network/firewalld/rc.firewalld
new file mode 100644
index 0000000000..aa0d91b3dc
--- /dev/null
+++ b/network/firewalld/rc.firewalld
@@ -0,0 +1,56 @@
+#!/bin/sh
+# Start/stop/restart firewalld.
+
+# Start firewalld:
+firewalld_start() {
+ [ -r /etc/default/firewalld ] && source /etc/default/firewalld
+ echo -n "Starting FireWallD daemon: /usr/sbin/firewalld "
+ /usr/sbin/firewalld $FIREWALLD_ARGS
+ echo
+}
+
+# Stop firewalld:
+firewalld_stop() {
+ echo -n "Stopping FireWallD daemon..."
+ if [ -r /var/run/firewalld.pid ]; then
+ kill -HUP $(cat /var/run/firewalld.pid)
+ rm -f /var/run/firewalld.pid
+ else
+ killall -HUP -q firewalld
+ fi
+ echo
+}
+
+# Restart firewalld:
+firewalld_restart() {
+ firewalld_stop
+ sleep 1
+ firewalld_start
+}
+
+# Check if firewalld is running
+firewalld_status() {
+ if [ -e /var/run/firewalld.pid ]; then
+ echo "firewalld is running as pid $(cat /var/run/firewalld.pid)."
+ else
+ echo "firewalld is stopped."
+ exit 1
+ fi
+}
+
+case "$1" in
+'start')
+ firewalld_start
+ ;;
+'stop')
+ firewalld_stop
+ ;;
+'restart')
+ firewalld_restart
+ ;;
+'status')
+ firewalld_status
+ ;;
+*)
+ echo "usage $0 start|stop|restart|status"
+esac