rpms/firewalld
7
0
Fork 0
Code Issues Pull Requests Releases Activity

- New firewalld-selinux sub package delivering the SELinux policy module for

Browse Source 
firewalld (RHBZ#1396765) (RHBZ#1394625) (RHBZ#1394578) (RHBZ#1394573)
  (RHBZ#1394569)
- New firewalld release 0.4.4.2:
  - firewalld.spec: Added helpers and ipsets paths to firewalld-filesystem
  - firewall.core.fw_nm: create NMClient lazily
  - Do not use hard-coded path for modinfo, use autofoo to detect it
  - firewall.core.io.ifcfg: Dropped invalid option warning with bad format
    string
  - firewall.core.io.ifcfg: Properly handle quoted ifcfg values
  - firewall.core.fw_zone: Do not reset ZONE with ifdown
  - Updated translations from zanata
  - firewall-config: Extra grid at bottom to visualize firewalld settings
This commit is contained in:
Thomas Woerner 2016-12-01 15:44:42 +01:00
parent e49b9a8f35
commit 1118c441f2
3 changed files with 99 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -42,3 +42,5 @@
/firewalld-0.4.3.2.tar.bz2 /firewalld-0.4.3.2.tar.bz2
/firewalld-0.4.3.3.tar.bz2 /firewalld-0.4.3.3.tar.bz2
/firewalld-0.4.4.1.tar.bz2 /firewalld-0.4.4.1.tar.bz2
/firewalld-0.4.4.2.tar.bz2
/firewalld-selinux-0.4.4.1.tar

96
firewalld.spec
View File

@ -5,9 +5,29 @@
%endif %endif
%endif %endif
# firewalld-selinux
%global selinuxtype targeted
%global moduletype services
%global modulenames firewalld
%global selinux_subpackage 0
%if 0%{?fedora} >= 23
%global selinux_subpackage 1
%global selinux_policyver 3.13.1-128.6
%endif #0%{?fedora} >= 23
%if 0%{?rhel} >= 7
%global selinux_subpackage 1
%global selinux_policyver 3.13.1-89
%endif #0%{?rhel} >= 7
# Usage: _format var format
# Expand 'modulenames' into various formats as needed
# Format must contain '$x' somewhere to do anything useful
%global _format() export %1=""; for x in %{modulenames}; do %1+=%2; %1+=" "; done;
# Relabel files
%global relabel_files() %{_sbindir}/restorecon -RF %{_sysconfdir}/firewalld %{_prefix}/lib/firewalld >& /dev/null || :
Summary: A firewall daemon with D-Bus interface providing a dynamic firewall Summary: A firewall daemon with D-Bus interface providing a dynamic firewall
Name: firewalld Name: firewalld
Version: 0.4.4.1 Version: 0.4.4.2
Release: 1%{?dist} Release: 1%{?dist}
URL: http://www.firewalld.org URL: http://www.firewalld.org
License: GPLv2+ License: GPLv2+
@ -16,6 +36,7 @@ Source0: https://fedorahosted.org/released/firewalld/%{name}-%{version}.tar.bz2
Source1: FedoraServer.xml Source1: FedoraServer.xml
Source2: FedoraWorkstation.xml Source2: FedoraWorkstation.xml
%endif %endif
Source3: firewalld-selinux-0.4.4.1.tar
%if 0%{?fedora} %if 0%{?fedora}
Patch0: firewalld-0.2.6-MDNS-default.patch Patch0: firewalld-0.2.6-MDNS-default.patch
%endif %endif
@ -56,6 +77,9 @@ Conflicts: selinux-policy < 3.13.1-199
Conflicts: selinux-policy < 3.13.1-89 Conflicts: selinux-policy < 3.13.1-89
Conflicts: squid < 7:3.5.10-1 Conflicts: squid < 7:3.5.10-1
%endif %endif
%if 0%{?selinux_subpackage}
Requires: firewalld-selinux = %{version}-%{release}
%endif #0%{?selinux_subpackage}
%if 0%{?fedora} > 21 %if 0%{?fedora} > 21
Provides: variant_config(Server) Provides: variant_config(Server)
@ -107,6 +131,18 @@ Summary: Firewalld directory layout and rpm macros
This package provides directories and rpm macros which This package provides directories and rpm macros which
are required by other packages that add firewalld configuration files. are required by other packages that add firewalld configuration files.
%if 0%{?selinux_subpackage}
%package -n firewalld-selinux
Summary: SELinux policy module for firewalld
Requires(post): selinux-policy-base >= %{selinux_policyver}
Requires(post): selinux-policy-targeted >= %{selinux_policyver}
Requires(post): policycoreutils, policycoreutils-python, libselinux-utils
BuildRequires: selinux-policy, selinux-policy-devel
%description -n firewalld-selinux
SELinux policy module for firewalld
%endif #0%{?selinux_subpackage}
%package -n firewall-applet %package -n firewall-applet
Summary: Firewall panel applet Summary: Firewall panel applet
Requires: %{name} = %{version}-%{release} Requires: %{name} = %{version}-%{release}
@ -149,6 +185,7 @@ firewalld.
%if 0%{?fedora} %if 0%{?fedora}
%patch0 -p1 %patch0 -p1
%endif %endif
tar -xvf %{SOURCE3}
%if 0%{?with_python3} %if 0%{?with_python3}
rm -rf %{py3dir} rm -rf %{py3dir}
@ -165,6 +202,10 @@ sed -i 's|/usr/bin/python|%{__python3}|' %{py3dir}/config/lockdown-whitelist.xml
# regenerate them # regenerate them
# make %{?_smp_mflags} # make %{?_smp_mflags}
%if 0%{?selinux_subpackage}
make -C config/selinux SHARE="%{_datadir}" TARGETS="%{modulenames}"
%endif
%if 0%{?with_python3} %if 0%{?with_python3}
pushd %{py3dir} pushd %{py3dir}
%configure --enable-sysconfig --enable-rpmmacros PYTHON=%{__python3} %configure --enable-sysconfig --enable-rpmmacros PYTHON=%{__python3}
@ -188,6 +229,18 @@ make -C src install-nobase_dist_pythonDATA PYTHON=%{__python3} DESTDIR=%{buildro
popd popd
%endif #0%{?with_python3} %endif #0%{?with_python3}
# Install SELinux interfaces
%_format INTERFACES config/selinux/$x.if
install -d %{buildroot}%{_datadir}/selinux/devel/include/%{moduletype}
install -p -m 644 $INTERFACES \
%{buildroot}%{_datadir}/selinux/devel/include/%{moduletype}
# Install policy modules
%_format MODULES config/selinux/$x.pp.bz2
install -d %{buildroot}%{_datadir}/selinux/packages
install -m 0644 $MODULES \
%{buildroot}%{_datadir}/selinux/packages
desktop-file-install --delete-original \ desktop-file-install --delete-original \
--dir %{buildroot}%{_sysconfdir}/xdg/autostart \ --dir %{buildroot}%{_sysconfdir}/xdg/autostart \
%{buildroot}%{_sysconfdir}/xdg/autostart/firewall-applet.desktop %{buildroot}%{_sysconfdir}/xdg/autostart/firewall-applet.desktop
@ -230,6 +283,25 @@ rm -f %{buildroot}%{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.poli
%postun %postun
%systemd_postun_with_restart firewalld.service %systemd_postun_with_restart firewalld.service
%if 0%{?selinux_subpackage}
%post -n firewalld-selinux
%_format MODULES %{_datadir}/selinux/packages/$x.pp.bz2
%{_sbindir}/semodule -n -s %{selinuxtype} -i $MODULES
if %{_sbindir}/selinuxenabled ; then
%{_sbindir}/load_policy
%relabel_files
fi
%postun -n firewalld-selinux
if [ $1 -eq 0 ]; then
%{_sbindir}/semodule -n -r %{modulenames} >& /dev/null || :
if %{_sbindir}/selinuxenabled ; then
%{_sbindir}/load_policy
%relabel_files
fi
fi
%endif
%if 0%{?fedora} > 21 %if 0%{?fedora} > 21
%posttrans %posttrans
# If we don't yet have a symlink or existing file for firewalld.conf, # If we don't yet have a symlink or existing file for firewalld.conf,
@ -385,6 +457,13 @@ fi
%dir %{_prefix}/lib/firewalld/xmlschema %dir %{_prefix}/lib/firewalld/xmlschema
%{_rpmconfigdir}/macros.d/macros.firewalld %{_rpmconfigdir}/macros.d/macros.firewalld
%if 0%{?selinux_subpackage}
%files -n firewalld-selinux
%defattr(-,root,root,0755)
%attr(0644,root,root) %{_datadir}/selinux/packages/*.pp.bz2
%attr(0644,root,root) %{_datadir}/selinux/devel/include/%{moduletype}/*.if
%endif
%files -n firewall-applet %files -n firewall-applet
%{_bindir}/firewall-applet %{_bindir}/firewall-applet
%defattr(0644,root,root) %defattr(0644,root,root)
@ -407,6 +486,21 @@ fi
%{_mandir}/man1/firewall-config*.1* %{_mandir}/man1/firewall-config*.1*
%changelog %changelog
* Thu Dec 1 2016 Thomas Woerner <twoerner@redhat.com> - 0.4.4.2-1
- New firewalld-selinux sub package delivering the SELinux policy module for
firewalld (RHBZ#1396765) (RHBZ#1394625) (RHBZ#1394578) (RHBZ#1394573)
(RHBZ#1394569)
- New firewalld release 0.4.4.2:
- firewalld.spec: Added helpers and ipsets paths to firewalld-filesystem
- firewall.core.fw_nm: create NMClient lazily
- Do not use hard-coded path for modinfo, use autofoo to detect it
- firewall.core.io.ifcfg: Dropped invalid option warning with bad format
string
- firewall.core.io.ifcfg: Properly handle quoted ifcfg values
- firewall.core.fw_zone: Do not reset ZONE with ifdown
- Updated translations from zanata
- firewall-config: Extra grid at bottom to visualize firewalld settings
* Wed Nov 9 2016 Thomas Woerner <twoerner@redhat.com> - 0.4.4.1-1 * Wed Nov 9 2016 Thomas Woerner <twoerner@redhat.com> - 0.4.4.1-1
- firewall-config: Use proper source check in sourceDialog (fixes issue#162) - firewall-config: Use proper source check in sourceDialog (fixes issue#162)
- firewallctl: New support for helpers - firewallctl: New support for helpers

3
sources
View File

@ -1 +1,2 @@
57aaca12bcea9436aada394468aae154 firewalld-0.4.4.1.tar.bz2 d47ca0e9b940c8911863caa228732acd firewalld-0.4.4.2.tar.bz2
54e9235552ce4d9b1700acd2066a2b03 firewalld-selinux-0.4.4.1.tar