From 04f3de2395eb6aaea8ada0da018faef37fe33afa Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Wed, 13 Nov 2024 23:28:49 +0100 Subject: [PATCH] iptables-1.8.11-4.el10 * Wed Nov 13 2024 Phil Sutter [1.8.11-4.el10] - Fix for RPM build warnings '--with legacy' (Phil Sutter) [RHEL-67473] - spec: Use bcond macro (Phil Sutter) [RHEL-67473] Resolves: RHEL-67473 --- iptables.spec | 43 ++++++++++++++++++++++++++++++++++++------- 1 file changed, 36 insertions(+), 7 deletions(-) diff --git a/iptables.spec b/iptables.spec index 7bdf9fd..c30094d 100644 --- a/iptables.spec +++ b/iptables.spec @@ -8,7 +8,7 @@ %global ipXtc_so_ver 2 # build legacy sub-packages only on non-rhel distributions -%global do_legacy_pkg ! 0%{?rhel} +%bcond legacy %[ ! 0%{?rhel} ] %define _unpackaged_files_terminate_build 0 @@ -16,7 +16,7 @@ Name: iptables Summary: Tools for managing Linux kernel packet filtering capabilities URL: https://www.netfilter.org/projects/iptables Version: 1.8.11 -Release: 3%{?dist} +Release: 4%{?dist} Source: %{url}/files/%{name}-%{version}.tar.xz Source1: iptables.init Source2: iptables-config @@ -62,6 +62,8 @@ The iptables utility controls the network packet filtering code in the Linux kernel. If you need to set up firewalls and/or IP masquerading, you should install this package. +%if %{with legacy} + %package legacy Summary: Legacy tools for managing Linux kernel packet filtering capabilities Requires: %{name}-legacy-libs%{?_isa} = %{version}-%{release} @@ -80,9 +82,12 @@ nft-variants in iptables-nft package for backwards compatibility reasons. If you need to set up firewalls and/or IP masquerading, you should not install this package but either nftables or iptables-nft instead. +# with legacy +%endif + %package libs Summary: libxtables and iptables extensions userspace support -%if ! %{do_legacy_pkg} +%if %{without legacy} Obsoletes: iptables-legacy-libs-debuginfo < 1.8.10-9 Obsoletes: iptables-legacy-libs < 1.8.10-9 %endif @@ -93,6 +98,8 @@ libxtables and associated shared object files Libxtables provides unified access to iptables extensions in userspace. Data and logic for those is kept in per-extension shared object files. +%if %{with legacy} + %package legacy-libs Summary: iptables legacy libraries Obsoletes: %{name}-libs < %{version}-%{release} @@ -106,17 +113,22 @@ For more information about this, please have a look at http://www.netfilter.org/documentation/FAQ/netfilter-faq-4.html#ss4.5 +# with legacy +%endif + %package devel Summary: Development package for iptables Requires: %{name}-libs%{?_isa} = %{version}-%{release} Requires: pkgconfig -%if ! %{do_legacy_pkg} +%if %{without legacy} Obsoletes: iptables-legacy-devel < 1.8.10-9 %endif %description devel libxtables development headers and pkgconfig files +%if %{with legacy} + %package legacy-devel Summary: Development package for legacy iptables Requires: %{name}-legacy-libs%{?_isa} = %{version}-%{release} @@ -140,6 +152,9 @@ iptables services for IPv4 and IPv6 This package provides the services iptables and ip6tables that have been split out of the base package since they are not active by default anymore. +# with legacy +%endif + %package nft-services Summary: Services for nft-variants of iptables, ebtables and arptables Requires: %{name}-nft = %{version}-%{release} @@ -154,7 +169,7 @@ Obsoletes: iptables-ebtables <= 1.8.4 Obsoletes: iptables-nft-compat <= 1.8.7-19 %{?systemd_ordering} BuildArch: noarch -%if ! %{do_legacy_pkg} +%if %{without legacy} Obsoletes: iptables-services < 1.8.10-9 %endif @@ -287,8 +302,14 @@ for fam in ip ip6; do link_ext libxt_NAT lib${fam}t_MASQUERADE done +# fix absolute symlink +ln -sf --relative %{buildroot}%{_sbindir}/xtables-legacy-multi \ + %{buildroot}%{_bindir}/iptables-xml + %ldconfig_scriptlets +%if %{with legacy} + %post legacy pfx=%{_sbindir}/iptables pfx6=%{_sbindir}/ip6tables @@ -316,6 +337,9 @@ fi %?ldconfig %systemd_postun iptables.service ip6tables.service +# with legacy +%endif + %post nft-services %systemd_post iptables.service ip6tables.service %systemd_post arptables.service ebtables.service @@ -389,7 +413,7 @@ if [ $1 -eq 0 ]; then done fi -%if %{do_legacy_pkg} +%if %{with legacy} %files legacy %{_sbindir}/ip{,6}tables-legacy* @@ -397,6 +421,7 @@ fi %{_bindir}/iptables-xml %{_mandir}/man1/iptables-xml* %{_mandir}/man8/xtables-legacy* +%{_datadir}/xtables/iptables.xslt %ghost %{_sbindir}/ip{,6}tables{,-save,-restore} %files legacy-libs @@ -417,7 +442,7 @@ fi %dir %{legacy_actions}/ip{,6}tables %{legacy_actions}/ip{,6}tables/{save,panic} -# do_legacy_pkg +# with legacy %endif %files nft-services @@ -480,6 +505,10 @@ fi %ghost %{_mandir}/man8/ebtables.8.gz %changelog +* Wed Nov 13 2024 Phil Sutter [1.8.11-4.el10] +- Fix for RPM build warnings '--with legacy' (Phil Sutter) [RHEL-67473] +- spec: Use bcond macro (Phil Sutter) [RHEL-67473] + * Wed Nov 13 2024 Phil Sutter [1.8.11-3.el10] - More upgrade path from RHEL-10.0-beta fixing (Phil Sutter) [RHEL-66725]