- new sub package services providing the systemd services (RHBZ#862922)

- new sub package utils: provides nfnl_osf and the pf.os database - using %{_libexecdir}/iptables as script path for the original init scripts - added service iptables save funcitonality using the new way provided by initscripts 9.37.1 (RHBZ#748134) - added virtual provide for libxtables.so.7
2012-10-12 16:23:05 +02:00 · 2012-10-12 16:23:05 +02:00 · 2fe636d5d4
commit 2fe636d5d4
parent 79f3fa812b
3 changed files with 91 additions and 29 deletions
--- a/iptables.save-legacy
+++ b/iptables.save-legacy
@ -0,0 +1,2 @@
 #!/bin/bash
 exec /usr/libexec/iptables/iptables.init save
--- a/iptables.service
+++ b/iptables.service
@ -6,8 +6,8 @@ ConditionPathExists=/etc/sysconfig/iptables
 [Service]
 Type=oneshot
 RemainAfterExit=yes
-ExecStart=/usr/libexec/iptables.init start
+ExecStart=/usr/libexec/iptables/iptables.init start
-ExecStop=/usr/libexec/iptables.init stop
+ExecStop=/usr/libexec/iptables/iptables.init stop
 Environment=BOOTUP=serial
 Environment=CONSOLETYPE=serial
 StandardOutput=syslog
--- a/iptables.spec
+++ b/iptables.spec
@ -7,11 +7,14 @@
 # install init scripts to /usr/libexec with systemd
 %if %{with systemd}
-    %define script_path %{_libexecdir}
+    %define script_path %{_libexecdir}/iptables
 %else
    %define script_path /etc/rc.d/init.d
 %endif
 # service legacy actions (RHBZ#748134)
 %define legacy_actions %{_libexecdir}/initscripts/legacy-actions
 # default service
 %if 0%{?fedora} < 18 && 0%{?rhel} < 7
    %bcond_without default_service
@ -22,38 +25,32 @@
 Name: iptables
 Summary: Tools for managing Linux kernel packet filtering capabilities
 Version: 1.4.16.2
-Release: 1%{?dist}
+Release: 2%{?dist}
 Source: http://www.netfilter.org/projects/iptables/files/%{name}-%{version}.tar.bz2
 Source1: iptables.init
 Source2: iptables-config
 Source3: iptables.service
 Source4: iptables.save-legacy
 Group: System Environment/Base
 URL: http://www.netfilter.org/
 BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
 License: GPLv2
 # libnfnetlink-devel is requires for nfnl_osf
 BuildRequires: libnfnetlink-devel
 BuildRequires: libselinux-devel
 BuildRequires: kernel-headers
 Conflicts: kernel < 2.4.20
 %if %{with systemd}
 BuildRequires: systemd-units
 Requires(post): systemd-units
 Requires(post): systemd-sysv
 Requires(preun): systemd-units
 Requires(postun): systemd-units
 Conflicts: systemd < 38
 Conflicts: filesystem < 3
 %else
 Requires(post): chkconfig
 Requires(preun): chkconfig
 %endif
 # provide also ipv6 sub package
 Provides: %{name}-ipv6 = %{version}-%{release}
 Obsoletes: %{name}-ipv6 < %{version}-%{release}
 %ifarch x86_64
-Provides: libxtables.so.6()(64bit)
+Provides: libxtables.so.7()(64bit)
 %else
-Provides: libxtables.so.6
+Provides: libxtables.so.7
 %endif
@ -74,12 +71,45 @@ iptables development headers and libraries.
 The iptc interface is upstream marked as not public. The interface is not 
 stable and may change with every new version. It is therefore unsupported.
 %package services
 Summary: iptables and ip6tables services for iptables
 Group: System Environment/Base
 Requires: %{name} = %{version}-%{release}
 %if %{with systemd}
 Requires(post): systemd-units
 Requires(post): systemd-sysv
 Requires(preun): systemd-units
 Requires(postun): systemd-units
 Conflicts: systemd < 38
 Conflicts: filesystem < 3
 %else
 Requires(post): chkconfig
 Requires(preun): chkconfig
 %endif
 %description services
 iptables services for IPv4 and IPv6
 This package provides the services iptables and ip6tables that have been split
 out of the base package since they are not active by default anymore.
 %package utils
 Summary: iptables and ip6tables services for iptables
 Group: System Environment/Base
 Requires: %{name} = %{version}-%{release}
 %description utils
 Utils for iptables.
 Currently only provides nfnl_osf with the pf.os database.
 %prep
 %setup -q
 %build
 CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing " \
-./configure --enable-devel --bindir=%{_bindir} --sbindir=%{_sbindir} --sysconfdir=/etc --libdir=%{_libdir} --libexecdir=%{_libdir} --mandir=%{_mandir} --includedir=%{_includedir} --with-kernel=/usr --with-kbuild=/usr --with-ksource=/usr
+./configure --enable-devel --bindir=%{_bindir} --sbindir=%{_sbindir} --sysconfdir=/etc --libdir=%{_libdir} --libexecdir=%{_libdir} --mandir=%{_mandir} --includedir=%{_includedir} --datadir=%{_datadir}  --with-kernel=/usr --with-kbuild=/usr --with-ksource=/usr
 # do not use rpath
 sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
@ -123,13 +153,24 @@ sed -e 's;iptables;ip6tables;g' -e 's;IPv4;IPv6;g' < %{SOURCE3} > ip6tables.serv
 install -c -m 755 ip6tables.service %{buildroot}/%{_unitdir}
 %endif
 # install legacy actions for service command
 install -d %{buildroot}/%{legacy_actions}/iptables
 install -d %{buildroot}/%{legacy_actions}/ip6tables
 install -c -m 755 %{SOURCE4} %{buildroot}/%{legacy_actions}/iptables/save
 sed -e 's;iptables.init;ip6tables.init;g' -e 's;IPTABLES;IP6TABLES;g' < %{buildroot}/%{legacy_actions}/iptables/save > ip6tabes.save-legacy
 install -c -m 755 ip6tabes.save-legacy %{buildroot}/%{legacy_actions}/ip6tables/save
 %clean
 rm -rf %{buildroot}
 %if %{with systemd}
-%post
+%post -p /sbin/ldconfig
-/sbin/ldconfig
+
 %postun -p /sbin/ldconfig
 %post services
 if [ $1 -eq 1 ] ; then # Initial installation
   /bin/systemctl daemon-reload >/dev/null 2>&1 || :
 %if %{with default_service}
@ -138,7 +179,7 @@ if [ $1 -eq 1 ] ; then # Initial installation
 %endif
 fi
-%preun
+%preun services
 if [ $1 -eq 0 ]; then # Package removal, not upgrade
   /bin/systemctl --no-reload disable iptables.service > /dev/null 2>&1 || :
   /bin/systemctl --no-reload disable ip6tables.service > /dev/null 2>&1 || :
@ -146,7 +187,7 @@ if [ $1 -eq 0 ]; then # Package removal, not upgrade
   /bin/systemctl stop ip6tables.service > /dev/null 2>&1 || :
 fi
-%postun
+%postun services
 /sbin/ldconfig
 /bin/systemctl daemon-reload >/dev/null 2>&1 || :
 if [ $1 -ge 1 ] ; then # Package upgrade, not uninstall
@ -182,12 +223,13 @@ fi
 %else # no systemd
-%post
+%post -p /sbin/ldconfig
-/sbin/ldconfig
+
 %post services
 /sbin/chkconfig --add iptables
 /sbin/chkconfig --add ip6tables
-%preun
+%preun services
 if [ $1 -eq 0 ]; then
   /sbin/chkconfig --del iptables
   /sbin/chkconfig --del ip6tables
@ -201,14 +243,8 @@ fi
 %files
 %defattr(-,root,root)
 %doc COPYING INSTALL INCOMPATIBILITIES
 %attr(0755,root,root) %{script_path}/iptables.init
 %attr(0755,root,root) %{script_path}/ip6tables.init
 %config(noreplace) %attr(0600,root,root) /etc/sysconfig/iptables-config
 %config(noreplace) %attr(0600,root,root) /etc/sysconfig/ip6tables-config
 %if %{with systemd}
 %{_unitdir}/iptables.service
 %{_unitdir}/ip6tables.service
 %endif
 %{_sbindir}/iptables*
 %{_sbindir}/ip6tables*
 %{_sbindir}/xtables-multi
@ -239,7 +275,31 @@ fi
 %{_libdir}/pkgconfig/libip6tc.pc
 %{_libdir}/pkgconfig/xtables.pc
 %files services
 %attr(0755,root,root) %{script_path}/iptables.init
 %attr(0755,root,root) %{script_path}/ip6tables.init
 %if %{with systemd}
 %{_unitdir}/iptables.service
 %{_unitdir}/ip6tables.service
 %endif
 %{legacy_actions}/iptables/save
 %{legacy_actions}/ip6tables/save
 %files utils
 %{_sbindir}/nfnl_osf
 %dir %{_datadir}/xtables
 %{_datadir}/xtables/pf.os
 %changelog
 * Fri Oct 12 2012 Thomas Woerner <twoerner@redhat.com> 1.4.16.2-2
 - new sub package services providing the systemd services (RHBZ#862922)
 - new sub package utils: provides nfnl_osf and the pf.os database
 - using %{_libexecdir}/iptables as script path for the original init scripts
 - added service iptables save funcitonality using the new way provided by 
  initscripts 9.37.1 (RHBZ#748134)
 - added virtual provide for libxtables.so.7
 * Mon Oct  8 2012 Thomas Woerner <twoerner@redhat.com> 1.4.16.2-1
 - new version 1.4.16.2
  - build: support for automake-1.12
		`@ -0,0 +1,2 @@`
							`#!/bin/bash`
							`exec /usr/libexec/iptables/iptables.init save`