diff --git a/iptables.spec b/iptables.spec index f1ddc7f..387ca27 100644 --- a/iptables.spec +++ b/iptables.spec @@ -1,31 +1,13 @@ -# enable systemd for Fedora-16 and RHEL-7 -%if 0%{?fedora} > 15 || 0%{?rhel} > 6 - %bcond_without systemd -%else - %bcond_with systemd -%endif - # install init scripts to /usr/libexec with systemd -%if %{with systemd} - %define script_path %{_libexecdir}/iptables -%else - %define script_path /etc/rc.d/init.d -%endif +%define script_path %{_libexecdir}/iptables # service legacy actions (RHBZ#748134) %define legacy_actions %{_libexecdir}/initscripts/legacy-actions -# default service -%if 0%{?fedora} < 18 && 0%{?rhel} < 7 - %bcond_without default_service -%else - %bcond_with default_service -%endif - Name: iptables Summary: Tools for managing Linux kernel packet filtering capabilities Version: 1.4.21 -Release: 2%{?dist} +Release: 3%{?dist} Source: http://www.netfilter.org/projects/iptables/files/%{name}-%{version}.tar.bz2 Source1: iptables.init Source2: iptables-config @@ -39,10 +21,8 @@ License: GPLv2 BuildRequires: libnfnetlink-devel BuildRequires: libselinux-devel BuildRequires: kernel-headers +BuildRequires: systemd Conflicts: kernel < 2.4.20 -%if %{with systemd} -BuildRequires: systemd-units -%endif # Virtually provide libxtables.so.9 to be able to create the buildroot. # The iproute package is needed by iniscripts. iproute also provides tc, which @@ -75,17 +55,12 @@ stable and may change with every new version. It is therefore unsupported. Summary: iptables and ip6tables services for iptables Group: System Environment/Base Requires: %{name} = %{version}-%{release} -%if %{with systemd} -Requires(post): systemd-units +Requires(post): systemd Requires(post): systemd-sysv -Requires(preun): systemd-units -Requires(postun): systemd-units +Requires(preun): systemd +Requires(postun): systemd Conflicts: systemd < 38 Conflicts: filesystem < 3 -%else -Requires(post): chkconfig -Requires(preun): chkconfig -%endif # provide and obsolete old main package Provides: %{name} = 1.4.16.1 Obsoletes: %{name} <= 1.4.16.1 @@ -151,13 +126,11 @@ install -c -m 755 %{SOURCE2} %{buildroot}/etc/sysconfig/iptables-config sed -e 's;iptables;ip6tables;g' -e 's;IPTABLES;IP6TABLES;g' < %{SOURCE2} > ip6tables-config install -c -m 755 ip6tables-config %{buildroot}/etc/sysconfig/ip6tables-config -%if %{with systemd} # install systemd service files install -d -m 755 %{buildroot}/%{_unitdir} install -c -m 644 %{SOURCE3} %{buildroot}/%{_unitdir} sed -e 's;iptables;ip6tables;g' -e 's;IPv4;IPv6;g' -e 's;/usr/libexec/ip6tables;/usr/libexec/iptables;g' < %{SOURCE3} > ip6tables.service install -c -m 644 ip6tables.service %{buildroot}/%{_unitdir} -%endif # install legacy actions for service command install -d %{buildroot}/%{legacy_actions}/iptables @@ -170,8 +143,6 @@ install -c -m 755 ip6tabes.save-legacy %{buildroot}/%{legacy_actions}/ip6tables/ %clean rm -rf %{buildroot} -%if %{with systemd} - %post -p /sbin/ldconfig %postun -p /sbin/ldconfig @@ -179,10 +150,6 @@ rm -rf %{buildroot} %post services if [ $1 -eq 1 ] ; then # Initial installation /bin/systemctl daemon-reload >/dev/null 2>&1 || : -%if %{with default_service} - /bin/systemctl enable iptables.service >/dev/null 2>&1 || : - /bin/systemctl enable ip6tables.service >/dev/null 2>&1 || : -%endif fi %preun services @@ -205,11 +172,6 @@ fi # To apply saved runlevel, use systemd-sysv-convert --apply iptables %{_bindir}/systemd-sysv-convert --save iptables >/dev/null 2>&1 ||: -# Autostart -%if %{with default_service} -/bin/systemctl --no-reload enable iptables.service >/dev/null 2>&1 ||: -%endif - # Delete from sysv management, try to restart service /sbin/chkconfig --del iptables >/dev/null 2>&1 || : /bin/systemctl try-restart iptables.service >/dev/null 2>&1 || : @@ -218,33 +180,10 @@ fi # To apply saved runlevel, use systemd-sysv-convert --apply iptables %{_bindir}/systemd-sysv-convert --save ip6tables >/dev/null 2>&1 ||: -# Autostart -%if %{with default_service} -/bin/systemctl --no-reload enable ip6tables.service >/dev/null 2>&1 ||: -%endif - # Delete from sysv management, try to restart service /sbin/chkconfig --del ip6tables >/dev/null 2>&1 || : /bin/systemctl try-restart ip6tables.service >/dev/null 2>&1 || : -%else # no systemd - -%post -p /sbin/ldconfig - -%post services -/sbin/chkconfig --add iptables -/sbin/chkconfig --add ip6tables - -%preun services -if [ $1 -eq 0 ]; then - /sbin/chkconfig --del iptables - /sbin/chkconfig --del ip6tables -fi - -%postun -p /sbin/ldconfig - -%endif # systemd - %files %defattr(-,root,root) @@ -284,11 +223,9 @@ fi %files services %attr(0755,root,root) %{script_path}/iptables.init %attr(0755,root,root) %{script_path}/ip6tables.init -%if %{with systemd} %dir %{script_path} %{_unitdir}/iptables.service %{_unitdir}/ip6tables.service -%endif %dir %{legacy_actions}/iptables %{legacy_actions}/iptables/save %dir %{legacy_actions}/ip6tables @@ -301,6 +238,9 @@ fi %changelog +* Thu Jan 09 2014 Jiri Popelka - 1.4.21-3 +- no need to support the pre-systemd things + * Thu Jan 9 2014 Thomas Woerner 1.4.21-2 - fixed system hang at shutdown if root device is network based (RHBZ#1007934) Thanks to Rodrigo A B Freire for the patch