diff --git a/iptables.spec b/iptables.spec index f1aa477..060b1f2 100644 --- a/iptables.spec +++ b/iptables.spec @@ -7,7 +7,7 @@ Name: iptables Summary: Tools for managing Linux kernel packet filtering capabilities Version: 1.4.21 -Release: 4%{?dist} +Release: 5%{?dist} Source: http://www.netfilter.org/projects/iptables/files/%{name}-%{version}.tar.bz2 Source1: iptables.init Source2: iptables-config @@ -109,8 +109,8 @@ install -d -m 755 %{buildroot}%{_sysconfdir}/sysconfig install -c -m 600 %{SOURCE2} %{buildroot}%{_sysconfdir}/sysconfig/iptables-config sed -e 's;iptables;ip6tables;g' -e 's;IPTABLES;IP6TABLES;g' < %{SOURCE2} > ip6tables-config install -c -m 600 ip6tables-config %{buildroot}%{_sysconfdir}/sysconfig/ip6tables-config -install -c -m 755 %{SOURCE5} %{buildroot}%{_sysconfdir}/sysconfig/iptables -install -c -m 755 %{SOURCE6} %{buildroot}%{_sysconfdir}/sysconfig/ip6tables +install -c -m 600 %{SOURCE5} %{buildroot}%{_sysconfdir}/sysconfig/iptables +install -c -m 600 %{SOURCE6} %{buildroot}%{_sysconfdir}/sysconfig/ip6tables # install systemd service files install -d -m 755 %{buildroot}/%{_unitdir} @@ -174,11 +174,11 @@ install -c -m 755 ip6tabes.save-legacy %{buildroot}/%{legacy_actions}/ip6tables/ %{_libdir}/pkgconfig/xtables.pc %files services +%dir %{script_path} %attr(0755,root,root) %{script_path}/iptables.init %attr(0755,root,root) %{script_path}/ip6tables.init -%config(noreplace) %{_sysconfdir}/sysconfig/iptables -%config(noreplace) %{_sysconfdir}/sysconfig/ip6tables -%dir %{script_path} +%config(noreplace) %attr(0600,root,root) %{_sysconfdir}/sysconfig/iptables +%config(noreplace) %attr(0600,root,root) %{_sysconfdir}/sysconfig/ip6tables %{_unitdir}/iptables.service %{_unitdir}/ip6tables.service %dir %{legacy_actions}/iptables @@ -193,6 +193,9 @@ install -c -m 755 ip6tabes.save-legacy %{buildroot}/%{legacy_actions}/ip6tables/ %changelog +* Tue Jan 14 2014 Jiri Popelka - 1.4.21-5 +- chmod /etc/sysconfig/ip[6]tables 755 -> 600 + * Fri Jan 10 2014 Jiri Popelka - 1.4.21-4 - drop virtual provide for xtables.so.9 - add default /etc/sysconfig/ip[6]tables (RHBZ#1034494)