handle properly rpm sysctl config

Move sysctl config to correct %{_sysctldir}.
Apply sysctl config on install.

See https://docs.fedoraproject.org/en-US/packaging-guidelines/#_binfmt_d_sysctl_d_and_tmpfiles_d
This commit is contained in:
Paul Wouters 2021-06-06 21:22:20 -04:00
parent 0f00fff4b5
commit 7c4b294887
No known key found for this signature in database
GPG Key ID: DB48D2E5122468BF

View File

@ -31,7 +31,7 @@ Name: libreswan
Summary: Internet Key Exchange (IKEv1 and IKEv2) implementation for IPsec Summary: Internet Key Exchange (IKEv1 and IKEv2) implementation for IPsec
# version is generated in the release script # version is generated in the release script
Version: 4.4 Version: 4.4
Release: %{?prever:0.}1%{?prever:.%{prever}}%{?dist} Release: %{?prever:0.}2%{?prever:.%{prever}}%{?dist}
License: GPLv2 License: GPLv2
Url: https://libreswan.org/ Url: https://libreswan.org/
Source0: https://download.libreswan.org/%{?prever:development/}%{name}-%{version}%{?prever}.tar.gz Source0: https://download.libreswan.org/%{?prever:development/}%{name}-%{version}%{?prever}.tar.gz
@ -130,9 +130,9 @@ rm -rf %{buildroot}%{_libexecdir}/ipsec/*check
install -d -m 0755 %{buildroot}%{_rundir}/pluto install -d -m 0755 %{buildroot}%{_rundir}/pluto
install -d %{buildroot}%{_sbindir} install -d %{buildroot}%{_sbindir}
install -d %{buildroot}%{_sysconfdir}/sysctl.d install -d %{buildroot}%{_sysctldir}
install -m 0644 packaging/fedora/libreswan-sysctl.conf \ install -m 0644 packaging/fedora/libreswan-sysctl.conf \
%{buildroot}%{_sysconfdir}/sysctl.d/50-libreswan.conf %{buildroot}%{_sysctldir}/50-libreswan.conf
echo "include %{_sysconfdir}/ipsec.d/*.secrets" \ echo "include %{_sysconfdir}/ipsec.d/*.secrets" \
> %{buildroot}%{_sysconfdir}/ipsec.secrets > %{buildroot}%{_sysconfdir}/ipsec.secrets
@ -171,6 +171,7 @@ certutil -N -d sql:$tmpdir --empty-password
%post %post
%systemd_post ipsec.service %systemd_post ipsec.service
%sysctl_apply 50-libreswan.conf
%preun %preun
%systemd_preun ipsec.service %systemd_preun ipsec.service
@ -186,7 +187,7 @@ certutil -N -d sql:$tmpdir --empty-password
%attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d %attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d
%attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d/policies %attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d/policies
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ipsec.d/policies/* %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ipsec.d/policies/*
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/sysctl.d/50-libreswan.conf %attr(0644,root,root) %config(noreplace) %{_sysctldir}/50-libreswan.conf
%attr(0755,root,root) %dir %{_rundir}/pluto %attr(0755,root,root) %dir %{_rundir}/pluto
%attr(0700,root,root) %dir %{_sharedstatedir}/ipsec %attr(0700,root,root) %dir %{_sharedstatedir}/ipsec
%attr(0700,root,root) %dir %{_sharedstatedir}/ipsec/nss %attr(0700,root,root) %dir %{_sharedstatedir}/ipsec/nss
@ -199,6 +200,9 @@ certutil -N -d sql:$tmpdir --empty-password
%doc %{_mandir}/*/* %doc %{_mandir}/*/*
%changelog %changelog
* Mon Jun 07 2021 Paul Wouters <paul.wouters@aiven.io> - 4.4-2
- Properly handle rpm sysctl config
* Wed May 12 2021 Paul Wouters <paul.wouters@aiven.io> - 4.4-1 * Wed May 12 2021 Paul Wouters <paul.wouters@aiven.io> - 4.4-1
- Resolves: rhbz#1952602 libreswan-4.4 is available - Resolves: rhbz#1952602 libreswan-4.4 is available