Sync from SUSE:SLFO:Main nftables revision 053ccb99ae5234418bed133c11cff340

2025-01-02 17:32:50 +01:00
parent 5f01a038a1
commit 09a1f2bb3b
8 changed files with 99 additions and 42 deletions
--- a/0001-Revert-py-replace-distutils-with-setuptools.patch
+++ b/0001-Revert-py-replace-distutils-with-setuptools.patch
@@ -1,24 +0,0 @@
-From 2125091e724c399d653790af854d9daba0218b99 Mon Sep 17 00:00:00 2001
-From: Jan Engelhardt <jengelh@inai.de>
-Date: Mon, 17 Jul 2023 12:13:05 +0200
-Subject: [PATCH] Revert "py: replace distutils with setuptools"
-
-This reverts commit 1acc2fd48c755a8931fa87b8d0560b750316059f.
---
- py/setup.py | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/py/setup.py b/py/setup.py
-index 8ad73e7b..72fc8fd9 100755
--- a/py/setup.py
-+++ b/py/setup.py
-@@ -1,5 +1,5 @@
- #!/usr/bin/env python
-from setuptools import setup
-+from distutils.core import setup
- from nftables import NFTABLES_VERSION
- 
- setup(name='nftables',
-- 
-2.41.0
-
--- a/nftables-1.0.8.tar.xz
+++ b/nftables-1.0.8.tar.xz
--- a/nftables-1.0.8.tar.xz.sig
+++ b/nftables-1.0.8.tar.xz.sig
--- a/nftables-1.1.1.tar.xz
+++ b/nftables-1.1.1.tar.xz
--- a/nftables-1.1.1.tar.xz.sig
+++ b/nftables-1.1.1.tar.xz.sig
--- a/nftables.changes
+++ b/nftables.changes
@@ -1,3 +1,61 @@
+-------------------------------------------------------------------
+Thu Oct  3 07:00:54 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
+
+- Update to release 1.1.1
+  * Reduce netlink cache dependencies to speed up incremental
+    updates.
+  * Allow zero burst in byte ratelimiter expression.
+  * Fix double-free when users call nft_ctx_clear_vars() followed
+    by nft_ctx_free().
+  * Document that the tproxy statement is non-terminal (unlike in
+    iptables). This allows for tproxy+log and tproxy+mark combos,
+    see man nft(8) for details.
+  * Add egress support for the `list hooks` subcommand.
+
+-------------------------------------------------------------------
+Wed Jul 17 02:13:42 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
+
+- Update to release 1.1.0
+  * Restore compatibility set element dump with <= 0.9.8
+  * Disallow empty interface names
+  * Restore rule replace command
+  * Search for group, rt_mark, rt_realms at
+    /etc/iproute2, /usr/share/iproute2
+  * Resolve some timezone issues
+  * Support for variables in map expressions
+  * VLAN support
+
+-------------------------------------------------------------------
+Thu Jan  4 08:04:39 UTC 2024 - Dirk Müller <dmueller@suse.com>
+
+- buildrequire setuptools explicitly as pip drops the dependency
+
+-------------------------------------------------------------------
+Wed Jan  3 10:05:39 UTC 2024 - Ben Greiner <code@bnavigator.de>
+
+- Fix the python bindings subpackages
+  * The PEP517 python build requires setuptools
+  * Actually use the rpm subpackage definition
+  * The version is actually python3dist(nftables) = 0.1
+  * is noarch and requires libnftables1 through dlopen, tell
+    rpmlint
+  * remove unused shebang
+
+-------------------------------------------------------------------
+Thu Oct 19 23:42:57 UTC 2023 - Jan Engelhardt <jengelh@inai.de>
+
+- Update to release 1.0.9
+  * Custom conntrack timeouts can use time specification with
+    units other than seconds.
+  * Allow combination of dnat with numgen.
+  * Allow for using constants as key in dynamic sets.
+  * Support for matching on the target address of a IPv6 neighbour
+    solicitation/advertisement.
+  * Restore bitwise operations in combination with maps, e.g. jump
+    to chain depending on bitwise operation on packet mark.
+  * Fix crash with log prefix longer that 127 bytes.
+- Drop merged 0001-Revert-py-replace-distutils-with-setuptools.patch
+
 -------------------------------------------------------------------
 Fri Jul 14 11:56:43 UTC 2023 - Jan Engelhardt <jengelh@inai.de>

--- a/nftables.rpmlintrc
+++ b/nftables.rpmlintrc
@@ -0,0 +1,2 @@
+# dlopen of python package not recognized by rpm requirements generator
+addFilter("explicit-lib-dependency libnftables1")
--- a/nftables.spec
+++ b/nftables.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package nftables
 #
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -16,31 +16,40 @@
 #


+# configure subpackage rewriter for the python3XX-nftables bindings
+%define python_subpackage_only 1
+# check py/src/nftable.py:NFTABLES_VERSION
+%define pyversion 0.1
+
 Name:           nftables
-Version:        1.0.8
+Version:        1.1.1
 Release:        0
 Summary:        Userspace utility to access the nf_tables packet filter
 License:        GPL-2.0-only
 Group:          Productivity/Networking/Security
 URL:            https://netfilter.org/projects/nftables/
-
 #Git-Clone:	git://git.netfilter.org/nftables
 Source:         http://ftp.netfilter.org/pub/%name/%name-%version.tar.xz
 Source2:        http://ftp.netfilter.org/pub/%name/%name-%version.tar.xz.sig
 Source3:        %name.keyring
-Patch1:         0001-Revert-py-replace-distutils-with-setuptools.patch
+Source4:        nftables.rpmlintrc
+BuildRequires:  %{python_module pip}
+BuildRequires:  %{python_module setuptools}
+BuildRequires:  %{python_module wheel}
 BuildRequires:  asciidoc
 BuildRequires:  bison
+BuildRequires:  fdupes
 BuildRequires:  flex
 BuildRequires:  gmp-devel
 BuildRequires:  libtool
 BuildRequires:  pkg-config >= 0.21
-BuildRequires:  python3-base
+BuildRequires:  python-rpm-macros
 BuildRequires:  pkgconfig(jansson)
 BuildRequires:  pkgconfig(libedit)
 BuildRequires:  pkgconfig(libmnl) >= 1.0.4
-BuildRequires:  pkgconfig(libnftnl) >= 1.2.6
+BuildRequires:  pkgconfig(libnftnl) >= 1.2.8
 BuildRequires:  pkgconfig(xtables) >= 1.6.1
+%python_subpackages

 %description
 nf_tables is a firewalling mechanism in the Linux kernel, running
@@ -72,15 +81,20 @@ library.

 This package contains the header files for the library.

-%package -n python3-nftables
-Summary:        Python interface for nftables
+%package -n python-nftables
+Summary:        Python bindings for nftables
 Group:          Development/Languages/Python
+# uses dlopen
+Requires:       libnftables1
+BuildArch:      noarch

-%description -n python3-nftables
-A Python module for nftables.
+%description -n python-nftables
+Python bindings for nftables

 %prep
 %autosetup -p1
+# remove unused shebang
+sed -i '1{/bin/d}' py/src/nftables.py

 %build
 autoreconf -fi
@@ -95,16 +109,22 @@ pushd obj/
 	--enable-python --with-python-bin="$(which python3)"
 %make_build
 popd
+pushd py
+%pyproject_wheel
+popd

 %install
 b="%buildroot"
 %make_install -C obj
+pushd py
+%pyproject_install
+%python_expand %fdupes %buildroot/%{$python_sitelib}
+popd
 rm -f "%buildroot/%_libdir"/*.la
 mkdir -p "$b/%_docdir/%name/examples"
 mv -v "$b/%_datadir/nftables"/*.nft "$b/%_docdir/%name/examples/"

-%post   -n libnftables1 -p /sbin/ldconfig
-%postun -n libnftables1 -p /sbin/ldconfig
+%ldconfig_scriptlets -n libnftables1

 %files
 %license COPYING
@@ -123,7 +143,8 @@ mv -v "$b/%_datadir/nftables"/*.nft "$b/%_docdir/%name/examples/"
 %_libdir/pkgconfig/*.pc
 %_mandir/man3/*.3*

-%files -n python3-nftables
-%python3_sitelib/nftables*
+%files %{python_files nftables}
+%python_sitelib/nftables
+%python_sitelib/nftables-%pyversion.dist-info

 %changelog