forked from jengelh/iptables
Accepting request 919462 from home:schubi2
- Use libalternatives instead of update-alternatives. OBS-URL: https://build.opensuse.org/request/show/919462 OBS-URL: https://build.opensuse.org/package/show/security:netfilter/iptables?expand=0&rev=144
This commit is contained in:
parent
60f05617fa
commit
2dd901f8a9
@ -1,3 +1,8 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 3 07:13:19 UTC 2021 - Stefan Schubert <schubi@suse.com>
|
||||
|
||||
- Use libalternatives instead of update-alternatives.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Jan 15 22:34:25 UTC 2021 - Jan Engelhardt <jengelh@inai.de>
|
||||
|
||||
|
129
iptables.spec
129
iptables.spec
@ -16,6 +16,12 @@
|
||||
#
|
||||
|
||||
|
||||
%if 0%{?suse_version} > 1500
|
||||
%bcond_without libalternatives
|
||||
%else
|
||||
%bcond_with libalternatives
|
||||
%endif
|
||||
|
||||
Name: iptables
|
||||
Version: 1.8.7
|
||||
Release: 0
|
||||
@ -43,8 +49,14 @@ BuildRequires: pkgconfig(libnfnetlink) >= 1.0.0
|
||||
BuildRequires: pkgconfig(libnftnl) >= 1.1.6
|
||||
Requires: netcfg >= 11.6
|
||||
Requires: xtables-plugins = %version-%release
|
||||
%if %{with libalternatives}
|
||||
Requires: alts
|
||||
Requires: libalternatives >= 1.2
|
||||
Requires(pre): update-alternatives
|
||||
%else
|
||||
Requires(post): update-alternatives
|
||||
Requires(postun): update-alternatives
|
||||
%endif
|
||||
# During the update to iptables 1.8, ip6tables-restore-translate, ip6tables-translate,
|
||||
# iptables-restore-translate and iptables-translate were moved from iptables-nft subpackage
|
||||
# (now iptables-backend-nft) to the main package so we need to add a conflict here otherwise
|
||||
@ -181,12 +193,74 @@ rm -f "$b/%_sysconfdir/ethertypes" # -> netcfg
|
||||
for i in iptables iptables-restore iptables-save ip6tables ip6tables-restore \
|
||||
ip6tables-save arptables arptables-restore arptables-save ebtables \
|
||||
ebtables-restore ebtables-save; do
|
||||
%if ! %{with libalternatives}
|
||||
ln -fsv "/etc/alternatives/$i" "$b/%_sbindir/$i"
|
||||
%else
|
||||
ln -fsv %{_bindir}/alts "$b/%_sbindir/$i"
|
||||
%endif
|
||||
done
|
||||
|
||||
%if 0%{?suse_version}
|
||||
%fdupes %buildroot/%_prefix
|
||||
%endif
|
||||
|
||||
%if %{with libalternatives}
|
||||
mkdir -p %{buildroot}%{_datadir}/libalternatives/iptables
|
||||
cat > %{buildroot}%{_datadir}/libalternatives/iptables/1.conf <<EOF
|
||||
binary=%{_sbindir}/xtables-legacy-multi
|
||||
group=iptables, ip6tables, ip6tables-restore, ip6tables-save, iptables-restore, iptables-save
|
||||
options=KeepArgv0
|
||||
EOF
|
||||
cat > %{buildroot}%{_datadir}/libalternatives/iptables/2.conf <<EOF
|
||||
binary=%{_sbindir}/xtables-nft-multi
|
||||
group=iptables, ip6tables, ip6tables-restore, ip6tables-save, iptables-restore, iptables-save
|
||||
options=KeepArgv0
|
||||
EOF
|
||||
mkdir -p %{buildroot}%{_datadir}/libalternatives/ip6tables
|
||||
cp %{buildroot}%{_datadir}/libalternatives/iptables/1.conf %{buildroot}%{_datadir}/libalternatives/ip6tables/1.conf
|
||||
cp %{buildroot}%{_datadir}/libalternatives/iptables/2.conf %{buildroot}%{_datadir}/libalternatives/ip6tables/2.conf
|
||||
mkdir -p %{buildroot}%{_datadir}/libalternatives/ip6tables-restore
|
||||
cp %{buildroot}%{_datadir}/libalternatives/iptables/1.conf %{buildroot}%{_datadir}/libalternatives/ip6tables-restore/1.conf
|
||||
cp %{buildroot}%{_datadir}/libalternatives/iptables/2.conf %{buildroot}%{_datadir}/libalternatives/ip6tables-restore/2.conf
|
||||
mkdir -p %{buildroot}%{_datadir}/libalternatives/ip6tables-save
|
||||
cp %{buildroot}%{_datadir}/libalternatives/iptables/1.conf %{buildroot}%{_datadir}/libalternatives/ip6tables-save/1.conf
|
||||
cp %{buildroot}%{_datadir}/libalternatives/iptables/2.conf %{buildroot}%{_datadir}/libalternatives/ip6tables-save/2.conf
|
||||
mkdir -p %{buildroot}%{_datadir}/libalternatives/iptables-restore
|
||||
cp %{buildroot}%{_datadir}/libalternatives/iptables/1.conf %{buildroot}%{_datadir}/libalternatives/iptables-restore/1.conf
|
||||
cp %{buildroot}%{_datadir}/libalternatives/iptables/2.conf %{buildroot}%{_datadir}/libalternatives/iptables-restore/2.conf
|
||||
mkdir -p %{buildroot}%{_datadir}/libalternatives/iptables-save
|
||||
cp %{buildroot}%{_datadir}/libalternatives/iptables/1.conf %{buildroot}%{_datadir}/libalternatives/iptables-save/1.conf
|
||||
cp %{buildroot}%{_datadir}/libalternatives/iptables/2.conf %{buildroot}%{_datadir}/libalternatives/iptables-save/2.conf
|
||||
|
||||
mkdir -p %{buildroot}%{_datadir}/libalternatives/arptables
|
||||
cat > %{buildroot}%{_datadir}/libalternatives/arptables/2.conf <<EOF
|
||||
binary=%{_sbindir}/xtables-nft-multi
|
||||
group=arptables, arptables-restore, arptables-save
|
||||
EOF
|
||||
mkdir -p %{buildroot}%{_datadir}/libalternatives/arptables-restore
|
||||
cp %{buildroot}%{_datadir}/libalternatives/arptables/2.conf %{buildroot}%{_datadir}/libalternatives/arptables-restore/2.conf
|
||||
mkdir -p %{buildroot}%{_datadir}/libalternatives/arptables-save
|
||||
cp %{buildroot}%{_datadir}/libalternatives/arptables/2.conf %{buildroot}%{_datadir}/libalternatives/arptables-save/2.conf
|
||||
|
||||
mkdir -p %{buildroot}%{_datadir}/libalternatives/ebtables
|
||||
cat > %{buildroot}%{_datadir}/libalternatives/ebtables/2.conf <<EOF
|
||||
binary=%{_sbindir}/xtables-nft-multi
|
||||
group=ebtables, ebtables-restore, ebtables-save
|
||||
EOF
|
||||
mkdir -p %{buildroot}%{_datadir}/libalternatives/ebtables-restore
|
||||
cp %{buildroot}%{_datadir}/libalternatives/ebtables/2.conf %{buildroot}%{_datadir}/libalternatives/ebtables-restore/2.conf
|
||||
mkdir -p %{buildroot}%{_datadir}/libalternatives/ebtables-save
|
||||
cp %{buildroot}%{_datadir}/libalternatives/ebtables/2.conf %{buildroot}%{_datadir}/libalternatives/ebtables-save/2.conf
|
||||
|
||||
%endif
|
||||
|
||||
%if %{with libalternatives}
|
||||
%pre
|
||||
# removing old update-alternatives entries
|
||||
if [ "$1" > 0 ] ; then
|
||||
update-alternatives --remove iptables "%_sbindir/xtables-legacy-multi"
|
||||
fi
|
||||
%else
|
||||
%post
|
||||
update-alternatives \
|
||||
--install "%_sbindir/iptables" iptables "%_sbindir/xtables-legacy-multi" 1 \
|
||||
@ -200,7 +274,17 @@ update-alternatives \
|
||||
if test "$1" = 0; then
|
||||
update-alternatives --remove iptables "%_sbindir/xtables-legacy-multi"
|
||||
fi
|
||||
%endif
|
||||
|
||||
%if %{with libalternatives}
|
||||
%pre backend-nft
|
||||
# removing old update-alternatives entries
|
||||
if test "$1" = 0; then
|
||||
update-alternatives --remove iptables "%_sbindir/xtables-nft-multi"
|
||||
update-alternatives --remove arptables "%_sbindir/xtables-nft-multi"
|
||||
update-alternatives --remove ebtables "%_sbindir/xtables-nft-multi"
|
||||
fi
|
||||
%else
|
||||
%post backend-nft
|
||||
update-alternatives \
|
||||
--install "%_sbindir/iptables" iptables "%_sbindir/xtables-nft-multi" 2 \
|
||||
@ -222,6 +306,7 @@ if test "$1" = 0; then
|
||||
update-alternatives --remove arptables "%_sbindir/xtables-nft-multi"
|
||||
update-alternatives --remove ebtables "%_sbindir/xtables-nft-multi"
|
||||
fi
|
||||
%endif
|
||||
|
||||
%post -n libipq0 -p /sbin/ldconfig
|
||||
%postun -n libipq0 -p /sbin/ldconfig
|
||||
@ -249,12 +334,28 @@ fi
|
||||
%_mandir/man1/*tables*
|
||||
%_mandir/man8/*tables*
|
||||
# backend-legacy (implicit)
|
||||
%if ! %{with libalternatives}
|
||||
%ghost %_sysconfdir/alternatives/iptables
|
||||
%ghost %_sysconfdir/alternatives/iptables-restore
|
||||
%ghost %_sysconfdir/alternatives/iptables-save
|
||||
%ghost %_sysconfdir/alternatives/ip6tables
|
||||
%ghost %_sysconfdir/alternatives/ip6tables-restore
|
||||
%ghost %_sysconfdir/alternatives/ip6tables-save
|
||||
%else
|
||||
%dir %{_datadir}/libalternatives
|
||||
%dir %{_datadir}/libalternatives/iptables
|
||||
%dir %{_datadir}/libalternatives/iptables-restore
|
||||
%dir %{_datadir}/libalternatives/iptables-save
|
||||
%dir %{_datadir}/libalternatives/ip6tables
|
||||
%dir %{_datadir}/libalternatives/ip6tables-restore
|
||||
%dir %{_datadir}/libalternatives/ip6tables-save
|
||||
%{_datadir}/libalternatives/iptables/1.conf
|
||||
%{_datadir}/libalternatives/iptables-restore/1.conf
|
||||
%{_datadir}/libalternatives/iptables-save/1.conf
|
||||
%{_datadir}/libalternatives/ip6tables/1.conf
|
||||
%{_datadir}/libalternatives/ip6tables-restore/1.conf
|
||||
%{_datadir}/libalternatives/ip6tables-save/1.conf
|
||||
%endif
|
||||
%_sbindir/iptables
|
||||
%_sbindir/iptables-restore
|
||||
%_sbindir/iptables-save
|
||||
@ -263,6 +364,7 @@ fi
|
||||
%_sbindir/ip6tables-save
|
||||
|
||||
%files backend-nft
|
||||
%if ! %{with libalternatives}
|
||||
%ghost %_sysconfdir/alternatives/iptables
|
||||
%ghost %_sysconfdir/alternatives/iptables-restore
|
||||
%ghost %_sysconfdir/alternatives/iptables-save
|
||||
@ -275,6 +377,33 @@ fi
|
||||
%ghost %_sysconfdir/alternatives/ebtables
|
||||
%ghost %_sysconfdir/alternatives/ebtables-restore
|
||||
%ghost %_sysconfdir/alternatives/ebtables-save
|
||||
%else
|
||||
%dir %{_datadir}/libalternatives
|
||||
%dir %{_datadir}/libalternatives/iptables
|
||||
%dir %{_datadir}/libalternatives/iptables-restore
|
||||
%dir %{_datadir}/libalternatives/iptables-save
|
||||
%dir %{_datadir}/libalternatives/ip6tables
|
||||
%dir %{_datadir}/libalternatives/ip6tables-restore
|
||||
%dir %{_datadir}/libalternatives/ip6tables-save
|
||||
%dir %{_datadir}/libalternatives/arptables
|
||||
%dir %{_datadir}/libalternatives/arptables-restore
|
||||
%dir %{_datadir}/libalternatives/arptables-save
|
||||
%dir %{_datadir}/libalternatives/ebtables
|
||||
%dir %{_datadir}/libalternatives/ebtables-restore
|
||||
%dir %{_datadir}/libalternatives/ebtables-save
|
||||
%{_datadir}/libalternatives/iptables/2.conf
|
||||
%{_datadir}/libalternatives/iptables-restore/2.conf
|
||||
%{_datadir}/libalternatives/iptables-save/2.conf
|
||||
%{_datadir}/libalternatives/ip6tables/2.conf
|
||||
%{_datadir}/libalternatives/ip6tables-restore/2.conf
|
||||
%{_datadir}/libalternatives/ip6tables-save/2.conf
|
||||
%{_datadir}/libalternatives/arptables/2.conf
|
||||
%{_datadir}/libalternatives/arptables-restore/2.conf
|
||||
%{_datadir}/libalternatives/arptables-save/2.conf
|
||||
%{_datadir}/libalternatives/ebtables/2.conf
|
||||
%{_datadir}/libalternatives/ebtables-restore/2.conf
|
||||
%{_datadir}/libalternatives/ebtables-save/2.conf
|
||||
%endif
|
||||
%_sbindir/iptables
|
||||
%_sbindir/iptables-restore
|
||||
%_sbindir/iptables-save
|
||||
|
Loading…
Reference in New Issue
Block a user