pool/ebtables
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 394008 from home:posophe:branches:security:netfilter

Browse Source 
add systemd support

OBS-URL: https://build.opensuse.org/request/show/394008
OBS-URL: https://build.opensuse.org/package/show/security:netfilter/ebtables?expand=0&rev=41
This commit is contained in:
Kristyna Streitova 2016-06-02 15:28:01 +00:00 committed by Git OBS Bridge
parent ae8fc77414
commit 8b3624a4e2
4 changed files with 144 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
ebtables.changes
View File

@ -1,3 +1,12 @@
-------------------------------------------------------------------
Fri May 6 10:43:55 UTC 2016 - p.drouand@gmail.com
- Add systemd support for openSUSE > 12.10
- Do not depend on fillup when building with sysvinit support; the
package doesn't provide any sysconfig file
- Change Requires(post) tag for Requires(pre); sysvinit must be
available before the package installation, according to the policy
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Apr 26 12:13:47 UTC 2016 - kstreitova@suse.com Tue Apr 26 12:13:47 UTC 2016 - kstreitova@suse.com

11
ebtables.service Normal file
View File

@ -0,0 +1,11 @@
[Unit]
Description=Ethernet Bridge Filtering tables
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/libexec/ebtables start
ExecStop=/usr/libexec/ebtables stop
[Install]
WantedBy=multi-user.target

51
ebtables.spec
View File

@ -25,6 +25,8 @@ Group: Productivity/Networking/Security
Url: http://ebtables.sf.net/ Url: http://ebtables.sf.net/
#Git-Clone: git://git.netfilter.org/ebtables #Git-Clone: git://git.netfilter.org/ebtables
Source: %{name}-v2.0.10-4.tar.xz Source: %{name}-v2.0.10-4.tar.xz
Source1: %{name}.service
Source2: %{name}.systemd
Patch0: %{name}-v2.0.8-makefile.diff Patch0: %{name}-v2.0.8-makefile.diff
Patch1: %{name}-v2.0.8-initscript.diff Patch1: %{name}-v2.0.8-initscript.diff
# PATCH-FIX-UPSTREAM bnc#934680 kstreitova@suse.com -- audit patch for CC certification # PATCH-FIX-UPSTREAM bnc#934680 kstreitova@suse.com -- audit patch for CC certification
@ -36,7 +38,14 @@ Patch4: include-linux-if.patch
BuildRequires: linux-glibc-devel >= 2.6.20 BuildRequires: linux-glibc-devel >= 2.6.20
BuildRequires: sed BuildRequires: sed
BuildRequires: xz BuildRequires: xz
Requires(post): %insserv_prereq %fillup_prereq %if 0%{?suse_version} > 1210
BuildRequires: systemd-rpm-macros
Requires(pre): %fillup_prereq
%{?systemd_requires}
%else
BuildRequires: sysvinit
Requires(pre): %insserv_prereq
%endif
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description %description
@ -88,26 +97,66 @@ make \
INITDIR="%{_sysconfdir}/init.d" \ INITDIR="%{_sysconfdir}/init.d" \
SYSCONFIGDIR="%{_sysconfdir}" \ SYSCONFIGDIR="%{_sysconfdir}" \
install install
%if 0%{?suse_version} > 1210
mkdir -p %{buildroot}/var/adm/fillup-templates
mkdir -p %{buildroot}%{_unitdir}
install -p %{SOURCE1} %{buildroot}%{_unitdir}/
chmod -x %{buildroot}%{_unitdir}/*.service
mkdir -p %{buildroot}%{_libexecdir}
install -m0755 %{SOURCE2} %{buildroot}%{_libexecdir}/ebtables
ln -s /usr/sbin/service %{buildroot}%{_sbindir}/rc%{name}
touch %{buildroot}/var/adm/fillup-templates/sysconfig.%{name}.filter
touch %{buildroot}/var/adm/fillup-templates/sysconfig.%{name}.nat
touch %{buildroot}/var/adm/fillup-templates/sysconfig.%{name}.broute
rm -rf %{buildroot}%{_initrddir}
%else
ln -sf "%{_initddir}/ebtables" "%{buildroot}/%{_sbindir}/rcebtables" ln -sf "%{_initddir}/ebtables" "%{buildroot}/%{_sbindir}/rcebtables"
%endif
# not used # not used
rm -f "%{buildroot}/%{_sysconfdir}/ebtables-config" rm -f "%{buildroot}/%{_sysconfdir}/ebtables-config"
%if 0%{?suse_version} > 1210
%pre
%service_add_pre %{name}.service
%endif
%post %post
%if 0%{?suse_version} > 1210
%service_add_post %{name}.service
%fillup_only
%else
%fillup_and_insserv ebtables %fillup_and_insserv ebtables
%endif
%preun %preun
%if 0%{?suse_version} > 1210
%service_del_preun %{name}.service
%else
%stop_on_removal ebtables %stop_on_removal ebtables
%endif
%postun %postun
%if 0%{?suse_version} > 1210
%service_del_postun %{name}.service
%else
%restart_on_update ebtables %restart_on_update ebtables
%insserv_cleanup %insserv_cleanup
%endif
%files %files
%defattr(-,root,root) %defattr(-,root,root)
%doc COPYING ChangeLog %doc COPYING ChangeLog
%{_mandir}/man8/ebtables.8* %{_mandir}/man8/ebtables.8*
%config(noreplace) %{_sysconfdir}/ethertypes %config(noreplace) %{_sysconfdir}/ethertypes
%if 0%{?suse_version} > 1210
%{_libexecdir}/%{name}
%{_unitdir}/%{name}.service
%ghost /var/adm/fillup-templates/sysconfig.%{name}.filter
%ghost /var/adm/fillup-templates/sysconfig.%{name}.nat
%ghost /var/adm/fillup-templates/sysconfig.%{name}.broute
%else
%{_initddir}/ebtables %{_initddir}/ebtables
%endif
%dir %{_libdir}/%{name} %dir %{_libdir}/%{name}
%{_libdir}/%{name}/*.so %{_libdir}/%{name}/*.so
%{_sbindir}/ebtables %{_sbindir}/ebtables

74
ebtables.systemd Normal file
View File

@ -0,0 +1,74 @@
#!/bin/bash
RETVAL=0
initialize() {
# Initialize $TYPE tables
echo -n $" $TYPE tables: "
if [ -r /etc/sysconfig/ebtables.$TYPE ]; then
/sbin/ebtables -t $TYPE --atomic-file /etc/sysconfig/ebtables.$TYPE --atomic-commit > /dev/null || RETVAL=1
else
echo -n "not configured"
fi
if [ $RETVAL -eq 0 ]; then
echo -n $"[ OK ]"
echo -ne "\r"
else
echo -n $"[FAILED]"
echo -ne "\r"
fi
}
case $1 in
start)
# Initialize filter tables
TYPE=filter
initialize
# Initialize NAT tables
echo
TYPE=nat
initialize
# Initialize broute tables
echo
TYPE=broute
initialize
;;
stop)
/sbin/ebtables -t filter --init-table || RETVAL=1
/sbin/ebtables -t nat --init-table || RETVAL=1
/sbin/ebtables -t broute --init-table || RETVAL=1
for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -f1 -d' ') ebtables; do
/sbin/rmmod $mod || RETVAL=1
done
if [ $RETVAL -eq 0 ]; then
echo -n $"[ OK ]"
echo -ne "\r"
else
echo -n $"[FAILED]"
echo -ne "\r"
fi
;;
save)
echo -n $"Saving Ethernet bridge filtering (ebtables): "
/sbin/ebtables -t filter --atomic-file /etc/sysconfig/ebtables.filter --atomic-save || RETVAL=1
/sbin/ebtables -t nat --atomic-file /etc/sysconfig/ebtables.nat --atomic-save || RETVAL=1
/sbin/ebtables -t broute --atomic-file /etc/sysconfig/ebtables.broute --atomic-save || RETVAL=1
if [ $RETVAL -eq 0 ]; then
echo -n $"[ OK ]"
echo -ne "\r"
else
echo -n $"[FAILED]"
echo -ne "\r"
fi
;;
*)
echo "usage: ${0##*/} {start|stop|save}" >&2
exit 1
;;
esac
# vim:set ts=2 sw=2 ft=sh et: