diff --git a/0001-src-firewall-core-Drop-unneeded-python-shebangs.patch b/0001-src-firewall-core-Drop-unneeded-python-shebangs.patch deleted file mode 100644 index 6a7debe..0000000 --- a/0001-src-firewall-core-Drop-unneeded-python-shebangs.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 705742816112dffefd3233f2c8dda7c845c6e8b3 Mon Sep 17 00:00:00 2001 -From: Markos Chandras -Date: Tue, 31 May 2016 10:08:28 +0100 -Subject: [PATCH] src: firewall: core: Drop unneeded python shebangs - -The fw_ifcfg and fw_nm files are not supposed to be executed as -standalone files but rather imported by the main firewalld code so drop -the python shebangs. This also fixes a warning when building firewalld -in openSUSE OBS: - -firewalld.noarch: W: non-executable-script -/usr/lib/python2.7/site-packages/firewall/core/fw_nm.py 644 /usr/bin/python -firewalld.noarch: W: non-executable-script -/usr/lib/python2.7/site-packages/firewall/core/fw_ifcfg.py 644 /usr/bin/python ---- - src/firewall/core/fw_ifcfg.py | 1 - - src/firewall/core/fw_nm.py | 1 - - 2 files changed, 2 deletions(-) - -diff --git a/src/firewall/core/fw_ifcfg.py b/src/firewall/core/fw_ifcfg.py -index 442a6cc..33794a7 100644 ---- a/src/firewall/core/fw_ifcfg.py -+++ b/src/firewall/core/fw_ifcfg.py -@@ -1,4 +1,3 @@ --#!/usr/bin/python - # -*- coding: utf-8 -*- - # - # Copyright (C) 2010-2016 Red Hat, Inc. -diff --git a/src/firewall/core/fw_nm.py b/src/firewall/core/fw_nm.py -index 38ef8fd..3df94c4 100644 ---- a/src/firewall/core/fw_nm.py -+++ b/src/firewall/core/fw_nm.py -@@ -1,4 +1,3 @@ --#!/usr/bin/python - # -*- coding: utf-8 -*- - # - # Copyright (C) 2010-2016 Red Hat, Inc. --- -2.8.3 - diff --git a/0002-firewall-core-fw_ifcfg-Quickly-return-if-ifcfg-direc.patch b/0002-firewall-core-fw_ifcfg-Quickly-return-if-ifcfg-direc.patch deleted file mode 100644 index 05ce74a..0000000 --- a/0002-firewall-core-fw_ifcfg-Quickly-return-if-ifcfg-direc.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 9ed2c18357d45f8ec1f11723a1d98377387c1039 Mon Sep 17 00:00:00 2001 -From: Markos Chandras -Date: Tue, 31 May 2016 11:14:06 +0100 -Subject: [PATCH] firewall: core: fw_ifcfg: Quickly return if ifcfg directory - does not exist - -It's possible for the ifcfg directory to be missing or named differently -so do not try to access it if it does not exist. This avoid warnings -during firewalld start up like the following one: - -ERROR: Calling post func (('', 'enp3s0')) failed: [Errno 2] No such file or -directory: '/etc/sysconfig/network-scripts' ---- - src/firewall/core/fw_ifcfg.py | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/src/firewall/core/fw_ifcfg.py b/src/firewall/core/fw_ifcfg.py -index 33794a7..0b049a6 100644 ---- a/src/firewall/core/fw_ifcfg.py -+++ b/src/firewall/core/fw_ifcfg.py -@@ -32,6 +32,10 @@ from firewall.core.io.ifcfg import ifcfg - def search_ifcfg_of_interface(interface): - """search ifcfg file for the interface in config.IFCFGDIR""" - -+ # Return quickly if config.IFCFGDIR does not exist -+ if not os.path.exists(config.IFCFGDIR): -+ return None -+ - filename = "%s/ifcfg-%s" % (config.IFCFGDIR, interface) - if os.path.exists(filename): - ifcfg_file = ifcfg(filename) --- -2.8.3 - diff --git a/0003-firewall.core.fw_nm-Hide-NM-typelib-import-new-nm_ge.patch b/0003-firewall.core.fw_nm-Hide-NM-typelib-import-new-nm_ge.patch deleted file mode 100644 index 90dc439..0000000 --- a/0003-firewall.core.fw_nm-Hide-NM-typelib-import-new-nm_ge.patch +++ /dev/null @@ -1,72 +0,0 @@ -From dbc30dd2dfee1b4b662aa997cee6a6cb59aa559f Mon Sep 17 00:00:00 2001 -From: Thomas Woerner -Date: Tue, 7 Jun 2016 16:19:20 +0200 -Subject: [PATCH] firewall.core.fw_nm: Hide NM typelib import, new - nm_get_dbus_interface function - -The typelib import of NM should not be added to __all__. The new function -nm_get_dbus_interface has been added to be able to add a signal receiver for -NetworkManager firewall-config and firewall-applet. - -Fixes: #119 ---- - src/firewall-applet | 2 +- - src/firewall-config | 2 +- - src/firewall/core/fw_nm.py | 9 +++++++-- - 3 files changed, 9 insertions(+), 4 deletions(-) - -diff --git a/src/firewall-applet b/src/firewall-applet -index a078df8..1cf4633 100755 ---- a/src/firewall-applet -+++ b/src/firewall-applet -@@ -550,7 +550,7 @@ class TrayApplet(QtGui.QSystemTrayIcon): - if nm_is_imported(): - self.bus.add_signal_receiver( - self.nm_signal_receiver, -- dbus_interface=NM.DBUS_INTERFACE, -+ dbus_interface=nm_get_dbus_interface(), - signal_name='PropertiesChanged', - member_keyword='member') - self.nm_signal_receiver() -diff --git a/src/firewall-config b/src/firewall-config -index b69c69f..e25b058 100755 ---- a/src/firewall-config -+++ b/src/firewall-config -@@ -1250,7 +1250,7 @@ class FirewallConfig(object): - if nm_is_imported(): - self.fw.bus.add_signal_receiver( - self.nm_signal_receiver, -- dbus_interface=NM.DBUS_INTERFACE, -+ dbus_interface=nm_get_dbus_interface(), - signal_name='PropertiesChanged', - member_keyword='member') - else: -diff --git a/src/firewall/core/fw_nm.py b/src/firewall/core/fw_nm.py -index 3df94c4..8a8043b 100644 ---- a/src/firewall/core/fw_nm.py -+++ b/src/firewall/core/fw_nm.py -@@ -21,10 +21,10 @@ - - """Functions for NetworkManager interaction""" - --__all__ = [ "NM", "check_nm_imported", "nm_is_imported", -+__all__ = [ "check_nm_imported", "nm_is_imported", - "nm_get_zone_of_connection", "nm_set_zone_of_connection", - "nm_get_connections", "nm_get_connection_of_interface", -- "nm_get_bus_name" ] -+ "nm_get_bus_name", "nm_get_dbus_interface" ] - - import gi - try: -@@ -164,3 +164,8 @@ def nm_get_bus_name(): - except Exception as msg: - log.debug2("Failed to get bus name of NetworkManager") - return None -+ -+def nm_get_dbus_interface(): -+ if not _nm_imported: -+ return "" -+ return NM.DBUS_INTERFACE --- -2.8.3 - diff --git a/_service b/_service deleted file mode 100644 index 518c23a..0000000 --- a/_service +++ /dev/null @@ -1,7 +0,0 @@ - - - firewalld-0.4.2.tar.bz2 - sha1 - d730129f592059ee97fc158861b44f8e7b201027 - - diff --git a/firewalld-0.4.2.tar.bz2 b/firewalld-0.4.2.tar.bz2 deleted file mode 100644 index f30dd43..0000000 --- a/firewalld-0.4.2.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:329e44b7d8de2400222d602d6c87c368865531ffe4004c392803dbe55717068e -size 649581 diff --git a/firewalld-0.4.3.tar.bz2 b/firewalld-0.4.3.tar.bz2 new file mode 100644 index 0000000..4c6f4a7 --- /dev/null +++ b/firewalld-0.4.3.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:853cc324f08a5daf60316bb9cdd5f27e899e17418d69d294adc9495755788c69 +size 666926 diff --git a/firewalld.changes b/firewalld.changes index e378040..96921fa 100644 --- a/firewalld.changes +++ b/firewalld.changes @@ -1,3 +1,63 @@ +------------------------------------------------------------------- +Wed Jun 22 14:15:29 UTC 2016 - mchandras@suse.de + +- Update to version 0.4.3 + * New firewallctl utility (RHBZ#1147959) + * doc.xml.seealso: Show firewalld.dbus in See Also sections + * firewall.core.fw_config: Create backup on zone, service, ipset and icmptype removal (RHBZ#1339251) + * {zone,service,ipset,icmptype}_writer: Do not fail on failed backup + * firewall-[offline-]cmd: Fix --new-X-from-file options for files in cwd + * firewall-cmd: Dropped duplicate setType call in --new-ipset + * radius service: Support also tcp ports (RBZ#1219717) + * xmlschemas: Support source-port, protocol, icmp-block-inversion and ipset sources + * config.xmlschema.service.xsd: Fix service destination conflicts (RHBZ#1296573) + * firewall-cmd, firewalld man: Information about new NetworkManager and ifcfg + * firewall.command: Only print summary and description in print_X_info with verbose + * firewall.command: print_msg should be able to print empty lines + * firewall-config: No processing of runtime passthroughs signals in permanent + * Landspace.io fixes and pylint calm downs + * firewall.core.io.zone: Add zone_reader and zone_writer to all, pylint fixes + * firewall-config: Fixed titles of command and context dialogs, also entry lenths + * firewall-config: pylint calm downs + * firewall.core.fw_zone: Fix use of MAC source in rich rules without ipv limit + * firewall-config: Use self.active_zoens in conf_zone_added_cb + * firewall.command: New parse_port, extended parse methods with more checks + * firewall.command: Fixed parse_port to use the separator in the split call + * firewall.command: New [de]activate_exception_handler, raise error in parse_X + * services ha: Allow corosync-qnetd port + * firewall-applet: Support for kde5-nm-connection-editor + * tests/firewall-offline-cmd_test.sh: New tests for service and icmptype modifications + * firewall-offline-cmd: Use FirewallCommand for simplification and sequence options + * tests/firewall-cmd_test.sh: New tests for service and icmptype modifications + * firewall-cmd: Fixed set, remove and query destination options for services + * firewall.core.io.service: Source ports have not been checked in _check_config + * firewall.core.fw_zone: Method check_source_port is not used, removed + * firewall.core.base: Added default to ZONE_TARGETS + * firewall.client: Allow to remove ipv:address pair for service destinations + * tests/firewall-offline-cmd_test.sh: There is no timeout option in permanent + * firewall-cmd: Landscape.io fixes, pylint calm downs + * firewall-cmd: Use FirewallCommand for simplification and sequence options + * firewall.command: New FirewallCommand for command line client simplification + * New services: kshell, rsh, ganglia-master, ganglia-client + * firewalld: Cleanup of unused imports, do not translate some deamon messages + * firewalld: With fd close interation in runProg, it is not needed here anymore + * firewall.core.prog: Add fd close iteration to runProg + * firewall.core.fw_nm: Hide NM typelib import, new nm_get_dbus_interface function + * firewalld.spec: Require NetworkManager-libnm instead of NetworkManager-glib + * firewall-config: New add/remove ipset entries from file, remove all entries + * firewall-applet: Fix tooltip after applet start with connection to firewalld + * firewall-config: Select new zone, service or icmptype if the view was empty + * firewalld.spec: Added build requires for iptables, ebtables and ipset + * Adding nf_conntrack_sip module to the service SIP + * firewall: core: fw_ifcfg: Quickly return if ifcfg directory does not exist + * Drop unneeded python shebangs + * Translation updates +- Add missing %{?_smp_mflags} during install. This will speed up + the installation phase as well as expose build system's problems + due to higher level of parallelism. +- Run make during %build to ensure missing documentation is generated. +- spec file cleanups. + ------------------------------------------------------------------- Wed Jun 8 08:10:11 UTC 2016 - mchandras@suse.de diff --git a/firewalld.spec b/firewalld.spec index e20bd19..481f1a2 100644 --- a/firewalld.spec +++ b/firewalld.spec @@ -17,22 +17,13 @@ Name: firewalld -Version: 0.4.2 +Version: 0.4.3 Release: 0 Summary: A firewall daemon with D-Bus interface providing a dynamic firewall License: GPL-2.0+ Group: Productivity/Networking/Security Url: http://www.firewalld.org Source: https://fedorahosted.org/released/%{name}/%{name}-%{version}.tar.bz2 -# PATCH-FIX-UPSTREAM: 0001-src-firewall-core-Drop-unneeded-python-shebangs.patch -# Drop python shebangs -Patch0: 0001-src-firewall-core-Drop-unneeded-python-shebangs.patch -# PATCH-FIX-UPSTREAM: 0002-firewall-core-fw_ifcfg-Quickly-return-if-ifcfg-direc.patch -# Do not access the ifcfg directory if it does not exist -Patch1: 0002-firewall-core-fw_ifcfg-Quickly-return-if-ifcfg-direc.patch -# PATCH-FIX-UPSTREAM: 0003-firewall.core.fw_nm-Hide-NM-typelib-import-new-nm_ge.patch -# Hide unneeded NM dependencies -Patch2: 0003-firewall.core.fw_nm-Hide-NM-typelib-import-new-nm_ge.patch BuildRequires: desktop-file-utils BuildRequires: docbook-xsl-stylesheets BuildRequires: gettext @@ -42,6 +33,7 @@ BuildRequires: hicolor-icon-theme BuildRequires: intltool BuildRequires: libxslt-tools BuildRequires: python-devel +BuildRequires: systemd-rpm-macros # Adding tools to BuildRequires as well so they can be autodetected # even though it is probably unlikely for paths to change in the future BuildRequires: ebtables @@ -59,7 +51,6 @@ Requires(post): %fillup_prereq Recommends: %{name}-lang Suggests: susefirewall2-to-firewalld BuildArch: noarch -BuildRequires: systemd-rpm-macros %description firewalld is a firewall service daemon that provides a dynamic customizable @@ -93,15 +84,16 @@ firewalld. %prep %setup -q -%patch0 -p1 -%patch1 -p1 -%patch2 -p1 %build %configure --enable-sysconfig --enable-rpmmacros +# Normally documentation is shipped but this will ensure that missing +# files will be generated. +make %{?_smp_mflags} + %install -make DESTDIR=%{buildroot} install +make %{?_smp_mflags} DESTDIR=%{buildroot} install %py_compile %{buildroot} @@ -123,6 +115,9 @@ ln -sf %{_sbindir}/service %{buildroot}/%{_sbindir}/rcfirewalld rm %{buildroot}%{_rpmconfigdir}/macros.d/macros.firewalld install -D -m644 config/macros.firewalld %{buildroot}%{_sysconfdir}/rpm/macros.firewalld +# Temporary fix for gh#t-woerner/firewalld#127 +cp doc/man/man1/firewallctl.1 %{buildroot}%{_mandir}/man1/ + %find_lang %{name} --all-name %pre @@ -178,6 +173,7 @@ fi %{_sbindir}/rcfirewalld %{_bindir}/firewall-cmd %{_bindir}/firewall-offline-cmd +%{_bindir}/firewallctl %dir %{_datadir}/bash-completion/completions %{_datadir}/bash-completion/completions/firewall-cmd %{_libexecdir}/firewalld/xmlschema/*.xsd @@ -219,6 +215,7 @@ fi %{python_sitelib}/firewall/server/*.py* %{_mandir}/man1/firewall*cmd*.1* %{_mandir}/man1/firewalld*.1* +%{_mandir}/man1/firewallctl*.1* %{_mandir}/man5/firewall*.5* %files -n firewall-applet @@ -231,6 +228,7 @@ fi %{_mandir}/man1/firewall-applet*.1* %files -n firewall-config +%defattr(-,root,root) %dir %{_datadir}/firewalld %defattr(0644,root,root) %attr(0755,root,root) %{_bindir}/firewall-config @@ -245,5 +243,6 @@ fi %{_mandir}/man1/firewall-config*.1* %files lang -f %{name}.lang +%defattr(-,root,root) %changelog