Upgrading firewalld version to 2.3.2-spec file and change logs

_multibuild

@@ -0,0 +1,4 @@
+<multibuild>
+  <flavor>macros</flavor>
+</multibuild>
+

firewalld.changes

@@ -1,3 +1,64 @@
+-------------------------------------------------------------------
+Wed Jan 21 08:12:36 UTC 2026 - Rahul Jain <rahul.jain@suse.com>
+
+- Update to New Version 2.3.2
+* doc(policy): add examples to man page 
+* doc(policies): correct word is asymmetric 
+* fix(doc): dbus: remove links to nonexistent IDs 
+* fix(policy): allow forward ports with ingress zone and egress HOST 
+* fix(server): load firewall rules before claiming dbus 
+* fix(nftables): ipset: add entries from GLib loop when idle 
+* fix(systemd): Requires dbus 
+* fix(nftables): use current pkttype keywords 
+* fix(systemd): use ProtectHome=tmpfs 
+* fix(policy): allow-host-ipv6: allow MLD packets 
+* fix(icmpv6): validate router codes 
+* fix(icmpv6): validate neighbor codes 
+* fix(icmpv6): validate redirect codes 
+* docs(zone): update default zone target description to mention that ICMP is accepted 
+* docs(zone): grammar fixes 
+* docs(zone): mention that the ACCEPT target allows forwarding out of the zone 
+* docs(zone): remove references to specific zone names in description of target attribute 
+* docs: use US spelling of behavior 
+
+-------------------------------------------------------------------
+Tue Jan 13 09:19:34 UTC 2026 - Rahul Jain <rahul.jain@suse.com>
+
+- Update to New Version 2.3.0
+
+-------------------------------------------------------------------
+Mon Jan 12 07:17:12 UTC 2026 - Rahul Jain <rahul.jain@suse.com>
+
+-Update to New Version 2.3.0
+ It also includes all bug fixes since v2.3.0. 
+ * feat(policy): add disable flag 
+ * feat(client): policy: add disable flag 
+ * feat(cli): policy: add disable flag 
+ * feat(policy): increase maximum name length to 128 
+ * feat(cli): policy: support setting disable on sets 
+ * feat(policy): set: add gateway 
+
+-------------------------------------------------------------------
+Thu Jul 24 09:49:20 UTC 2025 - Ana Guerrero <ana.guerrero@suse.com>
+
+- Call autopoint when building against gettext-runtime 0.25 or
+  newer. (boo#1246967)
+
+-------------------------------------------------------------------
+Mon May 19 14:22:31 UTC 2025 - Clemens Famulla-Conrad <cfamullaconrad@suse.com>
+
+- Adding Python multiversion support, will enable firewalld pkg
+  to provide Python libraries compatible with all supported Python
+  versions.
+
+-------------------------------------------------------------------
+Wed Apr 30 11:57:21 UTC 2025 - Antonio Larrosa <alarrosa@suse.com>
+
+- Split the package to build the firewalld-rpmmacros subpackage in
+  a _multibuild flavor so that we can build it in Factory/i586 by
+  itself instead of building the whole package, which has more
+  dependencies (like python-PyQt6).
+
 -------------------------------------------------------------------
 Tue Apr 15 07:18:15 UTC 2025 - Antonio Larrosa <alarrosa@suse.com>
 

firewalld.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package firewalld
 #
-# Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2026 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -16,6 +16,25 @@
 #
 
 
+%{?sle15allpythons}
+%if 0%{?sle_version} >= 150500 && "%{?primary_python}XX" == "XX"
+# the macro sle15allpythons define pythons as "python3 python311"
+# on sles version >=15-SP5, but doesn't define the primary_python
+# version. As our python_expand flow need this, we define it by our
+# self. Once it is defined (as in tumbleweed), we don't need this
+# anymore.
+%define primary_python python3
+%endif
+
+%global flavor @BUILD_FLAVOR@%{nil}
+%if "%{flavor}" == "macros"
+%define pkg_suffix -macros
+%bcond_without macros
+%define pythons %primary_python
+%else
+%bcond_with macros
+%endif
+
 #Compat macro for new _fillupdir macro introduced in Nov 2017
 %if ! %{defined _fillupdir}
   %define _fillupdir %{_localstatedir}/adm/fillup-templates
@@ -26,8 +45,8 @@
 %endif
 %global modprobe_d_files firewalld-sysctls.conf
 
-Name:           firewalld
-Version:        2.1.2
+Name:           firewalld%{?pkg_suffix}
+Version:        2.3.2
 Release:        0
 Summary:        A firewall daemon with D-Bus interface providing a dynamic firewall
 License:        GPL-2.0-or-later
@@ -44,6 +63,7 @@ BuildRequires:  docbook-xsl-stylesheets
 # Adding tools to BuildRequires as well so they can be autodetected
 # Else the configure tool will set them to /bin/false
 BuildRequires:  fdupes
+BuildRequires:  %{python_module setuptools}
 BuildRequires:  ebtables
 BuildRequires:  gettext
 BuildRequires:  glib2-devel
@@ -53,7 +73,6 @@ BuildRequires:  intltool
 BuildRequires:  ipset
 BuildRequires:  iptables
 BuildRequires:  libxslt-tools
-BuildRequires:  python3-devel
 BuildRequires:  systemd-rpm-macros
 Recommends:     logrotate
 Obsoletes:      firewalld-prometheus-config < 0.2
@@ -61,27 +80,28 @@ Provides:       firewalld-prometheus-config = 0.2
 # Workaround: nftables seems to be a python3-nftables requirement,
 # not of firewalld.
 Requires:       nftables
-Requires:       python3-firewall = %{version}
+Requires:       python3-firewall = %{version}-%{release}
 Requires:       python3-gobject
 Requires:       python3-nftables
 Requires(post): %fillup_prereq
 Suggests:       susefirewall2-to-firewalld
 BuildArch:      noarch
 %{?systemd_ordering}
+%define python_subpackage_only 1
+%python_subpackages
 
 %description
 firewalld is a firewall service daemon that provides a dynamic customizable
 firewall with a D-Bus interface.
 
-%package -n python3-firewall
+%package -n python-firewall
 Summary:        Python3 bindings for FirewallD
 Group:          Productivity/Networking/Security
-Requires:       dbus-1-python3
-Requires:       python3-dbus-python
-Requires:       python3-decorator
-Requires:       python3-gobject
+Requires:       python-dbus-python
+Requires:       python-decorator
+Requires:       python-gobject
 
-%description -n python3-firewall
+%description -n python-firewall
 The python3 bindings for firewalld.
 
 %package -n firewall-macros
@@ -115,59 +135,103 @@ Requires:       python3-gobject-Gdk
 The firewall configuration application provides an configuration interface for
 firewalld.
 
-%package test
+%package -n %{name}-test
 Summary:        Firewalld testsuite
 Group:          Productivity/Networking/Security
 
-%description test
+%description -n %{name}-test
 This package provides the firewalld testsuite.
 
-%package bash-completion
+%package -n %{name}-bash-completion
 Summary:        Bash Completion for firewalld
 Group:          Productivity/Networking/Security
 Requires:       %{name} = %{version}-%{release}
 Requires:       bash-completion
 Supplements:    (%{name} and bash-completion)
 
-%description bash-completion
+%description -n %{name}-bash-completion
 Bash command line completion support for firewalld.
 
-%package zsh-completion
+%package -n %{name}-zsh-completion
 Summary:        Zsh Completion for firewalld
 Group:          Productivity/Networking/Security
 Requires:       %{name} = %{version}-%{release}
 Requires:       zsh
 Supplements:    (%{name} and zsh)
 
-%description zsh-completion
+%description -n %{name}-zsh-completion
 Zsh command line completion support for firewalld.
 
 %lang_package
 
 %prep
-%autosetup -p1
+%autosetup -p1 -n "firewalld-%{version}"
 
 # bsc#1078223
 rm config/services/high-availability.xml
 
-%build
-export PYTHON="%{_bindir}/python3"
-autoreconf -fiv
-%configure \
-  --enable-sysconfig \
-  --enable-rpmmacros \
-  --with-ifcfgdir="%{_sysconfdir}/sysconfig/network"
+%{python_expand # expanded-body:
+  mkdir -p %{_builddir}/${python_flavor}
+  cp -rp  %{_builddir}/firewalld-%{version} %{_builddir}/${python_flavor}
+}
 
-# Normally documentation is shipped but this will ensure that missing
-# files will be generated.
-%make_build
+%build
+
+%{python_expand # expanded-body:
+  pushd %{_builddir}/${python_flavor}/firewalld-%{version}
+  export PYTHON="%{_bindir}/$python"
+%if %{pkg_vcmp gettext-devel >= 0.25}
+# see https://lists.gnu.org/archive/html/bug-gettext/2025-06/msg00009.html
+  autopoint -f
+%endif
+  autoreconf -fiv
+  %configure \
+    --enable-sysconfig \
+%if 0%{with macros}
+    --enable-rpmmacros \
+%endif
+    --with-ifcfgdir="%{_sysconfdir}/sysconfig/network"
+
+%if 0%{without macros}
+  %make_build
+%endif
+  popd
+}
 
 %install
-%make_install
 
-%py3_compile %{buildroot}
+%if 0%{with macros}
+cd %{_builddir}/%{primary_python}/firewalld-%{version}/config
+%{__make} install-rpmmacros DESTDIR=%{?buildroot} INSTALL="%{__install} -p"
+exit 0
+%endif
+# without macros
 
-# remove files that shouldn't exist in the final rpms
+%{python_expand # expanded-body:
+  pushd %{_builddir}/${python_flavor}/%{name}-%{version}
+  export PYTHON="%{_bindir}/$python"
+
+  if [ "%{primary_python}XX" == "${python_flavor}XX" ]; then
+    %make_install
+  else
+    make install DESTDIR=%{buildroot}/${python_flavor}
+
+    if [ ! -d %{buildroot}/%{$python_sitelib}/firewall ]; then
+      mkdir -p %{buildroot}/%{$python_sitelib}
+      mv %{buildroot}/${python_flavor}/%{$python_sitelib}/firewall \
+           %{buildroot}/%{$python_sitelib}
+    fi
+
+    # We only needed the python sitelib files, delete others.
+    rm -rf %{buildroot}/${python_flavor}
+  fi
+  popd
+}
+
+%python_compileall
+
+# Compile firewalld/testsuite
+%py3_compile %{buildroot}%{_datadir}/%{name}
 rm -r %{buildroot}%{_datadir}/%{name}/__pycache__
 
 desktop-file-install --delete-original \
@@ -200,12 +264,10 @@ mv %{buildroot}%{_sysconfdir}/xdg/autostart/* %{buildroot}%{_distconfdir}/xdg/au
 mv %{buildroot}%{_sysconfdir}/logrotate.d/firewalld %{buildroot}%{_distconfdir}/logrotate.d/firewalld
 %endif
 
-%fdupes %{buildroot}%{python3_sitelib}
+%python_expand %fdupes %{buildroot}/%{$python_sitelib}/firewall
 
 %find_lang %{name} --all-name
 
-%python3_fix_shebang
-
 %pre
 %service_add_pre firewalld.service
 # Avoid restoring outdated stuff in posttrans
@@ -275,7 +337,8 @@ fi
 %{_bindir}/gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
 %{_bindir}/glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || :
 
-%files
+%if 0%{without macros}
+%files -n %{name}
 %doc README.md
 %license COPYING
 %{_sbindir}/firewalld
@@ -307,7 +370,6 @@ fi
 %dir %{_modprobedir}
 %{_modprobedir}/firewalld-sysctls.conf
 %config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf
-%config(noreplace) %{_sysconfdir}/firewalld/lockdown-whitelist.xml
 %if 0%{?suse_version} > 1550
 %{_distconfdir}/logrotate.d/firewalld
 %else
@@ -327,25 +389,22 @@ fi
 %{_mandir}/man1/firewalld*.1%{?ext_man}
 %{_mandir}/man5/firewall*.5%{?ext_man}
 
-%files -n python3-firewall
-%attr(0755,root,root) %dir %{python3_sitelib}/firewall
-%attr(0755,root,root) %dir %{python3_sitelib}/firewall/config
-%attr(0755,root,root) %dir %{python3_sitelib}/firewall/core
-%attr(0755,root,root) %dir %{python3_sitelib}/firewall/core/io
-%attr(0755,root,root) %dir %{python3_sitelib}/firewall/server
-%attr(0755,root,root) %{python3_sitelib}/firewall/__pycache__
-%attr(0755,root,root) %{python3_sitelib}/firewall/config/__pycache__
-%attr(0755,root,root) %{python3_sitelib}/firewall/core/__pycache__
-%attr(0755,root,root) %{python3_sitelib}/firewall/core/io/__pycache__
-%attr(0755,root,root) %{python3_sitelib}/firewall/server/__pycache__
-%{python3_sitelib}/firewall/*.py*
-%{python3_sitelib}/firewall/config/*.py*
-%{python3_sitelib}/firewall/server/*.py*
-%{python3_sitelib}/firewall/core/io/*.py*
-%{python3_sitelib}/firewall/core/*.py*
-
-%files -n firewall-macros
-%{_rpmmacrodir}/macros.firewalld
+%files %{python_files firewall}
+%attr(0755,root,root) %dir %{python_sitelib}/firewall
+%attr(0755,root,root) %dir %{python_sitelib}/firewall/config
+%attr(0755,root,root) %dir %{python_sitelib}/firewall/core
+%attr(0755,root,root) %dir %{python_sitelib}/firewall/core/io
+%attr(0755,root,root) %dir %{python_sitelib}/firewall/server
+%attr(0755,root,root) %{python_sitelib}/firewall/__pycache__
+%attr(0755,root,root) %{python_sitelib}/firewall/config/__pycache__
+%attr(0755,root,root) %{python_sitelib}/firewall/core/__pycache__
+%attr(0755,root,root) %{python_sitelib}/firewall/core/io/__pycache__
+%attr(0755,root,root) %{python_sitelib}/firewall/server/__pycache__
+%{python_sitelib}/firewall/*.py*
+%{python_sitelib}/firewall/config/*.py*
+%{python_sitelib}/firewall/server/*.py*
+%{python_sitelib}/firewall/core/io/*.py*
+%{python_sitelib}/firewall/core/*.py*
 
 %files -n firewall-applet
 %attr(0755,root,root) %{_bindir}/firewall-applet
@@ -366,12 +425,12 @@ fi
 %attr(0755,root,root) %{_datadir}/firewalld/gtk3_chooserbutton.py*
 %attr(0755,root,root) %{_datadir}/firewalld/gtk3_niceexpander.py*
 %{_datadir}/applications/firewall-config.desktop
-%{_datadir}/metainfo/firewall-config.appdata.xml
+%{_datadir}/metainfo/org.firewalld.firewall-config.metainfo.xml
 %{_datadir}/icons/hicolor/*/apps/firewall-config*.*
 %{_datadir}/glib-2.0/schemas/org.fedoraproject.FirewallConfig.gschema.xml
 %{_mandir}/man1/firewall-config*.1%{?ext_man}
 
-%files test
+%files -n %{name}-test
 %dir %{_datadir}/firewalld/testsuite
 %{_datadir}/firewalld/testsuite/README.md
 %{_datadir}/firewalld/testsuite/testsuite
@@ -381,15 +440,22 @@ fi
 %attr(0755,root,root) %{_datadir}/firewalld/testsuite/python/*.py
 %attr(0755,root,root) %{_datadir}/firewalld/testsuite/python/__pycache__
 
-%files bash-completion
+%files -n %{name}-bash-completion
 %dir %{_datadir}/bash-completion/completions
 %{_datadir}/bash-completion/completions/firewall-cmd
 
-%files zsh-completion
+%files -n %{name}-zsh-completion
 %dir %{_datadir}/zsh/site-functions
 %{_datadir}/zsh/site-functions/_firewalld
 
-%files lang -f %{name}.lang
+%files -n %{name}-lang -f %{name}.lang
 %exclude %{_datadir}/locale/en_*/LC_MESSAGES/firewalld.mo
 
+%else
+# with macros
+
+%files -n firewall-macros
+%{_rpmmacrodir}/macros.firewalld
+%endif
+
 %changelog