c78d02d87c
- Update to version 0.4.3 * New firewallctl utility (RHBZ#1147959) * doc.xml.seealso: Show firewalld.dbus in See Also sections * firewall.core.fw_config: Create backup on zone, service, ipset and icmptype removal (RHBZ#1339251) * {zone,service,ipset,icmptype}_writer: Do not fail on failed backup * firewall-[offline-]cmd: Fix --new-X-from-file options for files in cwd * firewall-cmd: Dropped duplicate setType call in --new-ipset * radius service: Support also tcp ports (RBZ#1219717) * xmlschemas: Support source-port, protocol, icmp-block-inversion and ipset sources * config.xmlschema.service.xsd: Fix service destination conflicts (RHBZ#1296573) * firewall-cmd, firewalld man: Information about new NetworkManager and ifcfg * firewall.command: Only print summary and description in print_X_info with verbose * firewall.command: print_msg should be able to print empty lines * firewall-config: No processing of runtime passthroughs signals in permanent * Landspace.io fixes and pylint calm downs * firewall.core.io.zone: Add zone_reader and zone_writer to all, pylint fixes * firewall-config: Fixed titles of command and context dialogs, also entry lenths * firewall-config: pylint calm downs * firewall.core.fw_zone: Fix use of MAC source in rich rules without ipv limit * firewall-config: Use self.active_zoens in conf_zone_added_cb * firewall.command: New parse_port, extended parse methods with more checks * firewall.command: Fixed parse_port to use the separator in the split call * firewall.command: New [de]activate_exception_handler, raise error in parse_X * services ha: Allow corosync-qnetd port * firewall-applet: Support for kde5-nm-connection-editor * tests/firewall-offline-cmd_test.sh: New tests for service and icmptype modifications * firewall-offline-cmd: Use FirewallCommand for simplification and sequence options * tests/firewall-cmd_test.sh: New tests for service and icmptype modifications * firewall-cmd: Fixed set, remove and query destination options for services * firewall.core.io.service: Source ports have not been checked in _check_config OBS-URL: https://build.opensuse.org/request/show/404198 OBS-URL: https://build.opensuse.org/package/show/security:netfilter/firewalld?expand=0&rev=21
249 lines
8.7 KiB
RPMSpec
249 lines
8.7 KiB
RPMSpec
#
|
|
# spec file for package firewalld
|
|
#
|
|
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
|
|
#
|
|
# All modifications and additions to the file contributed by third parties
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
# upon. The license for this file, and modifications and additions to the
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
# license for the pristine package is not an Open Source License, in which
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
# published by the Open Source Initiative.
|
|
|
|
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
|
#
|
|
|
|
|
|
Name: firewalld
|
|
Version: 0.4.3
|
|
Release: 0
|
|
Summary: A firewall daemon with D-Bus interface providing a dynamic firewall
|
|
License: GPL-2.0+
|
|
Group: Productivity/Networking/Security
|
|
Url: http://www.firewalld.org
|
|
Source: https://fedorahosted.org/released/%{name}/%{name}-%{version}.tar.bz2
|
|
BuildRequires: desktop-file-utils
|
|
BuildRequires: docbook-xsl-stylesheets
|
|
BuildRequires: gettext
|
|
BuildRequires: glib2-devel
|
|
BuildRequires: gobject-introspection
|
|
BuildRequires: hicolor-icon-theme
|
|
BuildRequires: intltool
|
|
BuildRequires: libxslt-tools
|
|
BuildRequires: python-devel
|
|
BuildRequires: systemd-rpm-macros
|
|
# Adding tools to BuildRequires as well so they can be autodetected
|
|
# even though it is probably unlikely for paths to change in the future
|
|
BuildRequires: ebtables
|
|
BuildRequires: ipset
|
|
BuildRequires: iptables
|
|
Requires: dbus-1-python
|
|
Requires: ebtables
|
|
Requires: ipset
|
|
Requires: iptables
|
|
Requires: python-decorator
|
|
Requires: python-gobject
|
|
Requires: python-slip-dbus
|
|
Requires: sysconfig
|
|
Requires(post): %fillup_prereq
|
|
Recommends: %{name}-lang
|
|
Suggests: susefirewall2-to-firewalld
|
|
BuildArch: noarch
|
|
|
|
%description
|
|
firewalld is a firewall service daemon that provides a dynamic customizable
|
|
firewall with a D-Bus interface.
|
|
|
|
%package -n firewall-applet
|
|
Summary: Firewall panel applet
|
|
Group: Productivity/Networking/Security
|
|
Requires: %{name} = %{version}-%{release}
|
|
Requires: firewall-config = %{version}-%{release}
|
|
Requires: hicolor-icon-theme
|
|
Requires: python-gobject
|
|
Requires: python-qt4
|
|
|
|
%description -n firewall-applet
|
|
The firewall panel applet provides a status information of firewalld and also
|
|
the firewall settings.
|
|
|
|
%package -n firewall-config
|
|
Summary: Firewall configuration application
|
|
Group: Productivity/Networking/Security
|
|
Requires: %{name} = %{version}-%{release}
|
|
Requires: hicolor-icon-theme
|
|
Requires: python-gobject
|
|
|
|
%description -n firewall-config
|
|
The firewall configuration application provides an configuration interface for
|
|
firewalld.
|
|
|
|
%lang_package
|
|
|
|
%prep
|
|
%setup -q
|
|
|
|
%build
|
|
%configure --enable-sysconfig --enable-rpmmacros
|
|
|
|
# Normally documentation is shipped but this will ensure that missing
|
|
# files will be generated.
|
|
make %{?_smp_mflags}
|
|
|
|
%install
|
|
make %{?_smp_mflags} DESTDIR=%{buildroot} install
|
|
|
|
%py_compile %{buildroot}
|
|
|
|
desktop-file-install --delete-original \
|
|
--dir %{buildroot}%{_sysconfdir}/xdg/autostart \
|
|
%{buildroot}%{_sysconfdir}/xdg/autostart/firewall-applet.desktop
|
|
|
|
desktop-file-install --delete-original \
|
|
--dir %{buildroot}%{_datadir}/applications \
|
|
%{buildroot}%{_datadir}/applications/firewall-config.desktop
|
|
|
|
# fillup_only will take care of that
|
|
%{_bindir}/install -c -D -m 600 %{buildroot}%{_sysconfdir}/sysconfig/firewalld %{buildroot}%{_localstatedir}/adm/fillup-templates/sysconfig.%{name}
|
|
rm %{buildroot}%{_sysconfdir}/sysconfig/firewalld
|
|
|
|
ln -sf %{_sbindir}/service %{buildroot}/%{_sbindir}/rcfirewalld
|
|
|
|
# Put RPM macros into /etc/rpm/
|
|
rm %{buildroot}%{_rpmconfigdir}/macros.d/macros.firewalld
|
|
install -D -m644 config/macros.firewalld %{buildroot}%{_sysconfdir}/rpm/macros.firewalld
|
|
|
|
# Temporary fix for gh#t-woerner/firewalld#127
|
|
cp doc/man/man1/firewallctl.1 %{buildroot}%{_mandir}/man1/
|
|
|
|
%find_lang %{name} --all-name
|
|
|
|
%pre
|
|
%service_add_pre firewalld.service
|
|
|
|
%post
|
|
%service_add_post firewalld.service
|
|
%fillup_only firewalld
|
|
|
|
%preun
|
|
%service_del_preun firewalld.service
|
|
|
|
%postun
|
|
# We might a have runtime configuration which we haven't
|
|
# made it permanent yet so restarting the service could be
|
|
# dangerous. It's safer to not touch the firewall ourselves but
|
|
# Let the user restart it whenever he feels like it.
|
|
export DISABLE_RESTART_ON_UPDATE=yes
|
|
%service_del_postun firewalld.service
|
|
|
|
%post -n firewall-applet
|
|
/bin/touch --no-create %{_datadir}/icons/hicolor &>/dev/null || :
|
|
|
|
%postun -n firewall-applet
|
|
if [ $1 -eq 0 ] ; then
|
|
/bin/touch --no-create %{_datadir}/icons/hicolor &>/dev/null
|
|
%{_bindir}/gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
|
|
%{_bindir}/glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || :
|
|
fi
|
|
|
|
%posttrans -n firewall-applet
|
|
%{_bindir}/gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
|
|
%{_bindir}/glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || :
|
|
|
|
%post -n firewall-config
|
|
/bin/touch --no-create %{_datadir}/icons/hicolor &>/dev/null || :
|
|
|
|
%postun -n firewall-config
|
|
if [ $1 -eq 0 ] ; then
|
|
/bin/touch --no-create %{_datadir}/icons/hicolor &>/dev/null
|
|
%{_bindir}/gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
|
|
%{_bindir}/glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || :
|
|
fi
|
|
|
|
%posttrans -n firewall-config
|
|
%{_bindir}/gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
|
|
%{_bindir}/glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || :
|
|
|
|
%files
|
|
%defattr(-,root,root)
|
|
%doc COPYING README
|
|
%{_sbindir}/firewalld
|
|
%{_sbindir}/rcfirewalld
|
|
%{_bindir}/firewall-cmd
|
|
%{_bindir}/firewall-offline-cmd
|
|
%{_bindir}/firewallctl
|
|
%dir %{_datadir}/bash-completion/completions
|
|
%{_datadir}/bash-completion/completions/firewall-cmd
|
|
%{_libexecdir}/firewalld/xmlschema/*.xsd
|
|
%{_libexecdir}/firewalld/xmlschema/check.sh
|
|
%{_libexecdir}/firewalld/icmptypes/*.xml
|
|
%{_libexecdir}/firewalld/ipsets/README
|
|
%{_libexecdir}/firewalld/services/*.xml
|
|
%{_libexecdir}/firewalld/zones/*.xml
|
|
%{_datadir}/polkit-1
|
|
%config %{_sysconfdir}/rpm/macros.firewalld
|
|
%dir %{_sysconfdir}/dbus-1
|
|
%dir %{_sysconfdir}/dbus-1/system.d
|
|
%attr(0750,root,root) %dir %{_libexecdir}/firewalld
|
|
%attr(0750,root,root) %dir %{_libexecdir}/firewalld/xmlschema
|
|
%attr(0750,root,root) %dir %{_libexecdir}/firewalld/icmptypes
|
|
%attr(0750,root,root) %dir %{_libexecdir}/firewalld/ipsets
|
|
%attr(0750,root,root) %dir %{_libexecdir}/firewalld/services
|
|
%attr(0750,root,root) %dir %{_libexecdir}/firewalld/zones
|
|
%attr(0750,root,root) %dir %{_sysconfdir}/firewalld
|
|
%attr(0750,root,root) %{_datadir}/firewalld/tests
|
|
%config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf
|
|
%config(noreplace) %{_sysconfdir}/firewalld/lockdown-whitelist.xml
|
|
%attr(0750,root,root) %dir %{_sysconfdir}/firewalld/icmptypes
|
|
%attr(0750,root,root) %dir %{_sysconfdir}/firewalld/services
|
|
%attr(0750,root,root) %dir %{_sysconfdir}/firewalld/zones
|
|
%defattr(0644,root,root)
|
|
%{_unitdir}/firewalld.service
|
|
%{_localstatedir}/adm/fillup-templates/sysconfig.%{name}
|
|
%config(noreplace) %{_sysconfdir}/dbus-1/system.d/FirewallD.conf
|
|
%attr(0755,root,root) %dir %{python_sitelib}/firewall
|
|
%attr(0755,root,root) %dir %{python_sitelib}/firewall/config
|
|
%attr(0755,root,root) %dir %{python_sitelib}/firewall/core
|
|
%attr(0755,root,root) %dir %{python_sitelib}/firewall/core/io
|
|
%attr(0755,root,root) %dir %{python_sitelib}/firewall/server
|
|
%{python_sitelib}/firewall/*.py*
|
|
%{python_sitelib}/firewall/config/*.py*
|
|
%{python_sitelib}/firewall/core/*.py*
|
|
%{python_sitelib}/firewall/core/io/*.py*
|
|
%{python_sitelib}/firewall/server/*.py*
|
|
%{_mandir}/man1/firewall*cmd*.1*
|
|
%{_mandir}/man1/firewalld*.1*
|
|
%{_mandir}/man1/firewallctl*.1*
|
|
%{_mandir}/man5/firewall*.5*
|
|
|
|
%files -n firewall-applet
|
|
%defattr(0644,root,root)
|
|
%attr(0755,root,root) %{_bindir}/firewall-applet
|
|
%dir %{_sysconfdir}/firewall
|
|
%config(noreplace) %{_sysconfdir}/firewall/applet.conf
|
|
%{_sysconfdir}/xdg/autostart/firewall-applet.desktop
|
|
%{_datadir}/icons/hicolor/*/apps/firewall-applet*.*
|
|
%{_mandir}/man1/firewall-applet*.1*
|
|
|
|
%files -n firewall-config
|
|
%defattr(-,root,root)
|
|
%dir %{_datadir}/firewalld
|
|
%defattr(0644,root,root)
|
|
%attr(0755,root,root) %{_bindir}/firewall-config
|
|
%{_datadir}/firewalld/firewall-config.glade
|
|
%attr(0755,root,root) %{_datadir}/firewalld/gtk3_chooserbutton.py*
|
|
%attr(0755,root,root) %{_datadir}/firewalld/gtk3_niceexpander.py*
|
|
%{_datadir}/applications/firewall-config.desktop
|
|
%dir %{_datadir}/appdata
|
|
%{_datadir}/appdata/firewall-config.appdata.xml
|
|
%{_datadir}/icons/hicolor/*/apps/firewall-config*.*
|
|
%{_datadir}/glib-2.0/schemas/org.fedoraproject.FirewallConfig.gschema.xml
|
|
%{_mandir}/man1/firewall-config*.1*
|
|
|
|
%files lang -f %{name}.lang
|
|
%defattr(-,root,root)
|
|
|
|
%changelog
|