diff --git a/afs3-bos.xml b/afs3-bos.xml
new file mode 100644
index 0000000..7e7ea53
--- /dev/null
+++ b/afs3-bos.xml
@@ -0,0 +1,6 @@
+
+
+ afs3-bos
+ OpenAFS basic overseer process (bosserver)
+
+
diff --git a/afs3-callback.xml b/afs3-callback.xml
new file mode 100644
index 0000000..05ae5a2
--- /dev/null
+++ b/afs3-callback.xml
@@ -0,0 +1,6 @@
+
+
+ afs3-callback
+ OpenAFS callbacks to cache managers (clients)
+
+
diff --git a/afs3-fileserver.xml b/afs3-fileserver.xml
new file mode 100644
index 0000000..46178d9
--- /dev/null
+++ b/afs3-fileserver.xml
@@ -0,0 +1,6 @@
+
+
+ afs3-fileserver
+ OpenAFS file server
+
+
diff --git a/afs3-prserver.xml b/afs3-prserver.xml
new file mode 100644
index 0000000..8c1de04
--- /dev/null
+++ b/afs3-prserver.xml
@@ -0,0 +1,6 @@
+
+
+ afs3-prserver
+ OpenAFS users and groups database
+
+
diff --git a/afs3-rmtsys.xml b/afs3-rmtsys.xml
new file mode 100644
index 0000000..2e9fb94
--- /dev/null
+++ b/afs3-rmtsys.xml
@@ -0,0 +1,6 @@
+
+
+ afs3-rmtsys
+ OpenAFS remote cache manager service
+
+
diff --git a/afs3-update.xml b/afs3-update.xml
new file mode 100644
index 0000000..98bcf6e
--- /dev/null
+++ b/afs3-update.xml
@@ -0,0 +1,6 @@
+
+
+ afs3-update
+ OpenAFS server-to-server updater
+
+
diff --git a/afs3-vlserver.xml b/afs3-vlserver.xml
new file mode 100644
index 0000000..cf7c181
--- /dev/null
+++ b/afs3-vlserver.xml
@@ -0,0 +1,6 @@
+
+
+ afs3-vlserver
+ OpenAFS volume location database (VLDB)
+
+
diff --git a/afs3-volser.xml b/afs3-volser.xml
new file mode 100644
index 0000000..467d031
--- /dev/null
+++ b/afs3-volser.xml
@@ -0,0 +1,6 @@
+
+
+ afs3-volser
+ OpenAFS volume managment server (volserver)
+
+
diff --git a/openafs-client.service.allow_unsupported b/openafs-client.service.allow_unsupported
new file mode 100644
index 0000000..7fa7951
--- /dev/null
+++ b/openafs-client.service.allow_unsupported
@@ -0,0 +1,21 @@
+[Unit]
+Description=OpenAFS Client
+Wants=network-online.target
+After=syslog.target network-online.target
+Before=remote-fs.target
+
+[Service]
+Type=forking
+RemainAfterExit=true
+EnvironmentFile=/etc/sysconfig/openafs-client
+ExecStartPre=/sbin/modprobe libafs --allow-unsupported
+ExecStart=/usr/sbin/afsd $AFSD_ARGS
+ExecStartPost=/usr/bin/fs sysname $SYSNAME
+ExecStartPost=/usr/bin/fs setcrypt $CRYPT
+ExecStop=/usr/bin/umount /afs
+ExecStop=/usr/sbin/afsd -shutdown
+ExecStop=/sbin/rmmod libafs
+KillMode=none
+
+[Install]
+WantedBy=multi-user.target remote-fs.target
diff --git a/openafs.changes b/openafs.changes
index a710646..79252a4 100644
--- a/openafs.changes
+++ b/openafs.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Mon Oct 12 15:15:08 UTC 2020 - Christof Hanke
+
+- add firewalld-configuration files
+- enable loading of unsupported kernel-module on SLES15
+
-------------------------------------------------------------------
Mon Aug 17 12:49:33 UTC 2020 - Christof Hanke
diff --git a/openafs.spec b/openafs.spec
index 6dc50ba..13c806f 100644
--- a/openafs.spec
+++ b/openafs.spec
@@ -87,12 +87,21 @@ Source18: RELNOTES-%{upstream_version}
Source19: ChangeLog
Source20: kernel-source.build-modules.sh
Source23: openafs-client.service
+Source24: openafs-client.service.allow_unsupported
Source25: openafs-server.service
Source26: openafs-fuse-client.service
Source27: sysconfig.openafs-client
Source28: sysconfig.openafs-server
Source29: sysconfig.openafs-fuse-client
Source30: preamble
+Source40: afs3-bos.xml
+Source41: afs3-callback.xml
+Source42: afs3-fileserver.xml
+Source43: afs3-prserver.xml
+Source44: afs3-rmtsys.xml
+Source45: afs3-update.xml
+Source46: afs3-vlserver.xml
+Source47: afs3-volser.xml
Source55: openafs.SuidCells
Source56: openafs.CellAlias
Source57: openafs.ThisCell
@@ -116,6 +125,7 @@ BuildRequires: automake
BuildRequires: bison
BuildRequires: coreutils
BuildRequires: fdupes
+BuildRequires: firewall-macros
BuildRequires: flex
BuildRequires: fuse-devel
BuildRequires: git
@@ -435,7 +445,11 @@ cp -a %{S:57} %{buildroot}/%{viceetcdir}/ThisCell
cp -a %{S:58} %{buildroot}/%{viceetcdir}/cacheinfo
cp -a src/afs/afszcm.cat %{buildroot}%{_datadir}/openafs/C
install -m 644 %{S:27} %{buildroot}/%{_fillupdir}/sysconfig.openafs-client
+%if 0%{?sle_version} > 150000
+install -m 644 %{S:24} %{buildroot}/%_unitdir/openafs-client.service
+%else
install -m 644 %{S:23} %{buildroot}/%_unitdir
+%endif
ln -s %{_sbindir}/service %{buildroot}/%{_sbindir}/rcopenafs-client
#
@@ -506,6 +520,18 @@ mv %{buildroot}/%{_libdir}/afs/* %{buildroot}/%{_libdir}/openafs
mv %{buildroot}/%{_libdir}/*.* %{buildroot}/%{_libdir}/openafs
rm -rf %{buildroot}/%{_libdir}/afs
+# firewalld
+
+mkdir -p %{buildroot}%{_prefix}/lib/firewalld/services/
+install -D -m 644 %{S:40} %{buildroot}%{_prefix}/lib/firewalld/services/
+install -D -m 644 %{S:41} %{buildroot}%{_prefix}/lib/firewalld/services/
+install -D -m 644 %{S:42} %{buildroot}%{_prefix}/lib/firewalld/services/
+install -D -m 644 %{S:43} %{buildroot}%{_prefix}/lib/firewalld/services/
+install -D -m 644 %{S:44} %{buildroot}%{_prefix}/lib/firewalld/services/
+install -D -m 644 %{S:45} %{buildroot}%{_prefix}/lib/firewalld/services/
+install -D -m 644 %{S:46} %{buildroot}%{_prefix}/lib/firewalld/services/
+install -D -m 644 %{S:47} %{buildroot}%{_prefix}/lib/firewalld/services/
+
#
# general cleanup
#
@@ -618,6 +644,7 @@ fi
/sbin/ldconfig
%{fillup_only -n openafs-client}
%service_add_post openafs-client.service
+%firewalld_reload
if [ "x$1" = "x" ]; then
my_operation=0
@@ -817,6 +844,10 @@ fi
%{_sbindir}/rcopenafs-client
%{_fillupdir}/sysconfig.openafs-client
%{vicecachedir}
+%dir %{_prefix}/lib/firewalld
+%dir %{_prefix}/lib/firewalld/services
+%{_prefix}/lib/firewalld/services/afs3-callback.xml
+%{_prefix}/lib/firewalld/services/afs3-rmtsys.xml
%files server
%defattr(-,root,root)
@@ -906,6 +937,14 @@ fi
%_unitdir/openafs-server.service
%{_sbindir}/rcopenafs-server
/%{_fillupdir}/sysconfig.openafs-server
+%dir %{_prefix}/lib/firewalld
+%dir %{_prefix}/lib/firewalld/services
+%{_prefix}/lib/firewalld/services/afs3-bos.xml
+%{_prefix}/lib/firewalld/services/afs3-fileserver.xml
+%{_prefix}/lib/firewalld/services/afs3-prserver.xml
+%{_prefix}/lib/firewalld/services/afs3-update.xml
+%{_prefix}/lib/firewalld/services/afs3-vlserver.xml
+%{_prefix}/lib/firewalld/services/afs3-volser.xml
%files devel
%defattr(-,root,root)