diff options
author | Ian Whyman <thev00d00@gentoo.org> | 2012-06-13 21:14:52 +0000 |
---|---|---|
committer | Ian Whyman <thev00d00@gentoo.org> | 2012-06-13 21:14:52 +0000 |
commit | 8c4f5c8fb2b9a2298d57af140544914d056b19b2 (patch) | |
tree | 37c69062c6084d8854088d9c9e5d3a6d37c8ca93 /net-firewall/ufw | |
parent | Version bump and tidy old version, thanks to Sławomir Nizio (diff) | |
download | gentoo-2-8c4f5c8fb2b9a2298d57af140544914d056b19b2.tar.gz gentoo-2-8c4f5c8fb2b9a2298d57af140544914d056b19b2.tar.bz2 gentoo-2-8c4f5c8fb2b9a2298d57af140544914d056b19b2.zip |
Version bump, portability fix in init script, thanks Sławomir Nizio.
(Portage version: 2.2.0_alpha110/cvs/Linux x86_64)
Diffstat (limited to 'net-firewall/ufw')
-rw-r--r-- | net-firewall/ufw/ChangeLog | 9 | ||||
-rw-r--r-- | net-firewall/ufw/files/ufw-0.31.1-move-path.patch | 177 | ||||
-rw-r--r-- | net-firewall/ufw/files/ufw-0.31.1-python-abis.patch | 42 | ||||
-rw-r--r-- | net-firewall/ufw/files/ufw-2.initd | 8 | ||||
-rw-r--r-- | net-firewall/ufw/ufw-0.31.1.ebuild | 118 |
5 files changed, 349 insertions, 5 deletions
diff --git a/net-firewall/ufw/ChangeLog b/net-firewall/ufw/ChangeLog index d9fd0120c96b..8c02887451df 100644 --- a/net-firewall/ufw/ChangeLog +++ b/net-firewall/ufw/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for net-firewall/ufw # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/ufw/ChangeLog,v 1.5 2012/02/28 11:42:22 scarabeus Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-firewall/ufw/ChangeLog,v 1.6 2012/06/13 21:14:52 thev00d00 Exp $ + +*ufw-0.31.1 (13 Jun 2012) + + 13 Jun 2012; Ian Whyman <thev00d00@gentoo.org> +ufw-0.31.1.ebuild, + +files/ufw-0.31.1-move-path.patch, +files/ufw-0.31.1-python-abis.patch, + files/ufw-2.initd: + Version bump, portability fix in init script, thanks Sławomir Nizio. *ufw-0.30.1-r4 (28 Feb 2012) diff --git a/net-firewall/ufw/files/ufw-0.31.1-move-path.patch b/net-firewall/ufw/files/ufw-0.31.1-move-path.patch new file mode 100644 index 000000000000..24d00ea68ccd --- /dev/null +++ b/net-firewall/ufw/files/ufw-0.31.1-move-path.patch @@ -0,0 +1,177 @@ +diff -Naur ufw-0.31.orig/doc/ufw-framework.8 ufw-0.31/doc/ufw-framework.8 +--- ufw-0.31.orig/doc/ufw-framework.8 2012-03-10 00:07:11.000000000 +0100 ++++ ufw-0.31/doc/ufw-framework.8 2012-03-12 16:55:50.680992962 +0100 +@@ -18,7 +18,7 @@ + parameters and configuration of IPv6. The framework consists of the following + files: + .TP +-#STATE_PREFIX#/ufw\-init ++#SHARE_DIR#/ufw\-init + initialization script + .TP + #CONFIG_PREFIX#/ufw/before[6].rules +@@ -41,7 +41,7 @@ + + .SH "BOOT INITIALIZATION" + .PP +-\fBufw\fR is started on boot with #STATE_PREFIX#/ufw\-init. This script is a ++\fBufw\fR is started on boot with #SHARE_DIR#/ufw\-init. This script is a + standard SysV style initscript used by the \fBufw\fR command and should not be + modified. It supports the following arguments: + .TP +diff -Naur ufw-0.31.orig/README ufw-0.31/README +--- ufw-0.31.orig/README 2012-03-10 00:07:11.000000000 +0100 ++++ ufw-0.31/README 2012-03-12 16:55:50.681993089 +0100 +@@ -58,7 +58,7 @@ + on your needs, this can be as simple as adding the following to a startup + script (eg rc.local for systems that use it): + +-# /lib/ufw/ufw-init start ++# /usr/share/ufw/ufw-init start + + For systems that use SysV initscripts, an example script is provided in + doc/initscript.example. See doc/upstart.example for an Upstart example. Consult +@@ -72,9 +72,9 @@ + /etc/defaults/ufw high level configuration + /etc/ufw/before[6].rules rules evaluated before UI added rules + /etc/ufw/after[6].rules rules evaluated after UI added rules +-/lib/ufw/user[6].rules UI added rules (not to be modified) ++/etc/ufw/user/user[6].rules UI added rules (not to be modified) + /etc/ufw/sysctl.conf kernel network tunables +-/lib/ufw/ufw-init start script ++/usr/share/ufw/ufw-init start script + + + Usage +@@ -149,7 +149,7 @@ + that the primary chains don't move around other non-ufw rules and chains. To + completely flush the built-in chains with this configuration, you can use: + +-# /lib/ufw/ufw-init flush-all ++# /usr/share/ufw/ufw-init flush-all + + Alternately, ufw may also take full control of the firewall by setting + MANAGE_BUILTINS=yes in /etc/defaults/ufw. This will flush all the built-in +@@ -247,7 +247,7 @@ + + Remote Management + ----------------- +-On /lib/ufw/ufw-init start and 'ufw enable' the chains are flushed, so ++On /usr/share/ufw/ufw-init start and 'ufw enable' the chains are flushed, so + ssh may drop. This is needed so ufw is in a consistent state. Once the ufw is + 'enabled' it will insert rules into the existing chains, and therefore not + flush the chains (but will when modifying a rule or changing the default +@@ -290,7 +290,7 @@ + + Distributions + ------------- +-While it certainly ok to use /lib/ufw/ufw-init as the initscript for ++While it certainly ok to use /usr/share/ufw/ufw-init as the initscript for + ufw, this script is meant to be used by ufw itself, and therefore not + particularly user friendly. See doc/initscript.example for a simple + implementation that can be adapted to your distribution. +diff -Naur ufw-0.31.orig/setup.py ufw-0.31/setup.py +--- ufw-0.31.orig/setup.py 2012-03-10 00:07:11.000000000 +0100 ++++ ufw-0.31/setup.py 2012-03-12 16:55:50.682993216 +0100 +@@ -54,7 +54,8 @@ + return + + real_confdir = os.path.join('/etc') +- real_statedir = os.path.join('/lib', 'ufw') ++ # real_statedir = os.path.join('/lib', 'ufw') ++ real_statedir = os.path.join('/etc', 'ufw', 'user') + real_prefix = self.prefix + if self.home != None: + real_confdir = self.home + real_confdir +@@ -116,7 +117,7 @@ + self.copy_file('doc/ufw.8', manpage) + self.copy_file('doc/ufw-framework.8', manpage_f) + +- # Install state files and helper scripts ++ # Install state files + statedir = real_statedir + if self.root != None: + statedir = self.root + real_statedir +@@ -127,8 +128,14 @@ + self.copy_file('conf/user.rules', user_rules) + self.copy_file('conf/user6.rules', user6_rules) + +- init_helper = os.path.join(statedir, 'ufw-init') +- init_helper_functions = os.path.join(statedir, 'ufw-init-functions') ++ # Install helper scripts ++ sharedir = real_sharedir ++ if self.root != None: ++ sharedir = self.root + real_sharedir ++ self.mkpath(sharedir) ++ ++ init_helper = os.path.join(sharedir, 'ufw-init') ++ init_helper_functions = os.path.join(sharedir, 'ufw-init-functions') + self.copy_file('src/ufw-init', init_helper) + self.copy_file('src/ufw-init-functions', init_helper_functions) + +@@ -199,13 +206,18 @@ + + subprocess.call(["sed", + "-i", ++ "s%#SHARE_DIR#%" + real_sharedir + "%g", ++ file]) ++ ++ subprocess.call(["sed", ++ "-i", + "s%#VERSION#%" + ufw_version + "%g", + file]) + + # Install pristine copies of rules files +- sharedir = real_sharedir +- if self.root != None: +- sharedir = self.root + real_sharedir ++ #sharedir = real_sharedir ++ #if self.root != None: ++ # sharedir = self.root + real_sharedir + rulesdir = os.path.join(sharedir, 'iptables') + self.mkpath(rulesdir) + for file in [ before_rules, after_rules, \ +diff -Naur ufw-0.31.orig/src/backend_iptables.py ufw-0.31/src/backend_iptables.py +--- ufw-0.31.orig/src/backend_iptables.py 2012-03-10 00:07:11.000000000 +0100 ++++ ufw-0.31/src/backend_iptables.py 2012-03-12 16:58:36.879115890 +0100 +@@ -22,7 +22,7 @@ + import sys + import time + +-from ufw.common import UFWError, UFWRule, config_dir, state_dir ++from ufw.common import UFWError, UFWRule, config_dir, state_dir, share_dir + from ufw.util import warn, debug, msg, cmd, cmd_pipe + import ufw.backend + +@@ -40,7 +40,7 @@ + files['rules6'] = os.path.join(state_dir, 'user6.rules') + files['before6_rules'] = os.path.join(config_dir, 'ufw/before6.rules') + files['after6_rules'] = os.path.join(config_dir, 'ufw/after6.rules') +- files['init'] = os.path.join(state_dir, 'ufw-init') ++ files['init'] = os.path.join(share_dir, 'ufw-init') + + ufw.backend.UFWBackend.__init__(self, "iptables", dryrun, files) + +diff -Naur ufw-0.31.orig/src/ufw-init ufw-0.31/src/ufw-init +--- ufw-0.31.orig/src/ufw-init 2012-03-10 00:07:11.000000000 +0100 ++++ ufw-0.31/src/ufw-init 2012-03-12 16:55:50.687993851 +0100 +@@ -18,8 +18,8 @@ + # + set -e + +-if [ -s "#STATE_PREFIX#/ufw-init-functions" ]; then +- . "#STATE_PREFIX#/ufw-init-functions" ++if [ -s "#SHARE_DIR#/ufw-init-functions" ]; then ++ . "#SHARE_DIR#/ufw-init-functions" + else + echo "Could not find $s (aborting)" + exit 1 +@@ -56,7 +56,7 @@ + flush_builtins || exit "$?" + ;; + *) +- echo "Usage: #STATE_PREFIX#/ufw-init {start|stop|restart|force-reload|force-stop|flush-all|status}" ++ echo "Usage: #SHARE_DIR#/ufw-init {start|stop|restart|force-reload|force-stop|flush-all|status}" + exit 1 + ;; + esac diff --git a/net-firewall/ufw/files/ufw-0.31.1-python-abis.patch b/net-firewall/ufw/files/ufw-0.31.1-python-abis.patch new file mode 100644 index 000000000000..2c04284ad50c --- /dev/null +++ b/net-firewall/ufw/files/ufw-0.31.1-python-abis.patch @@ -0,0 +1,42 @@ +This patch fixes issues during package build with ebuild supporting +installation for Python versions: sed substitutions in common.py and location +of ufw script in Python ABIs which have prefix different than /usr. +Also makes .mo files not to be installed in wrong paths. + +More info about the first issue: +with support for multiple Python versions in the ebuild, seems the +file isn't copied from staging/ to build-*/lib/ufw/ after being +modified. That's why the copy needs to be done "manually" here. +The issue occurs with "setup.py build -b build-XXX" followed by +"setup.py build -b build-XXX install". + +probably related: https://bugs.launchpad.net/ufw/+bug/819600 +--- setup.py ++++ setup.py +@@ -90,6 +90,8 @@ + "-i", + "s%#SHARE_DIR#%" + real_sharedir + "%g", + os.path.join('staging', file)]) ++ self.copy_file(os.path.join('staging', file), ++ os.path.join(self.build_base, "lib", "ufw")) + + # Now byte-compile everything + super(Install, self).run() +@@ -99,7 +101,8 @@ + if self.root != None: + prefix = self.root + real_prefix + +- script = os.path.join(prefix, 'sbin', 'ufw') ++ # PyPy (and Jython?) has different prefix. Without the change the binary would end up in a wrong path. ++ script = os.path.join(self.root, 'usr', 'sbin', 'ufw') + manpage = os.path.join(prefix, 'share', 'man', 'man8', 'ufw.8') + manpage_f = os.path.join(prefix, 'share', 'man', 'man8', \ + 'ufw-framework.8') +@@ -147,7 +150,6 @@ + self.mkpath(i18ndir) + if len(os.listdir('locales/mo')) == 0: + subprocess.call(["make", "mo"]) +- self.copy_tree('locales/mo', i18ndir) + + # Install configuration files + confdir = real_confdir diff --git a/net-firewall/ufw/files/ufw-2.initd b/net-firewall/ufw/files/ufw-2.initd index 79e9fc682289..1ffd1c596c92 100644 --- a/net-firewall/ufw/files/ufw-2.initd +++ b/net-firewall/ufw/files/ufw-2.initd @@ -1,7 +1,7 @@ #!/sbin/runscript -# Copyright 1999-2011 Gentoo Foundation +# Copyright 1999-2012 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/ufw/files/ufw-2.initd,v 1.1 2011/07/24 11:18:22 pva Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-firewall/ufw/files/ufw-2.initd,v 1.2 2012/06/13 21:14:52 thev00d00 Exp $ depend() { before net @@ -99,7 +99,7 @@ _source_file() { fi local _path=$PATH - if ! source "$sourced_f"; then + if ! . "$sourced_f"; then # PATH can be broken here, fix it... PATH=$_path eerror "Error sourcing file $sourced_f" @@ -124,7 +124,7 @@ _check_if_enabled_in_cfg() { return 2 fi - if ! source "$sourced_f"; then + if ! . "$sourced_f"; then eerror "Error sourcing file $sourced_f" return 2 fi diff --git a/net-firewall/ufw/ufw-0.31.1.ebuild b/net-firewall/ufw/ufw-0.31.1.ebuild new file mode 100644 index 000000000000..7548a8a40ffe --- /dev/null +++ b/net-firewall/ufw/ufw-0.31.1.ebuild @@ -0,0 +1,118 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-firewall/ufw/ufw-0.31.1.ebuild,v 1.1 2012/06/13 21:14:52 thev00d00 Exp $ + +EAPI=4 +PYTHON_DEPEND="2:2.5" +SUPPORT_PYTHON_ABIS="1" +RESTRICT_PYTHON_ABIS="3.* *-jython" + +inherit versionator bash-completion-r1 eutils linux-info distutils + +MY_PV_12=$(get_version_component_range 1-2) +DESCRIPTION="A program used to manage a netfilter firewall" +HOMEPAGE="http://launchpad.net/ufw" +SRC_URI="http://launchpad.net/ufw/${MY_PV_12}/${PV}/+download/${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="examples ipv6" + +DEPEND="sys-devel/gettext" +RDEPEND=">=net-firewall/iptables-1.4[ipv6?] + !<kde-misc/kcm-ufw-0.4.2 + !<net-firewall/ufw-frontends-0.3.2 +" + +# tests fail; upstream bug: https://bugs.launchpad.net/ufw/+bug/815982 +RESTRICT="test" + +pkg_pretend() { + local CONFIG_CHECK="~PROC_FS ~NETFILTER_XT_MATCH_COMMENT ~IP6_NF_MATCH_HL + ~NETFILTER_XT_MATCH_LIMIT ~NETFILTER_XT_MATCH_MULTIPORT + ~NETFILTER_XT_MATCH_RECENT ~NETFILTER_XT_MATCH_STATE" + + if kernel_is -ge 2 6 39; then + CONFIG_CHECK+=" ~NETFILTER_XT_MATCH_ADDRTYPE" + else + CONFIG_CHECK+=" ~IP_NF_MATCH_ADDRTYPE" + fi + + check_extra_config +} + +src_prepare() { + # Allow to remove unnecessary build time dependency + # on net-firewall/iptables. + epatch "${FILESDIR}"/${PN}-dont-check-iptables.patch + # Move files away from /lib/ufw. + epatch "${FILESDIR}"/${P}-move-path.patch + # Contains fixes related to SUPPORT_PYTHON_ABIS="1" (see comment in the + # file). + epatch "${FILESDIR}"/${P}-python-abis.patch + + # Set as enabled by default. User can enable or disable + # the service by adding or removing it to/from a runlevel. + sed -i 's/^ENABLED=no/ENABLED=yes/' conf/ufw.conf \ + || die "sed failed (ufw.conf)" + + sed -i "s/^IPV6=yes/IPV6=$(usex ipv6)/" conf/ufw.defaults || die + + # If LINGUAS is set install selected translations only. + if [[ -n ${LINGUAS+set} ]]; then + _EMPTY_LOCALE_LIST="yes" + pushd locales/po > /dev/null || die + + local lang + for lang in *.po; do + if ! has "${lang%.po}" ${LINGUAS}; then + rm "${lang}" || die + else + _EMPTY_LOCALE_LIST="no" + fi + done + + popd > /dev/null || die + else + _EMPTY_LOCALE_LIST="no" + fi +} + +src_install() { + newconfd "${FILESDIR}"/ufw.confd ufw + newinitd "${FILESDIR}"/ufw-2.initd ufw + + # users normally would want it + insinto /usr/share/doc/${PF}/logging/syslog-ng + doins "${FILESDIR}"/syslog-ng/* + + insinto /usr/share/doc/${PF}/logging/rsyslog + doins "${FILESDIR}"/rsyslog/* + doins doc/rsyslog.example + + if use examples; then + insinto /usr/share/doc/${PF}/examples + doins examples/* + fi + distutils_src_install + [[ $_EMPTY_LOCALE_LIST != yes ]] && domo locales/mo/*.mo + newbashcomp shell-completion/bash ${PN} +} + +pkg_postinst() { + distutils_pkg_postinst + if path_exists -o "${EROOT}"lib/ufw/user{,6}.rules; then + ewarn "Attention!" + ewarn "User configuration from /lib/ufw is now placed in /etc/ufw/user." + ewarn "Please stop ufw, copy .rules files from ${EROOT}lib/ufw" + ewarn "to ${EROOT}etc/ufw/user/ and start ufw again." + fi + echo + elog "Remember to enable ufw add it to your boot sequence:" + elog "-- # ufw enable" + elog "-- # rc-update add ufw boot" + echo + elog "If you want to keep ufw logs in a separate file, take a look at" + elog "/usr/share/doc/${PF}/logging." +} |