[firewalld] - New support for Fedora per-product configuration settings for Fedora.next https://fedoraproject.
Thomas Woerner
twoerner at fedoraproject.org
Mon Jul 7 16:47:46 UTC 2014
commit 7ab6dab432bcd7249d3f660320c0724d95bbb333
Author: Thomas Woerner <twoerner at redhat.com>
Date: Mon Jul 7 18:47:24 2014 +0200
- New support for Fedora per-product configuration settings for Fedora.next
https://fedoraproject.org/wiki/Per-Product_Configuration_Packaging_Draft
firewalld.spec | 127 +++++++++++++++++++++++++++++++++++++++++++++++++++++++-
1 files changed, 125 insertions(+), 2 deletions(-)
---
diff --git a/firewalld.spec b/firewalld.spec
index 5e329c2..1759d6f 100644
--- a/firewalld.spec
+++ b/firewalld.spec
@@ -1,7 +1,7 @@
Summary: A firewall daemon with D-Bus interface providing a dynamic firewall
Name: firewalld
Version: 0.3.10
-Release: 2%{?dist}
+Release: 3%{?dist}
URL: http://fedorahosted.org/firewalld
License: GPLv2+
Source0: https://fedorahosted.org/released/firewalld/%{name}-%{version}.tar.bz2
@@ -24,6 +24,7 @@ Requires: iptables, ebtables
Requires(post): systemd
Requires(preun): systemd
Requires(postun): systemd
+Requires: firewalld-config
%description
firewalld is a firewall service daemon that provides a dynamic customizable
@@ -52,6 +53,42 @@ Requires: pygobject3-base
The firewall configuration application provides an configuration interface for
firewalld.
+%if 0%{?fedora} > 20
+%package config-standard
+Summary: Firewalld standard configuration settings
+Requires: firewalld = %{version}-%{release}
+Provides: firewalld-config
+Conflicts: system-release-server
+Conflicts: firewalld-config-server
+Conflicts: system-release-workstation
+Conflicts: firewalld-config-workstation
+
+%description config-standard
+Standard product firewalld configuration settings.
+
+%package config-server
+Summary: Firewalld server configuration settings
+Provides: firewalld-config
+Requires: firewalld = %{version}-%{release}
+Requires: system-release-server
+Conflicts: firewalld-config-workstation
+Conflicts: firewalld-config-standard
+
+%description config-server
+Server product specific firewalld configuration settings.
+
+%package config-workstation
+Summary: Firewalld workstation configuration settings
+Provides: firewalld-config
+Requires: firewalld = %{version}-%{release}
+Requires: system-release-workstation
+Conflicts: firewalld-config-server
+Conflicts: firewalld-config-standard
+
+%description config-workstation
+Workstation product specific firewalld configuration settings.
+%endif
+
%prep
%setup -q
%if 0%{?fedora}
@@ -71,6 +108,26 @@ desktop-file-install --delete-original \
--dir %{buildroot}%{_datadir}/applications \
%{buildroot}%{_datadir}/applications/firewall-config.desktop
+%if 0%{?fedora} > 20
+# standard firewalld.conf
+mv %{buildroot}%{_sysconfdir}/firewalld/firewalld.conf \
+ %{buildroot}%{_sysconfdir}/firewalld/firewalld-standard.conf
+
+# server firewalld.conf
+cp -a %{buildroot}%{_sysconfdir}/firewalld/firewalld-standard.conf \
+ %{buildroot}%{_sysconfdir}/firewalld/firewalld-server.conf
+sed -i 's|^DefaultZone=*|DefaultZone=fedora-server|g' \
+ %{buildroot}%{_sysconfdir}/firewalld/firewalld-server.conf
+
+# workstation firewalld.conf
+cp -a %{buildroot}%{_sysconfdir}/firewalld/firewalld-standard.conf \
+ %{buildroot}%{_sysconfdir}/firewalld/firewalld-workstation.conf
+sed -i 's|^DefaultZone=*|DefaultZone=fedora-workstation|g' \
+ %{buildroot}%{_sysconfdir}/firewalld/firewalld-workstation.conf
+
+rm -f %{buildroot}%{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
+%endif
+
%find_lang %{name} --all-name
%post
@@ -112,6 +169,50 @@ fi
/usr/bin/gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
/usr/bin/glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || :
+%if 0%{?fedora} > 20
+%post config-standard
+if [ $1 -eq 1 ]; then # Initial installation
+ # link standard config
+ rm -f %{_sysconfdir}/firewalld/firewalld.conf
+ ln -sf firewalld-standard.conf %{_sysconfdir}/firewalld/firewalld.conf || :
+fi
+
+%triggerin config-standard -- firewalld
+if [ $1 -eq 1 ]; then
+ # link server policy
+ rm -f %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
+ ln -sf org.fedoraproject.FirewallD1.server.policy %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy || :
+fi
+
+%post config-server
+if [ $1 -eq 1 ]; then # Initial installation
+ # link server config
+ rm -f %{_sysconfdir}/firewalld/firewalld.conf
+ ln -sf firewalld-server.conf %{_sysconfdir}/firewalld/firewalld.conf || :
+fi
+
+%triggerin config-server -- firewalld
+if [ $1 -eq 1 ]; then
+ # link server policy
+ rm -f %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
+ ln -sf org.fedoraproject.FirewallD1.server.policy %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy || :
+fi
+
+%post config-workstation
+if [ $1 -eq 1 ]; then # Initial installation
+ # link workstation config
+ rm -f %{_sysconfdir}/firewalld/firewalld.conf
+ ln -sf firewalld-workstation.conf %{_sysconfdir}/firewalld/firewalld.conf || :
+fi
+
+%triggerin config-workstation -- firewalld
+if [ $1 -eq 1 ]; then
+ # link desktop policy
+ rm -f %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
+ ln -sf org.fedoraproject.FirewallD1.desktop.policy %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy || :
+fi
+%endif
+
%files -f %{name}.lang
%doc COPYING README
%{_sbindir}/firewalld
@@ -128,7 +229,9 @@ fi
%{_prefix}/lib/firewalld/services/*.xml
%{_prefix}/lib/firewalld/zones/*.xml
%attr(0750,root,root) %dir %{_sysconfdir}/firewalld
+%if 0%{?fedora} <= 20
%config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf
+%endif
%config(noreplace) %{_sysconfdir}/firewalld/lockdown-whitelist.xml
%attr(0750,root,root) %dir %{_sysconfdir}/firewalld/icmptypes
%attr(0750,root,root) %dir %{_sysconfdir}/firewalld/services
@@ -140,7 +243,6 @@ fi
%config(noreplace) %{_sysconfdir}/dbus-1/system.d/FirewallD.conf
%{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.desktop.policy
%{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.server.policy
-%{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
%attr(0755,root,root) %dir %{python_sitelib}/firewall
%attr(0755,root,root) %dir %{python_sitelib}/firewall/config
%attr(0755,root,root) %dir %{python_sitelib}/firewall/core
@@ -174,7 +276,28 @@ fi
%{_datadir}/glib-2.0/schemas/org.fedoraproject.FirewallConfig.gschema.xml
%{_mandir}/man1/firewall-config*.1*
+%if 0%{?fedora} > 20
+%files config-standard
+%config(noreplace) %{_sysconfdir}/firewalld/firewalld-standard.conf
+%ghost %config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf
+%ghost %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
+
+%files config-server
+%config(noreplace) %{_sysconfdir}/firewalld/firewalld-server.conf
+%ghost %config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf
+%ghost %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
+
+%files config-workstation
+%config(noreplace) %{_sysconfdir}/firewalld/firewalld-workstation.conf
+%ghost %config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf
+%ghost %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
+%endif
+
%changelog
+* Mon Jul 7 2014 Thomas Woerner <twoerner at redhat.com> - 0.3.10-3
+- New support for Fedora per-product configuration settings for Fedora.next
+ https://fedoraproject.org/wiki/Per-Product_Configuration_Packaging_Draft
+
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.3.10-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
More information about the scm-commits
mailing list