diff options
author | Francisco Blas (klondike) Izquierdo Riera <klondike@gentoo.org> | 2019-12-03 02:36:40 +0100 |
---|---|---|
committer | Matthew Thode <prometheanfire@gentoo.org> | 2019-12-03 10:10:21 -0600 |
commit | 30b3fa9d29308ecbd09b30a8357adeeb2768ca22 (patch) | |
tree | 27e313db175c957ef80d3df304a3da515ac18a00 /net-firewall/nftables | |
parent | net-firewall/nftables: rename modern_kernel use flag (diff) | |
download | gentoo-30b3fa9d29308ecbd09b30a8357adeeb2768ca22.tar.gz gentoo-30b3fa9d29308ecbd09b30a8357adeeb2768ca22.tar.bz2 gentoo-30b3fa9d29308ecbd09b30a8357adeeb2768ca22.zip |
net-firewall/nftables: Move skel files
Currently the ebuild installs the skeleton files directly
into the ebuild's doc directory. In 0.9.0-r5 the intention
was installing them into a skels folder (although this was not
done correctly).
Replace the sed rules so that the skeleton files are installed
into the skel folder. This will be cleaner if for some reason
nftables adds further documentation on the future. It is also
easier to perform this change now than once we stabilize.
Bug: https://bugs.gentoo.org/671254
Signed-off-by: Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org>
Package-Manager: Portage-2.3.76, Repoman-2.3.11
Signed-off-by: Matthew Thode <prometheanfire@gentoo.org>
Diffstat (limited to 'net-firewall/nftables')
-rw-r--r-- | net-firewall/nftables/nftables-0.9.0-r6.ebuild | 103 | ||||
-rw-r--r-- | net-firewall/nftables/nftables-0.9.1-r2.ebuild (renamed from net-firewall/nftables/nftables-0.9.1-r1.ebuild) | 4 | ||||
-rw-r--r-- | net-firewall/nftables/nftables-0.9.2-r2.ebuild (renamed from net-firewall/nftables/nftables-0.9.2-r1.ebuild) | 4 |
3 files changed, 107 insertions, 4 deletions
diff --git a/net-firewall/nftables/nftables-0.9.0-r6.ebuild b/net-firewall/nftables/nftables-0.9.0-r6.ebuild new file mode 100644 index 000000000000..90884e99c1c3 --- /dev/null +++ b/net-firewall/nftables/nftables-0.9.0-r6.ebuild @@ -0,0 +1,103 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit autotools linux-info systemd + +DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools" +HOMEPAGE="https://netfilter.org/projects/nftables/" +SRC_URI="https://git.netfilter.org/nftables/snapshot/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~x86" +IUSE="debug doc +gmp json +modern-kernel +readline" + +RDEPEND=">=net-libs/libmnl-1.0.3:0= + gmp? ( dev-libs/gmp:0= ) + json? ( dev-libs/jansson ) + readline? ( sys-libs/readline:0= ) + >=net-libs/libnftnl-1.1.1:0=" + +DEPEND="${RDEPEND} + >=app-text/docbook2X-0.8.8-r4 + doc? ( >=app-text/dblatex-0.3.7 ) + sys-devel/bison + sys-devel/flex + virtual/pkgconfig" + +S="${WORKDIR}/v${PV}" + +pkg_setup() { + if kernel_is ge 3 13; then + if use modern-kernel && kernel_is lt 3 18; then + eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly." + fi + CONFIG_CHECK="~NF_TABLES" + linux-info_pkg_setup + else + eerror "This package requires kernel version 3.13 or newer to work properly." + fi +} + +src_prepare() { + default + eautoreconf +} + +src_configure() { + local myeconfargs=( + --sbindir="${EPREFIX}"/sbin + $(use_enable debug) + $(use_enable doc pdf-doc) + $(use_with !gmp mini_gmp) + $(use_with json) + $(use_with readline cli) + ) + econf "${myeconfargs[@]}" +} + +src_install() { + default + + local mksuffix="" + use modern-kernel && mksuffix="-mk" + + exeinto /usr/libexec/${PN} + newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh + newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN} + newinitd "${FILESDIR}"/${PN}${mksuffix}.init ${PN} + keepdir /var/lib/nftables + + systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service + + docinto skels + dodoc "${D}"/etc/nftables/* + rm -R "${D}"/etc/nftables +} + +pkg_postinst() { + local save_file + save_file="${EROOT%/}/var/lib/nftables/rules-save" + + # In order for the nftables-restore systemd service to start + # the save_file must exist. + if [[ ! -f "${save_file}" ]]; then + ( umask 177; touch "${save_file}" ) + elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then + ewarn "Your system has dangerous permissions for ${save_file}" + ewarn "It is probably affected by bug #691326." + ewarn "You may need to fix the permissions of the file. To do so," + ewarn "you can run the command in the line below as root." + ewarn " 'chmod 600 \"${save_file}\"'" + fi + + elog "If you wish to enable the firewall rules on boot (on systemd) you" + elog "will need to enable the nftables-restore service." + elog " 'systemd_enable_service basic.target ${PN}-restore.service'" + elog + elog "If you are creating firewall rules before the next system restart " + elog "the nftables-restore service must be manually started in order to " + elog "save those rules on shutdown." +} diff --git a/net-firewall/nftables/nftables-0.9.1-r1.ebuild b/net-firewall/nftables/nftables-0.9.1-r2.ebuild index 8538c51884d6..fab18474325d 100644 --- a/net-firewall/nftables/nftables-0.9.1-r1.ebuild +++ b/net-firewall/nftables/nftables-0.9.1-r2.ebuild @@ -71,9 +71,9 @@ src_prepare() { default # fix installation path for doc stuff - sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}@' \ + sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \ -i files/nftables/Makefile.am || die - sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/osf@' \ + sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \ -i files/osf/Makefile.am || die eautoreconf diff --git a/net-firewall/nftables/nftables-0.9.2-r1.ebuild b/net-firewall/nftables/nftables-0.9.2-r2.ebuild index 5dd8147c26d4..a6478ad1215c 100644 --- a/net-firewall/nftables/nftables-0.9.2-r1.ebuild +++ b/net-firewall/nftables/nftables-0.9.2-r2.ebuild @@ -66,9 +66,9 @@ src_prepare() { default # fix installation path for doc stuff - sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}@' \ + sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \ -i files/nftables/Makefile.am || die - sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/osf@' \ + sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \ -i files/osf/Makefile.am || die eautoreconf |