From 35453c86e3f4f0a0408b787bbcf430abf91af5fb Mon Sep 17 00:00:00 2001 From: teastep Date: Fri, 16 Jun 2006 14:59:41 +0000 Subject: [PATCH] Move the Shorewall Lite firewall script from /usr/share/shorewall-lite to /var/lib/shorewall-lite git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4116 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall-lite/Makefile | 2 +- Shorewall-lite/install.sh | 2 +- Shorewall-lite/releasenotes.txt | 9 ++++++++- Shorewall-lite/shorewall-lite | 14 +++++++------- Shorewall/compiler | 2 -- Shorewall/functions | 2 +- Shorewall/help | 2 +- Shorewall/install.sh | 2 ++ Shorewall/releasenotes.txt | 2 +- Shorewall/shorewall | 2 +- docs/CompiledPrograms.xml | 6 +++--- docs/starting_and_stopping_shorewall.xml | 10 +++++----- 12 files changed, 31 insertions(+), 24 deletions(-) diff --git a/Shorewall-lite/Makefile b/Shorewall-lite/Makefile index ba5dcd7c3..b61cd248a 100644 --- a/Shorewall-lite/Makefile +++ b/Shorewall-lite/Makefile @@ -4,7 +4,7 @@ SHAREDIR=/usr/share/shorewall-lite RESTOREFILE?=.restore all: $(VARDIR)/${RESTOREFILE} -$(VARDIR)/${RESTOREFILE}: $(SHAREDIR)/firewall +$(VARDIR)/${RESTOREFILE}: $(VARDIR)/firewall @/sbin/shorewall-lite -q save >/dev/null; \ if \ /sbin/shorewall-lite -q restart >/dev/null 2>&1; \ diff --git a/Shorewall-lite/install.sh b/Shorewall-lite/install.sh index aaf537b3d..075daba94 100755 --- a/Shorewall-lite/install.sh +++ b/Shorewall-lite/install.sh @@ -214,7 +214,7 @@ echo "Installing Shorewall Lite Version $VERSION" # # Check for /etc/shorewall-lite # -if [ -z "$PREFIX" && -d /etc/shorewall-lite ]; then +if [ -z "$PREFIX" -a -d /etc/shorewall-lite ]; then first_install="" backup_directory /etc/shorewall-lite backup_directory /usr/share/shorewall-lite diff --git a/Shorewall-lite/releasenotes.txt b/Shorewall-lite/releasenotes.txt index 115b0fd2d..b3a97b39b 100644 --- a/Shorewall-lite/releasenotes.txt +++ b/Shorewall-lite/releasenotes.txt @@ -23,6 +23,13 @@ Other changes in 3.2.0 RC 4 installed on your administrative system(s) and Shorewall Lite RC4 on the firewall system(s). +2) To appease the LHS police, the file + /usr/share/shorewall-lite/firewall has been moved to + /var/lib/shorewall-lite/firewall. When upgrading to this release of + Shorewall Lite, please execute the following command: + + cp -a /usr/share/shorewall-lite/firewall /var/lib/shorewall-lite/ + New Features: Shorewall Lite is a companion product to Shorewall and is designed to @@ -56,7 +63,7 @@ e) On the administrative system, for each firewall system you: cd /sbin/shorewall compile -e . firewall - scp firewall root@:/usr/share/shorewall/ + scp firewall root@:/var/lib/shorewall-lite/ 3) On the firewall system, 'shorewall-lite start'. diff --git a/Shorewall-lite/shorewall-lite b/Shorewall-lite/shorewall-lite index c782d4931..eda368a73 100755 --- a/Shorewall-lite/shorewall-lite +++ b/Shorewall-lite/shorewall-lite @@ -462,10 +462,10 @@ start_command() { do_it() { [ -n "$nolock" ] || mutex_on - if [ -x ${SHAREDIR}/firewall ]; then - ${SHAREDIR}/firewall $debugging start + if [ -x ${VARDIR}/firewall ]; then + ${VARDIR}/firewall $debugging start else - error_message "${CONFDIR}/firewall is missing or is not executable" + error_message "${VARDIR}/firewall is missing or is not executable" fi [ -n "$nolock" ] || mutex_off @@ -629,10 +629,10 @@ restart_command() { [ -n "$nolock" ] || mutex_on - if [ -x ${SHAREDIR}/firewall ]; then - $SHOREWALL_SHELL ${SHAREDIR}/firewall $debugging restart + if [ -x ${VARDIR}/firewall ]; then + $SHOREWALL_SHELL ${VARDIR}/firewall $debugging restart else - error_message "${SHAREDIR}/firewall is missing or is not executable" + error_message "${VARDIR}/firewall is missing or is not executable" fi [ -n "$nolock" ] || mutex_off @@ -1171,7 +1171,7 @@ VARDIR=/var/lib/shorewall-lite CONFDIR=/etc/shorewall-lite export PRODUCT="Shorewall Lite" -FIREWALL=$SHAREDIR/firewall +FIREWALL=$VARDIR/firewall FUNCTIONS=$SHAREDIR/functions VERSION_FILE=$SHAREDIR/version HELP=$SHAREDIR/help diff --git a/Shorewall/compiler b/Shorewall/compiler index 4614f00a0..10eab8534 100755 --- a/Shorewall/compiler +++ b/Shorewall/compiler @@ -8661,8 +8661,6 @@ do_initialize() { ensure_config_path - [ -n "$EXPORT" ] && CONFIG_PATH=$(echo $CONFIG_PATH | sed 's|^/etc/shorewall:|/usr/share/shorewall/configfiles:|') - VERSION_FILE=$SHAREDIR/version [ -f $VERSION_FILE ] && VERSION=$(cat $VERSION_FILE) diff --git a/Shorewall/functions b/Shorewall/functions index 8db8113a1..e9835b44e 100644 --- a/Shorewall/functions +++ b/Shorewall/functions @@ -248,7 +248,7 @@ find_file() IFS=$saveifs - echo ${CONFDIR}/$1 + [ -z "$EXPORT" ] && echo ${CONFDIR}/$1 || echo ${SHAREDIR}/configfiles/$1 fi ;; esac diff --git a/Shorewall/help b/Shorewall/help index 4383e8a65..57edbaa96 100755 --- a/Shorewall/help +++ b/Shorewall/help @@ -257,7 +257,7 @@ reload) Causes the shorewall configuration in to be compiled into a program called '/firewall'. If compilation is successful, the '/firewall' script is copied via scp to the - /usr/share/shorewall-lite/ directory on . If the script is copied + /var/lib/shorewall-lite/ directory on . If the script is copied successfully, Shorewall Lite on is restarted via ssh." ;; diff --git a/Shorewall/install.sh b/Shorewall/install.sh index 0ea13bb04..5aea514f7 100755 --- a/Shorewall/install.sh +++ b/Shorewall/install.sh @@ -258,6 +258,8 @@ chmod 755 ${PREFIX}/usr/share/shorewall/configfiles # run_install $OWNERSHIP -m 0744 shorewall.conf ${PREFIX}/usr/share/shorewall/configfiles/shorewall.conf +qt mywhich perl && perl -p -w -i -e 's|^CONFIG_PATH=.*|CONFIG_PATH=/usr/share/shorewall/configfiles:/usr/share/shorewall|;' /usr/share/shorewall/configfiles/shorewall.conf + if [ ! -f ${PREFIX}/etc/shorewall/shorewall.conf ]; then run_install $OWNERSHIP -m 0744 shorewall.conf ${PREFIX}/etc/shorewall/shorewall.conf echo "Config file installed as ${PREFIX}/etc/shorewall/shorewall.conf" diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index 503a729f2..1a268f3ef 100644 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -59,7 +59,7 @@ Other changes in 3.2.0 RC 4 The command is equivalent to: /sbin/shorewall compile -e . firewall &&\ - scp firewall root@:/usr/share/shorewall-lite/ &&\ + scp firewall root@:/var/lib/shorewall-lite/ &&\ ssh root@ '/sbin/shorewall-lite restart' In other words, the configuration in the specified (or defaulted) diff --git a/Shorewall/shorewall b/Shorewall/shorewall index 60e7107ac..1d5b890ab 100755 --- a/Shorewall/shorewall +++ b/Shorewall/shorewall @@ -1286,7 +1286,7 @@ restore_command() { # reload_command() { - shorewall compile -e $1 $1/firewall && scp $1/firewall root@${2}:/usr/share/shorewall-lite/ && ssh root@${2} '/sbin/shorewall-lite restart' && progress_message3 "System $1 reloaded" + shorewall compile -e $1 $1/firewall && scp $1/firewall root@${2}:/var/lib/shorewall-lite/ && ssh root@${2} '/sbin/shorewall-lite restart' && progress_message3 "System $1 reloaded" } # # Help information diff --git a/docs/CompiledPrograms.xml b/docs/CompiledPrograms.xml index f2fdbc19d..6269f21a9 100644 --- a/docs/CompiledPrograms.xml +++ b/docs/CompiledPrograms.xml @@ -15,7 +15,7 @@ - 2006-06-14 + 2006-06-16 2006 @@ -233,7 +233,7 @@ cd <configuration directory> /sbin/shorewall compile -e . firewall -scp firewall root@<firewall system>:/usr/share/shorewall-lite/ +scp firewall root@<firewall system>:/var/lib/shorewall-lite/ @@ -406,7 +406,7 @@ command allows for easy updating of remote firewall systems by a non-root user. At shorewall.net, I keep my firewall configurations in sub-directories under ~/Configs. The name of the directory corresponds - to the DNS name of the system. + to the DNS name of the system. To recompile the firewall script for the system named gateway and to install that script on gateway, I issue the following diff --git a/docs/starting_and_stopping_shorewall.xml b/docs/starting_and_stopping_shorewall.xml index 644ceecbc..3984576b3 100644 --- a/docs/starting_and_stopping_shorewall.xml +++ b/docs/starting_and_stopping_shorewall.xml @@ -15,7 +15,7 @@ - 2006-06-12 + 2006-06-16 2004 @@ -162,7 +162,7 @@ - /usr/share/shorewall-lite/firewall — The + /var/lib/shorewall-lite/firewall — The firewall program. The program is generated using the shorewall compile -e command on a system with the full Shorewall product installed. @@ -172,7 +172,7 @@ /usr/share/shorewall-lite/functions — A library of Bourne Shell functions used by /usr/share/shorewall-lite/shorewall and - /usr/share/shorewall-lite/firewall. + /var/lib/shorewall-lite/firewall. @@ -952,7 +952,7 @@ <system> If <directory> is omitted, the current working directory - is assumed. + is assumed. Allows a non-root user to compile a shorewall script and install it on a system (provided that the user has root access to @@ -963,7 +963,7 @@ <directory>/firewall &&\ scp <directory>/firewall - root@<system>:/usr/share/shorewall-lite/ + root@<system>:/var/lib/shorewall-lite/ &&\ ssh root@<system> '/sbin/shorewall-lite