From 7859ea5800bf0fad4c04d859fa5c79db04d514d9 Mon Sep 17 00:00:00 2001 From: teastep Date: Thu, 5 Jul 2007 14:01:50 +0000 Subject: [PATCH] Raise fatal error on chmod failure; Fix handling of shell variables with value zero git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6786 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall-common/changelog.txt | 4 ++++ Shorewall-common/releasenotes.txt | 8 +++++++- Shorewall-perl/Shorewall/Common.pm | 2 +- Shorewall-perl/Shorewall/Config.pm | 6 +++++- 4 files changed, 17 insertions(+), 3 deletions(-) diff --git a/Shorewall-common/changelog.txt b/Shorewall-common/changelog.txt index 1aee8a56c..bb8f6d5dd 100644 --- a/Shorewall-common/changelog.txt +++ b/Shorewall-common/changelog.txt @@ -18,6 +18,10 @@ Changes in 4.0.0 RC 1 9) Allow ipsec zone in GATEWAY ZONE column of the tunnels file. +10) Raise error on chmod failure. + +11) Handle shell variables with zero value correctly. + Changes in 4.0.0 Beta 6 1) First step to adding compiler debugging facility. diff --git a/Shorewall-common/releasenotes.txt b/Shorewall-common/releasenotes.txt index 229637182..56eff5453 100644 --- a/Shorewall-common/releasenotes.txt +++ b/Shorewall-common/releasenotes.txt @@ -22,7 +22,7 @@ Shorewall 4.0.0 RC 1 Shorewall-perl compiler. This support utilizes the reduced-function physdev match support available in Linux kernel 2.6.20 and later. -Problems corrected in 4.0.0 Beta 7. +Problems corrected in 4.0.0 RC 1. 1) If 'routeback' and 'detectnets' were specified on an interface, limited broadcasts (to 255.255.255.255) and multicasts were dropped @@ -41,6 +41,12 @@ Problems corrected in 4.0.0 Beta 7. 4) ipsec zones are now allowed in the GATEWAY ZONE(S) column when using Shorewall-perl. +5) A fatal error is now raised if the Shorewall-perl compiler is + unable to secure the output file for execute access. + +6) Shell variables that have a value of zero are now handled + correctly. + Other changes in Shorewall 4.0.0 RC 1. 1) The shorewall-perl RPM may no longer be installed under Shorewall diff --git a/Shorewall-perl/Shorewall/Common.pm b/Shorewall-perl/Shorewall/Common.pm index a0d2ef360..a45396ae5 100644 --- a/Shorewall-perl/Shorewall/Common.pm +++ b/Shorewall-perl/Shorewall/Common.pm @@ -331,7 +331,7 @@ sub finalize_object( $ ) { close $object; $object = 0; rename $tempfile, $file or fatal_error "Cannot Rename $tempfile to $file: $!"; - chmod 0700, $file; + chmod 0700, $file or fatal_error "Cannot secure $file for execute access"; progress_message3 "Shorewall configuration compiled to $file" unless $export; } diff --git a/Shorewall-perl/Shorewall/Config.pm b/Shorewall-perl/Shorewall/Config.pm index 0aa7cc62b..e82cb06ce 100644 --- a/Shorewall-perl/Shorewall/Config.pm +++ b/Shorewall-perl/Shorewall/Config.pm @@ -553,7 +553,11 @@ sub read_a_line { # # Expand Shell Variables using %ENV # - $line = join( '', $1 , ( $ENV{$2} || '' ) , $3 ) while $line =~ /^(.*?)\$([a-zA-Z]\w*)(.*)$/ || $line =~ /^(.*?)\${([a-zA-Z]\w*)}(.*)$/; + while ( $line =~ /^(.*?)\$([a-zA-Z]\w*)(.*)$/ || $line =~ /^(.*?)\${([a-zA-Z]\w*)}(.*)$/ ) { + my $val = $ENV{$2}; + $val = '' unless defined $val; + $line = join( '', $1 , $val , $3 ); + } if ( $line =~ /^\s*INCLUDE\s/ ) {