From 9e506d797a75dc520199a5cdf88ddac4fbaa04d7 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Mon, 2 Apr 2012 11:34:33 -0700 Subject: [PATCH] Don't modify CONFDIR and SHAREDIR in the shell code Signed-off-by: Tom Eastep --- Shorewall-core/lib.base | 20 ++++---------------- Shorewall-core/lib.cli | 26 +++++++++++++------------- Shorewall-core/lib.common | 2 +- Shorewall/Perl/Shorewall/Compiler.pm | 20 ++++++++------------ Shorewall/lib.cli-std | 8 ++------ 5 files changed, 28 insertions(+), 48 deletions(-) diff --git a/Shorewall-core/lib.base b/Shorewall-core/lib.base index b82e02eb4..4bf68375e 100644 --- a/Shorewall-core/lib.base +++ b/Shorewall-core/lib.base @@ -39,10 +39,10 @@ if [ -z "$g_readrc" ]; then . /usr/share/shorewall/shorewallrc g_libexec="$LIBEXECDIR" - g_sharedir="$SHAREDIR" + g_sharedir="$SHAREDIR"/$g_program g_sbindir="$SBINDIR" g_vardir="$VARDIR" - g_confdir="$CONFDIR" + g_confdir="$CONFDIR"/$g_program g_readrc=1 fi @@ -50,39 +50,27 @@ g_basedir=${SHAREDIR}/shorewall case $g_program in shorewall) - SHAREDIR=${SHAREDIR}/shorewall - CONFDIR=${CONFDIR}/shorewall g_product="Shorewall" g_family=4 g_tool= - g_basedir=${SHAREDIR}/shorewall g_lite= ;; shorewall6) - SHAREDIR=${SHAREDIR}/shorewall6 - CONFDIR=${CONFDIR}/shorewall6 g_product="Shorewall6" g_family=6 g_tool= - g_basedir=${SHAREDIR}/shorewall g_lite= ;; shorewall-lite) - SHAREDIR=${SHAREDIR}/shorewall-lite - CONFDIR=${CONFDIR}/shorewall-lite g_product="Shorewall Lite" g_family=4 g_tool=iptables - g_basedir=${SHAREDIR}/shorewall-lite g_lite=Yes ;; shorewall6-lite) - SHAREDIR=${SHAREDIR}/shorewall6-lite - CONFDIR=${CONFDIR}/shorewall6-lite g_product="Shorewall6 Lite" g_family=6 g_tool=ip6tables - g_basedir=${SHAREDIR}/shorewall6-lite g_lite=Yes ;; esac @@ -204,7 +192,7 @@ mutex_off() rm -f ${LOCKFILE:=${VARDIR}/lock} } -[ -z "$LEFTSHIFT" ] && . ${g_sharedir}/shorewall/lib.common +[ -z "$LEFTSHIFT" ] && . ${g_basedir}/lib.common # # Validate an IP address @@ -362,7 +350,7 @@ ip_vlsm() { # ensure_config_path() { local F - F=${SHAREDIR}/configpath + F=${g_sharedir}/configpath if [ -z "$CONFIG_PATH" ]; then [ -f $F ] || { echo " ERROR: $F does not exist"; exit 2; } . $F diff --git a/Shorewall-core/lib.cli b/Shorewall-core/lib.cli index 26db60f38..eb7bb8014 100644 --- a/Shorewall-core/lib.cli +++ b/Shorewall-core/lib.cli @@ -31,13 +31,13 @@ if [ -z "$g_readrc" ]; then . /usr/share/shorewall/shorewallrc g_libexec="$LIBEXECDIR" - g_sharedir="$SHAREDIR" g_sbindir="$SBINDIR" - g_confdir="$CONFDIR" + g_confdir="$CONFDIR"/$g_program + g_sharedir="$SHAREDIR"/$g_program g_readrc=1 fi -. ${g_sharedir}/shorewall/lib.base +. ${SHAREDIR}/shorewall/lib.base # @@ -559,11 +559,11 @@ version_command() { [ $# -gt 0 ] && usage 1 if [ -n "$all" ]; then - echo "shorewall-core: $(cat $g_sharedir/shorewall/coreversion)" + echo "shorewall-core: $(cat $g_sharedir/coreversion)" for product in shorewall shorewall6 shorewall-lite shorewall6-lite shorewall-init; do - if [ -f $g_sharedir/$product/version ]; then - echo "$product: $(cat $g_sharedir/$product/version)" + if [ -f $g_sharedir/version ]; then + echo "$product: $(cat $g_sharedir/version)" fi done else @@ -853,7 +853,7 @@ show_command() { show_routing ;; config) - . ${SHAREDIR}/configpath + . ${g_sharedir}/configpath if [ -n "$g_filemode" ]; then echo "CONFIG_PATH=$CONFIG_PATH" echo "VARDIR=$VARDIR" @@ -925,10 +925,10 @@ show_command() { echo "forwardUPnP # Allow traffic that upnpd has redirected from" echo "rejNotSyn # Silently Reject Non-syn TCP packets" - if [ -f ${CONFDIR}/actions ]; then - cat ${SHAREDIR}/actions.std ${CONFDIR}/actions | grep -Ev '^\#|^$' + if [ -f ${g_confdir}/actions ]; then + cat ${g_sharedir}/actions.std ${g_confdir}/actions | grep -Ev '^\#|^$' else - grep -Ev '^\#|^$' ${SHAREDIR}/actions.std + grep -Ev '^\#|^$' ${g_sharedir}/actions.std fi return @@ -2981,7 +2981,7 @@ shorewall_cli() { VERBOSE= VERBOSITY= - [ -n "$g_lite" ] || . ${g_sharedir}/shorewall/lib.cli-std + [ -n "$g_lite" ] || . ${g_basedir}/lib.cli-std finished=0 @@ -3086,7 +3086,7 @@ shorewall_cli() { PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin MUTEX_TIMEOUT= - [ -f ${CONFDIR}/vardir ] && . ${CONFDIR}/vardir + [ -f ${g_confdir}/vardir ] && . ${g_confdir}/vardir [ -n "${VARDIR:=/var/lib/$g_program}" ] @@ -3096,7 +3096,7 @@ shorewall_cli() { g_firewall=${VARDIR}/firewall - version_file=$SHAREDIR/version + version_file=${g_sharedir}/version if [ -f $version_file ]; then SHOREWALL_VERSION=$(cat $version_file) else diff --git a/Shorewall-core/lib.common b/Shorewall-core/lib.common index 0379f70f4..d6212cc1f 100644 --- a/Shorewall-core/lib.common +++ b/Shorewall-core/lib.common @@ -676,7 +676,7 @@ find_file() fi done - echo ${CONFDIR}/$1 + echo ${g_confdir}/$1 ;; esac } diff --git a/Shorewall/Perl/Shorewall/Compiler.pm b/Shorewall/Perl/Shorewall/Compiler.pm index a9b38aa19..131087d42 100644 --- a/Shorewall/Perl/Shorewall/Compiler.pm +++ b/Shorewall/Perl/Shorewall/Compiler.pm @@ -168,40 +168,36 @@ sub generate_script_2() { emit( 'g_family=4' ); if ( $export ) { - emit ( qq(SHAREDIR=$shorewallrc{SHAREDIR}/shorewall-lite), - qq(CONFDIR=$shorewallrc{CONFDIR}/shorewall-lite), - qq(VARDIR=$shorewallrc{VARDIR}/shorewall-lite), + emit ( qq(g_confdir=$shorewallrc{CONFDIR}/shorewall-lite), 'g_product="Shorewall Lite"', 'g_program=shorewall-lite', 'g_basedir=/usr/share/shorewall-lite', + qq(VARDIR=$shorewallrc{VARDIR}/shorewall-lite), ); } else { - emit ( qq(SHAREDIR=$shorewallrc{SHAREDIR}/shorewall), - qq(CONFDIR=$shorewallrc{CONFDIR}/shorewall), - qq(VARDIR=$shorewallrc{VARDIR}/shorewall), + emit ( qq(g_confdir=$shorewallrc{CONFDIR}/shorewall), 'g_product=Shorewall', 'g_program=shorewall', 'g_basedir=/usr/share/shorewall', + qq(VARDIR=$shorewallrc{VARDIR}/shorewall), ); } } else { emit( 'g_family=6' ); if ( $export ) { - emit ( qq(SHAREDIR=$shorewallrc{SHAREDIR}/shorewall6-lite), - qq(CONFDIR=$shorewallrc{CONFDIR}/shorewall6-lite), - qq(VARDIR=$shorewallrc{VARDIR}/shorewall6-lite), + emit ( qq(g_confdir=$shorewallrc{CONFDIR}/shorewall6-lite), 'g_product="Shorewall6 Lite"', 'g_program=shorewall6-lite', 'g_basedir=/usr/share/shorewall6', + qq(VARDIR=$shorewallrc{VARDIR}/shorewall6-lite), ); } else { - emit ( qq(SHAREDIR=$shorewallrc{SHAREDIR}/shorewall6), - qq(CONFDIR=$shorewallrc{CONFDIR}/shorewall6), - qq(VARDIR=$shorewallrc{VARDIR}/shorewall6}), + emit ( qq(g_confdir=$shorewallrc{CONFDIR}/shorewall6), 'g_product=Shorewall6', 'g_program=shorewall6', 'g_basedir=/usr/share/shorewall' + qq(VARDIR=$shorewallrc{VARDIR}/shorewall6}), ); } } diff --git a/Shorewall/lib.cli-std b/Shorewall/lib.cli-std index 1690a49dc..f507e7da3 100644 --- a/Shorewall/lib.cli-std +++ b/Shorewall/lib.cli-std @@ -31,7 +31,6 @@ # get_config() { local prog - local confdir ensure_config_path @@ -49,10 +48,7 @@ get_config() { if [ -f $config ]; then if [ -r $config ]; then - confdir=${CONFDIR} - CONFDIR=${g_confdir} . $config - CONFDIR=${confdir} else echo "Cannot read $config! (Hint: Are you root?)" >&2 exit 1 @@ -382,7 +378,7 @@ compiler() { # # Get the config from $g_shorewalldir # - [ -n "$g_shorewalldir" -a "$g_shorewalldir" != /etc/$g_program ] && get_config + [ -n "$g_shorewalldir" -a "$g_shorewalldir" != ${g_confdir} ] && get_config case $COMMAND in *start|try|refresh) @@ -407,7 +403,7 @@ compiler() { shorewallrc=$(find_file shorewallrc) [ -f "$shorewallrc" ] || fatal_error "Compiling for export requires a shorewallrc file" else - shorewallrc="${g_sharedir}/shorewall/shorewallrc" + shorewallrc="${g_basedir}/shorewallrc" fi options="--verbose=$VERBOSITY --family=$g_family --config_path=$CONFIG_PATH --shorewallrc=${shorewallrc}"