fix mutex/nolock issues

Shorewall-lite/shorewall-lite

@@ -631,11 +631,15 @@ case "$COMMAND" in
     stop|clear)
 	[ $# -ne 1 ] && usage 1
 	verify_firewall_script
-	run_it $g_firewall $debugging $nolock $COMMAND
+	[ -n "$nolock" ] || mutex_on
+	run_it $g_firewall $debugging $COMMAND
+	[ -n "$nolock" ] || mutex_off
 	;;
     reset)
 	verify_firewall_script
-	run_it $SHOREWALL_SHELL $g_firewall $debugging $nolock $@
+	[ -n "$nolock" ] || mutex_on
+	run_it $SHOREWALL_SHELL $g_firewall $debugging $@
+	[ -n "$nolock" ] || mutex_off
 	;;
     restart)
 	shift

Shorewall/changelog.txt

@@ -8,6 +8,8 @@ Changes in Shorewall 4.4.11.1
 
 4)  Don't slow down 'stop' with 'wait'.
 
+5)  Resolve mutex/nolock issues.
+
 Changes in Shorewall 4.4.11
 
 1)  Apply patch from Gabriel.

Shorewall/known_problems.txt

@@ -32,4 +32,10 @@
     Suggested workaround is to set startup=1 in your
     /etc/default/shorewall* files.
 
+5)  /sbin/shorewall and /sbin/shorewall6 sometimes fail to honor the
+    'nolock' option. In other cases, this option is incorrectly passed
+    on to the compiled script, causing the script to issue a usage
+    synopsis and to terminate.
+ 
+
 

Shorewall/releasenotes.txt

@@ -233,6 +233,11 @@ I I I.  P R O B L E M S   C O R R E C T E D   I N   T H I S  R E L E A S E
 3)  Previously, using a destination port-range with :random produced a
     fatal compilation error in REDIRECT rules.
 
+4)  /sbin/shorewall and /sbin/shorewall6 sometimes failed to honor the
+    'nolock' option. In other cases, this option was incorrectly passed
+    on to the compiled script, causing the script to issue a usage
+    synopsis and to terminate.
+ 
 4.4.11
 
 1)  The IPv6 allowBcast action generated an invalid rule.

Shorewall/shorewall

@@ -1631,17 +1631,17 @@ case "$COMMAND" in
 	get_config
 	[ $# -ne 1 ] && usage 1
 	[ -x $g_firewall ] || fatal_error "Shorewall has never been started"
-	mutex_on
-	run_it $g_firewall $g_debugging $nolock $COMMAND
-	mutex_off
+	[ -n "$nolock" ] || mutex_on
+	run_it $g_firewall $g_debugging $COMMAND
+	[ -n "$nolock" ] || mutex_off
 	;;
     reset)
 	get_config
 	shift
-	mutex_on
+	[ -n "$nolock" ] || mutex_on
 	[ -x $g_firewall ] || fatal_error "Shorewall has never been started"
-	run_it $g_firewall $g_debugging $nolock reset $@
-	mutex_off
+	run_it $g_firewall $g_debugging reset $@
+	[ -n "$nolock" ] || mutex_off
 	;;
     compile)
 	get_config Yes

Shorewall6-lite/shorewall6-lite

@@ -615,7 +615,9 @@ case "$COMMAND" in
     stop|reset|clear)
 	[ $# -ne 1 ] && usage 1
 	verify_firewall_script
-	run_it $g_firewall $debugging $nolock $COMMAND
+	[ -n "$nolock" ] || mutex_on
+	run_it $g_firewall $debugging $COMMAND
+	[ -n "$nolock" ] || mutex_on
 	;;
     restart)
 	shift

Shorewall6/shorewall6

@@ -1544,17 +1544,17 @@ case "$COMMAND" in
 	[ $# -ne 1 ] && usage 1
 	get_config
 	[ -x $g_firewall ] || fatal_error "Shorewall6 has never been started"
-	mutex_on
-	run_it $g_firewall $g_debugging $nolock $COMMAND
-	mutex_off
+	[ -n "$nolock" ] || mutex_on
+	run_it $g_firewall $g_debugging $COMMAND
+	[ -n "$nolock" ] || mutex_off
 	;;
     reset)
 	get_config
 	shift
-	mutex_on
+	[ -n "$nolock" ] || mutex_on
 	[ -x $g_firewall ] || fatal_error "Shorewall6 has never been started"
-	run_it $g_firewall $g_debugging $nolock reset $@
-	mutex_off
+	run_it $g_firewall $g_debugging reset $@
+	[ -n "$nolock" ] || mutex_off
 	;;
     compile)
 	get_config Yes