Move fireall, function and version to /usr/lib/shorewall

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@259 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall/changelog.txt

@@ -13,3 +13,4 @@ Changes since 1.3.8
 5. Don't insist on state NEW for protocols other than tcp, udp and
    icmp. Workaround for conntrack glitches in other protocols.
 
+6. Move 'functions' and 'firewall' to /usr/lib/shorewall.

Shorewall/fallback.sh

@@ -57,7 +57,10 @@ fi
 
 echo "Backing Out Installation of Shorewall $VERSION"
 
-if [ -L /var/lib/shorewall/firewall ]; then
+if [ -L /usr/lib/shorewall/firewall ]; then
+    FIREWALL=`ls -l /usr/lib/shorewall/firewall | sed 's/^.*> //'`
+    restore_file $FIREWALL
+elif [ -L /var/lib/shorewall/firewall ]; then
     FIREWALL=`ls -l /var/lib/shorewall/firewall | sed 's/^.*> //'`
     restore_file $FIREWALL
 fi
@@ -69,6 +72,7 @@ restore_file /sbin/shorewall
 restore_file /etc/shorewall/shorewall.conf
     
 restore_file /etc/shorewall/functions
+restore_file /usr/lib/shorewall/functions
 restore_file /var/lib/shorewall/functions
 
 restore_file /etc/shorewall/common.def
@@ -109,8 +113,11 @@ restore_file /etc/shorewall/whitelist
 
 restore_file /etc/shorewall/rfc1918
 
-if [ -f /var/lib/shorewall/version-${VERSION}.bkout ]; then
-    restore_file /var/shorewall/version
+if [ -f /usr/lib/shorewall/version-${VERSION}.bkout ]; then
+    restore_file /usr/lib/shorewall/version
+    oldversion="`cat /usr/lib/shorewall/version`"
+elif [ -f /var/lib/shorewall/version-${VERSION}.bkout ]; then
+    restore_file /var/lib/shorewall/version
     oldversion="`cat /var/lib/shorewall/version`"
 else
     restore_file /etc/shorewall/version

Shorewall/firewall

@@ -3536,7 +3536,7 @@ do_initialize() {
 
     trap "rm -rf $TMP_DIR; my_mutex_off; exit 2" 1 2 3 4 5 6 9
 
-    functions=/var/lib/shorewall/functions
+    functions=/usr/lib/shorewall/functions
 
     if [ -f $functions ]; then
 	. $functions
@@ -3544,7 +3544,7 @@ do_initialize() {
 	startup_error "$functions does not exist!"
     fi
 
-    version_file=/var/lib/shorewall/version
+    version_file=/usr/lib/shorewall/version
 
     [ -f $version_file ] && version=`cat $version_file`
     #

Shorewall/install.sh

@@ -254,9 +254,10 @@ fi
 echo -e "\nShorewall script installed in ${PREFIX}${DEST}/$FIREWALL"
 
 #
-# Create /etc/shorewall and /var/shorewall if needed
+# Create /etc/shorewall, /usr/lib/shorewall and /var/shorewall if needed
 #
 mkdir -p ${PREFIX}/etc/shorewall
+mkdir -p ${PREFIX}/usr/lib/shorewall
 mkdir -p ${PREFIX}/var/lib/shorewall
 #
 # Install the config file
@@ -280,7 +281,12 @@ fi
 #
 # Install the functions file
 #
-install_file_with_backup functions ${PREFIX}/var/lib/shorewall/functions 0444
+if [ -f ${PREFIX}/etc/shorewall/functions ]; then
+    backup_file ${PREFIX}/var/lib/shorewall/functions
+    rm -f  ${PREFIX}/var/lib/shorewall/functions
+fi
+    
+install_file_with_backup functions ${PREFIX}/usr/lib/shorewall/functions 0444
 
 echo -e "\nCommon functions installed in ${PREFIX}/var/lib/shorewall/functions"
 #
@@ -443,19 +449,19 @@ fi
 # Backup the version file
 #
 if [ -z "$PREFIX" ]; then
-    if [ -f /var/lib/shorewall/version ]; then
-	backup_file /var/lib/shorewall/version
+    if [ -f /usr/lib/shorewall/version ]; then
+	backup_file /usr/lib/shorewall/version
     elif [ -n "$oldversion" ]; then
-	echo $oldversion > /var/lib/shorewall/version-${VERSION}.bkout
+	echo $oldversion > /usr/lib/shorewall/version-${VERSION}.bkout
     else
-	echo "Unknown" > /var/lib/shorewall/version-${VERSION}.bkout
+	echo "Unknown" > /usr/lib/shorewall/version-${VERSION}.bkout
     fi
 fi
 #
 # Create the version file
 #
-echo "$VERSION" > ${PREFIX}/var/lib/shorewall/version
-chmod 644 ${PREFIX}/var/lib/shorewall/version
+echo "$VERSION" > ${PREFIX}/usr/lib/shorewall/version
+chmod 644 ${PREFIX}/usr/lib/shorewall/version
 #
 # Remove and create the symbolic link to the firewall script
 #
@@ -463,12 +469,13 @@ chmod 644 ${PREFIX}/var/lib/shorewall/version
 if [ -z "$PREFIX" ]; then
     rm -f /etc/shorewall/firewall
     rm -f /var/lib/shorewall/firewall
-    ln -s ${DEST}/${FIREWALL} /var/lib/shorewall/firewall
+    rm -f /usr/lib/shorewall/firewall
+    ln -s ${DEST}/${FIREWALL} /usr/lib/shorewall/firewall
 else
-    pushd ${PREFIX}/var/lib/shorewall/ >> /dev/null && ln -s ../../..${DEST}/${FIREWALL} firewall && popd >> /dev/null
+    pushd ${PREFIX}/usr/lib/shorewall/ >> /dev/null && ln -s ../../..${DEST}/${FIREWALL} firewall && popd >> /dev/null
 fi
 
-echo -e "\n${PREFIX}/var/lib/shorewall/firewall linked to ${PREFIX}$DEST/$FIREWALL"
+echo -e "\n${PREFIX}/usr/lib/shorewall/firewall linked to ${PREFIX}$DEST/$FIREWALL"
 
 if [ -z "$PREFIX" -a -n "$first_install" ]; then
     if [ -x /sbin/insserv -o -x /usr/sbin/insserv ]; then

Shorewall/releasenotes.txt

@@ -10,3 +10,8 @@ New features include:
 
 3. Shorewall startup is now disabled after initial installation until
    the file /etc/shorewall/shorewall_disabled is removed.
+
+4. The 'functions' file and the 'firewall' symbolic link have been
+   moved from /var/lib/shorewall to /usr/lib/shorewall to appease the
+   LFS police at Debian. Bering users may now insert "var/lib/shorewall"
+   back into /var/lib/lrpkg/root.exclude.list.

Shorewall/shorewall

@@ -495,7 +495,7 @@ fi
 
 [ -n "$SHOREWALL_DIR" ] && export SHOREWALL_DIR
 
-functions=/var/lib/shorewall/functions
+functions=/usr/lib/shorewall/functions
 
 if [ -f $functions ]; then
     . $functions
@@ -504,7 +504,7 @@ else
     exit 2
 fi
 
-firewall=/var/lib/shorewall/firewall
+firewall=/usr/lib/shorewall/firewall
 
 if [ ! -f $firewall ]; then
     echo "ERROR: Shorewall is not properly installed"
@@ -512,7 +512,7 @@ if [ ! -f $firewall ]; then
 	echo "	     $firewall is a symbolic link to a"
 	echo "	     non-existant file"
     else
-	echo "	     The file /var/lib/shorewall/firewall does not exist"
+	echo "	     The file /usr/lib/shorewall/firewall does not exist"
     fi
 
     exit 2
@@ -520,13 +520,13 @@ fi
 
 PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
 
-version_file=/var/lib/shorewall/version
+version_file=/usr/lib/shorewall/version
 
 if [ -f $version_file ]; then
     version=`cat $version_file`
 else
     echo "ERROR: Shorewall is not properly installed"
-    echo "	 The file /var/lib/shorewall/version does not exist"
+    echo "	 The file /usr/lib/shorewall/version does not exist"
     exit 1
 fi
 

Shorewall/shorewall.spec

@@ -71,8 +71,9 @@ fi
 %files 
 /etc/init.d/shorewall
 %attr(0700,root,root) %dir /etc/shorewall
+%attr(0700,root,root) %dir /usr/lib/shorewall
 %attr(0700,root,root) %dir /var/lib/shorewall
-%attr(0600,root,root) /var/lib/shorewall/version
+%attr(0600,root,root) /usr/lib/shorewall/version
 %attr(0600,root,root) /etc/shorewall/common.def
 %attr(0600,root,root) /etc/shorewall/icmp.def
 %attr(0600,root,root) %config(noreplace) /etc/shorewall/shorewall.conf
@@ -93,8 +94,8 @@ fi
 %attr(0600,root,root) %config(noreplace) /etc/shorewall/blacklist
 %attr(0600,root,root) %config(noreplace) /etc/shorewall/rfc1918
 %attr(0544,root,root) /sbin/shorewall
-%attr(0444,root,root) /var/lib/shorewall/functions
-/var/lib/shorewall/firewall
+%attr(0444,root,root) /usr/lib/shorewall/functions
+/usr/lib/shorewall/firewall
 %doc documentation
 %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel
 

Shorewall/uninstall.sh

@@ -78,9 +78,15 @@ if qt iptables -L shorewall -n; then
    /sbin/shorewall clear
 fi
 
-if [ -L /var/lib/shorewall/firewall ]; then
+if [ -L /usr/lib/shorewall/firewall ]; then
+    FIREWALL=`ls -l /usr/lib/shorewall/firewall | sed 's/^.*> //'`
+elif [ -L /var/lib/shorewall/firewall ]; then
     FIREWALL=`ls -l /var/lib/shorewall/firewall | sed 's/^.*> //'`
+else
+    FIREWALL=
+fi
 
+if [ -n "$FIREWALL" ]; then
     if [ -x /sbin/insserv -o -x /usr/sbin/insserv ]; then
         insserv -r $FIREWALL
     elif [ -x /sbin/chkconfig -o -x /usr/sbin/chkconfig ]; then
@@ -97,6 +103,7 @@ if [ -n "$VERSION" ]; then
 fi
 
 rm -rf /etc/shorewall
+rm -rf /usr/lib/shorewall
 rm -rf /var/lib/shorewall
 
 echo "Shorewall Uninstalled"