Allow shared files to be moved easily

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@397 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall/changelog.txt

@@ -6,3 +6,5 @@ Changes since 1.3.12
 
 3. Added CLEAR_TC option.
 
+4. Added SHARED_DIR option.
+

Shorewall/firewall

@@ -70,7 +70,7 @@ list_count() {
 
 #
 # Mutual exclusion -- These functions are jackets for the mutual exclusion
-#		      routines in /usr/lib/shorewall/functions. They invoke
+#		      routines in $FUNCTIONS. They invoke
 #		      the corresponding function in that file if the user did
 #		      not specify "nolock" on the runline.
 #
@@ -4465,6 +4465,10 @@ do_initialize() {
     TCP_FLAGS_LOG_LEVEL=
     RFC1918_LOG_LEVEL=
     MARK_IN_FORWARD_CHAIN=
+    SHARED_DIR=/usr/lib/shorewall
+    FUNCTIONS=
+    VERSION_FILE=
+
     stopping=
     have_mutex=
     masq_seq=1
@@ -4478,31 +4482,36 @@ do_initialize() {
 
     trap "rm -rf $TMP_DIR; my_mutex_off; exit 2" 1 2 3 4 5 6 9
 
-    functions=/usr/lib/shorewall/functions
+    if [ -n "$SHOREWALL_DIR" -a -f $SHOREWALL_DIR/shorewall.conf ]; then
-
+	config=$SHOREWALL_DIR/shorewall.conf
-    if [ -f $functions ]; then
-	. $functions
     else
-	startup_error "$functions does not exist!"
+	config=/etc/shorewall/shorewall.conf
+    fi
+    
+    if [ -f $config ]; then
+	. $config
+    else
+	echo "$config does not exist!" >&2
+	exit 2
     fi
 
-    version_file=/usr/lib/shorewall/version
 
-    [ -f $version_file ] && version=`cat $version_file`
+    FUNCTIONS=$SHARED_DIR/functions
-    #
-    # Strip the files that we use often
-    #
-    strip_file interfaces
-    strip_file hosts
 
-    run_user_exit shorewall.conf
+    if [ -f $FUNCTIONS ]; then
-    run_user_exit params
+	. $FUNCTIONS
+    else
+	startup_error "$FUNCTIONS does not exist!"
+    fi
+
+    VERSION_FILE=$SHARED_DIR/version
+
+    [ -f $VERSION_FILE ] && version=`cat $VERSION_FILE`
 
     [ -z "${STATEDIR}" ] && STATEDIR=/var/state/shorewall
 
     [ -d $STATEDIR ] || mkdir -p $STATEDIR
 
-
     [ -z "$FW" ] && FW=fw
 
     ALLOWRELATED="`added_param_value_yes ALLOWRELATED $ALLOWRELATED`"
@@ -4582,6 +4591,15 @@ do_initialize() {
     else
 	CLEAR_TC=
     fi
+
+
+    run_user_exit params
+
+    #
+    # Strip the files that we use often
+    #
+    strip_file interfaces
+    strip_file hosts
 }
 
 #

Shorewall/releasenotes.txt

@@ -42,3 +42,8 @@ New features include:
    CLEAR_TC=No and do not supply an /etc/shorewall/tcstart file. That
    way, your traffic shaping rules can still use the 'fwmark'
    classifier based on packet marking defined in /etc/shorewall/tcrules.
+
+4. A new SHARED_DIR variable has been added that allows distribution
+   packagers to easily move the shared directory (default
+   /usr/lib/shorewall). Users should never have a need to change the
+   value of this shorewall.conf setting.

Shorewall/shorewall

@@ -569,44 +569,58 @@ fi
 
 [ -n "$SHOREWALL_DIR" ] && export SHOREWALL_DIR
 
-functions=/usr/lib/shorewall/functions
+PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
+SHARED_DIR=/usr/lib/shorewall
+MUTEX_TIMEOUT=
 
-if [ -f $functions ]; then
+if [ -n "$SHOREWALL_DIR" -a -f $SHOREWALL_DIR/shorewall.conf ]; then
-    . $functions
+    config=$SHOREWALL_DIR/shorewall.conf
 else
-    echo "$functions does not exist!" >&2
+    config=/etc/shorewall/shorewall.conf
+fi
+
+if [ -f $config ]; then
+    . $config
+else
+    echo "$config does not exist!" >&2
     exit 2
 fi
 
-firewall=/usr/lib/shorewall/firewall
+[ -z "${STATEDIR}" ] && STATEDIR=/var/state/shorewall
 
-if [ ! -f $firewall ]; then
+FIREWALL=$SHARED_DIR/firewall
+FUNCTIONS=$SHARED_DIR/functions
+VERSION_FILE=$SHARED_DIR/version
+
+if [ -f $FUNCTIONS ]; then
+    . $FUNCTIONS
+else
+    echo "$FUNCTIONS does not exist!" >&2
+    exit 2
+fi
+
+if [ ! -f $FIREWALL ]; then
     echo "ERROR: Shorewall is not properly installed"
-    if [ -L $firewall ]; then
+    if [ -L $FIREWALL ]; then
-	echo "	     $firewall is a symbolic link to a"
+	echo "	     $FIREWALL is a symbolic link to a"
 	echo "	     non-existant file"
     else
-	echo "	     The file /usr/lib/shorewall/firewall does not exist"
+	echo "	     The file $FIREWALL  does not exist"
     fi
 
     exit 2
 fi
 
-PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
+if [ -f $VERSION_FILE ]; then
-
+    version=`cat $VERSION_FILE`
-version_file=/usr/lib/shorewall/version
-
-if [ -f $version_file ]; then
-    version=`cat $version_file`
 else
     echo "ERROR: Shorewall is not properly installed"
-    echo "	 The file /usr/lib/shorewall/version does not exist"
+    echo "	 The file $VERSION_FILE does not exist"
     exit 1
 fi
 
 banner="Shorewall-$version Status at $HOSTNAME -"
 
-get_statedir
 
 case `echo -e` in
     -e*)
@@ -629,11 +643,11 @@ esac
 case "$1" in
     start|stop|restart|reset|clear|refresh|check)
 	[ $# -ne 1 ] && usage 1
-	exec $firewall $debugging $nolock $1
+	exec $FIREWALL $debugging $nolock $1
 	;;
     add|delete)
 	[ $# -ne 3 ] && usage 1
-	exec $firewall $debugging $nolock $1 $2 $3
+	exec $FIREWALL $debugging $nolock $1 $2 $3
 	;;
     show)
 	[ $# -gt 2 ] && usage 1

Shorewall/shorewall.conf

@@ -9,6 +9,13 @@
 #  (c) 1999,2000,2001,2002 - Tom Eastep (teastep@shorewall.net)
 ##############################################################################
 #
+# You should not have to change the variables in this section -- they are set
+# by the packager of your Shorewall distribution
+#
+SHARED_DIR=/usr/lib/shorewall
+#
+##############################################################################
+#
 # General note about log levels. Log levels are a method of describing 
 # to syslog (8) the importance of a message and a number of parameters
 # in this file have log levels as their value.