Bug#778954: marked as done (firewalld: no-sysconfig patch completely removes ability to specify start-up options)

[Debian Bug Tracking System]

Your message dated Sun, 18 Jun 2017 16:15:05 +0200
with message-id <0bc0b1e0-de26-0c9a-ad97-ad6f13640...@debian.org>
and subject line Re: [Pkg-utopia-maintainers] Bug#778954: firewalld: 
no-sysconfig patch completely removes ability to specify start-up options
has caused the Debian Bug report #778954,
regarding firewalld: no-sysconfig patch completely removes ability to specify 
start-up options
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
778954: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778954
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: firewalld
Version: 0.3.12-1
Severity: normal
Tags: patch

Dear Maintainer,

Just because Debian-based systems do not have /etc/sysconfig as in
Fedora-based systems, it should not mean that FirewallD cannot be configured
with start-up options.

The fix I propose is to have these options located in /etc/default/firewalld,
as is normally done in Debian for sysv init scripts.  To avoid duplication,
this same file is used if the service is started by systemd, however I do not
know if there are any reasons why systemd should not use /etc/default files.

I have attached my patch.

Regards,

Carlos

-- System Information:
Debian Release: 8.0
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages firewalld depends on:
ii  dbus                 1.8.16-1
ii  gir1.2-glib-2.0      1.42.0-2.2
ii  init-system-helpers  1.22
ii  iptables             1.4.21-2+b1
ii  policykit-1          0.105-8
ii  python               2.7.8-3
ii  python-dbus          1.2.0-2+b3
ii  python-gi            3.14.0-1
ii  python-slip-dbus     0.6.0-2

Versions of packages firewalld recommends:
ii  ebtables  2.0.10.4-3

firewalld suggests no packages.

-- no debconf information

diff --git a/debian/changelog b/debian/changelog
index 5406a42..758e0ab 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+firewalld (0.3.12-1.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Allow start-up options to firewalld for Debian-based systems.
+
+ -- Carlos Maddela <madd...@labyrinth.net.au>  Thu, 19 Feb 2015 06:34:46 +1100
+
 firewalld (0.3.12-1) unstable; urgency=medium
 
   * New upstream release.
diff --git a/debian/clean b/debian/clean
new file mode 100644
index 0000000..70fc751
--- /dev/null
+++ b/debian/clean
@@ -0,0 +1 @@
+debian/firewalld.default
diff --git a/debian/firewalld.init b/debian/firewalld.init
index a8b4083..a9ee93a 100755
--- a/debian/firewalld.init
+++ b/debian/firewalld.init
@@ -30,6 +30,9 @@ SCRIPTNAME=/etc/init.d/$NAME
 # Exit if the package is not installed
 [ -x "$DAEMON" ] || exit 0
 
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
 # Define LSB log_* functions.
 . /lib/lsb/init-functions
 
@@ -39,7 +42,7 @@ do_start()
 	#   0 if daemon has been started
 	#   1 if daemon was already running
 	#   other if daemon could not be started or a failure occured
-	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON
+	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- $FIREWALLD_ARGS
 }
 
 do_stop()
diff --git a/debian/patches/01-no-sysconfig.patch b/debian/patches/01-no-sysconfig.patch
index ff03fbe..2875456 100644
--- a/debian/patches/01-no-sysconfig.patch
+++ b/debian/patches/01-no-sysconfig.patch
@@ -1,14 +1,28 @@
-Index: firewalld/config/firewalld.service.in
-===================================================================
---- firewalld.orig/config/firewalld.service.in	2013-03-28 22:22:08.995826857 +0100
-+++ firewalld/config/firewalld.service.in	2013-03-28 22:22:22.056028858 +0100
-@@ -6,8 +6,7 @@
+From: Utopia Maintenance Team <pkg-utopia-maintain...@lists.alioth.debian.org>
+Date: Thu, 19 Feb 2015 04:59:57 +1100
+Subject: Allow start-up options to firewalld for Debian-based systems
+
+Description: Allow start-up options to firewalld for Debian-based systems
+Author: Carlos Maddela <madd...@labyrinth.net.au>
+Origin: vendor
+Forwarded: not-needed
+Last-Update: 2015-02-19
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+---
+ config/firewalld.service.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/config/firewalld.service.in b/config/firewalld.service.in
+index c08cb36..c8e6b55 100644
+--- a/config/firewalld.service.in
++++ b/config/firewalld.service.in
+@@ -6,7 +6,7 @@ Before=NetworkManager.service
  Conflicts=iptables.service ip6tables.service ebtables.service
  
  [Service]
 -EnvironmentFile=-/etc/sysconfig/firewalld
--ExecStart=@sbindir@/firewalld --nofork --nopid $FIREWALLD_ARGS
-+ExecStart=@sbindir@/firewalld --nofork --nopid
++EnvironmentFile=-/etc/default/firewalld
+ ExecStart=@sbindir@/firewalld --nofork --nopid $FIREWALLD_ARGS
  ExecReload=/bin/kill -HUP $MAINPID
  # supress to log debug and error output also to /var/log/messages
- StandardOutput=null
diff --git a/debian/rules b/debian/rules
index 6218485..d3df16d 100755
--- a/debian/rules
+++ b/debian/rules
@@ -8,4 +8,5 @@ override_dh_auto_configure:
 		--with-systemd-unitdir=/lib/systemd/system
 
 override_dh_install:
+	cp -f config/firewalld.sysconfig debian/firewalld.default
 	dh_install --list-missing

--- End Message ---

--- Begin Message ---

On Mon, 23 Feb 2015 13:13:03 +1100 Carlos Maddela
<madd...@labyrinth.net.au> wrote:
> 
> 
> On 23/02/15 11:43, Michael Biebl wrote:
> > Am 23.02.2015 um 01:07 schrieb Carlos Maddela:
> >> At the time I was trying to debug some rules I had written in
> >> /etc/firewalld/direct.xml, so I wanted more verbose logs.  I found that
> >> there was no way of specifying the --debug command line option without
> >> directly changing the sysv init script or the systemd unit, which should
> >> not be the case.
> >
> > If you want to debug something, I'd just run firewalld in your terminal
> > directly.
> > That aside, you can easily use a drop-in snippet to override the
> > ExecStart= command.
> > So I really don't see the need to introduce a new conffile here.
> >
> >
> Now that you've enlightened me on the finer points of systemd, I would
> have to agree with you that this extra conffile would be overkill for
> systemd, but for the benefit of Ubuntu, which uses upstart, would you
> please reconsider sourcing this conffile in the sysv init script?

Now that Ubuntu has also switched to systemd, I guess we can safely
close this bug report.

Regards,
Michael


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?

signature.asc
Description: OpenPGP digital signature

--- End Message ---