> 3) Previously, the install scripts included in the Shorewall packages
> were very restrictive. They could either be run to install directly
> onto the system in a distribution-dependent way, or they could
> install into a directory in a distribution-independent way. This
> limited their usefullness to packagers.
>
> Beginning with this release, the install scripts handle the install
> system and the target system independently. When running an
> installer, the following environmental variables can be set:
>
> a) INSTALLSYS - Describes the system where the installer is
> running. Accepted values are:
>
> CYGWIN - Cygwin running under a Microsoft OS
> MAC - OS X
> DEBIAN - Debian
> REDHAT - Redhat,Centos,Foobar,etc.
> FEDORA - Fedora
> SLACKWARE - Slackware
> ARCHLINUX - Arch Linux
> LINUX - Generic Linux
>
> INSTALLSYS is not set, then the installer uses its existing
> algorithm for detecting the current OS and distribution.
>
> b) TARGET - Describes the system where the installed package
> will run.
>
> - For Shorewall and Shorewall6, the possible values are
> the same as for INSTALLSYS. The values REDHAT and FEDORA are
> synonyms.
>
> - If TARGET is not set, the value of INSTALLSYS (through
> setting or detection) is used.
>
> - For Shorewall-lite and Shorewall6-lite, the possible choices
> are DEBIAN, FEDORA, REDHAT, SLACKWARE, ARCHLINUX and
> LINUX. Again, REDHAT and FEDORA are synonyms.
>
> - For Shorewall-init, the possible choices are DEBIAN, FEDORA,
> REDHAT, and SUSE.
>
Thanks for that. I just had a quick glance over the install.sh script in
the main shorewall archive (will have a more thorough look towards the
end of the week):
1. Line 128:
case "$LIBEXEC" in
/*)
;;
*)
LIBEXEC=/usr/${LIBEXEC}
#! Why?! My understanding is that the LIBEXEC is specified in full
(prefix/destdir excluding) - not just the bit after "/usr". This is also
inconsistent with the same setting in uninstall.sh. It is also
inconsistent with what you assume in line 380: "mkdir -p
${DESTDIR}${LIBEXEC}/$PRODUCT" - no "/usr" there!
#! Besides uninstall.sh has an error on line 115: "rm -rf
$PERLLIB}/Shorewall/*" should really be "rm -rf ${PERLLIB}/Shorewall/*"
or "rm -rf $PERLLIB/Shorewall/*".
#! In uninstall.sh you also use hard-coded values where shorewall was
installed (/sbin/shorewall, /usr/share/shorewall etc) - I think that's
wrong. I am also unsure how uninstall.sh is going to cope with the
arch-specific settings you use when install.sh does its job.
;;
esac
case "$PERLLIB" in
/*)
;;
*)
PERLLIB=/usr/${PERLLIB}
#! Same as above.
;;
esac
2. INSTALLSYS and TARGET names: it would be better to rename them as
"BUILD" and "HOST", makes more sense (and is also consistent with their
automake value counterparts).
3. Line 144:
if [ -z "$INSTALLSYS" ]; then
case $(uname) in
CYGWIN*)
INSTALLSYS=CYGWIN
;;
Darwin)
INSTALLSYS=MAC
;;
*)
if [ -f /etc/debian_version ]; then
INSTALLSYS=DEBIAN
elif [ -f /etc/redhat-release ]; then
if [ -d /etc/sysconfig/network-scripts/ ]; then
#! I have /etc/sysconfig/network-scripts/ present, but my system cannot
be classified as "REDHAT" - it is Fedora. Why the distinction by the
way? Do you need it because of RHEL?
INSTALLSYS=REDHAT
else
INSTALLSYS=FEDORA
fi
elif [ -f /etc/slackware-version ] ; then
INSTALLSYS=SLACKWARE
elif [ -f /etc/SuSE-release ]; then
INSTALLSYS=SUSE
elif [ -f /etc/arch-release ] ; then
INSTALLSYS=ARCHLINUX
else
INSTALLSYS=LINUX
fi
;;
esac
fi
4. Line 301:
if [ -n "$DESTDIR" ]; then
#![...]
elif [ -z "$DESTDIR" ]; then
#! if .. else - it is either one or the other, there isn't a 3rd
alternative .This is a common use you employ throughout the install.sh
script
5. Line 355:
FEDORA|REDHAT)
install_file init.fedora.sh ${DESTDIR}/etc/init.d/$PRODUCT 0544
#! This WILL fail! Either use "${DESTDIR}${DEST}/$PRODUCT" or
"${DESTDIR}/etc/rc.d/init.d/$PRODUCT"
;;
> 4) A SWITCH column has been added to /etc/shorewall/masq. This column
> allows for enabling and disabling a rule based on a setting in
> /proc/net/nf_condition. See shorewall-masq(5) for details.
>
> 5) The rules compiler now issues a warning when the 'src' ipset flag
> is used in a destination column or the 'dst' ipset flag is used in
> a source column.
> Thank you for testing,
I will check/test everything more thoroughly towards the end of the week
as I have a lot on my plate at the moment.
------------------------------------------------------------------------------
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
