On 03/26/2012 02:47 PM, Mr Dash Four wrote: > > >>> Would that always be the case (getting ipset warnings, that is)? >>> >> >> Yes. >> > So the choice is either fill in my syslog with meaningless warnings or > not have warnings at all (provided there is an option to shut it up)?
This is AFTER init has been processed; why would your log fill up with meaningless warnings? > >> I'm not finding TMPDIR in the Shorewall source tree. >> > There isn't any and that is the problem. (b)ash assumes it is /tmp and > then looks in /var/tmp. If both are read-only it bails out. If TMPDIR is > set (as environment variable) and provided this directory is read-write > (b)ash is quite happy to continue and execute the firewall script. That > is why I am currently patching the resultant "firewall" file to include > "export TMPDIR=<whatever>" > >>> I think you should not assume any pre-defined directory in advance at >>> all. What I think you should do (in order of preference!) is look for >>> .shorewallrc in: >>> >>> 1. Current directory >>> 2. Root home (/root) >>> 3. Root (/) >>> 4. Current user home (*if* HOME is defined) >>> 5. Environment variable called SHOREWALLRC_HOME >>> >> >> Okay. >> > You may be even more flexible and adopt a similar approach as openssh does: > > 1. Current directory > 2. $HOME (if it exist) > 3. /etc > 4. /root > 5. / > 6. Environment variable I prefer this order with $HOME before /root since it allows my user id to have a private Shorewall configuration unrelated to root's. I have, in fact, already implemented that order :-) > >>> is going to be used when I >>> want to uninstall shorewall, is that right? It would be a complete waste >>> otherwise. >>> >> >> Yes >> > Than I presume uninstall.sh was adapted accordingly to take full > advantage of this, right? It has been. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
