> THEY ARE NOT HARD-CODED -- They come from the first 'shorewallrc' file
> encountered on your CONFIG_PATH at the time of compilation.
Ah, right, which is also wrong as they should come from the remote copy of
shorewallrc. I presume that is fixed in your (CONF.patch?) patch, right?
I also forgot to mention the different meaning of VARDIR in shorewall and
shorewall-lite. In the former, this is assumed to be /var/lib, in the latter it
is /var/lib/shorewall-lite, but I suspect you already know that.
>> lib.cli:3106:
>> PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
>>
>
> That's the default if PATH isn't set in your
> ${CONFDIR}/${g_product}.conf file. And the compiled script doesn't use
> lib.cli.
I did a little experiment when discovered this bug and explicitly wrote the
existing path just before modprobe was executed. It wasn't like what I have
specified in my .conf file at all, hence the error I was getting. I had to
alter the file in order to get it to execute my own version of modprobe with
the required modules.
>> Except that it won't. It would have executed the busybox modprobe with my
>> own (new) kernel modules directory, which would also fail. I want to execute
>> *my* modprobe with *my* kernel modules directory. WHen the PATH is
>> hard-coded it is hard to do that.
>>
>
> How have you set PATH in ${CONFDIR}/shorewall-lite/shorewall-lite.conf?
CONFIG_PATH="/opt/etc/shorewall:/opt/share/shorewall:/etc/shorewall:/usr/share/shorewall"
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
