On 02/11/2013 05:52 AM, Tom Eastep wrote: > On 02/10/2013 08:50 PM, Mr Dash Four wrote: >> >>>> The answer is on your computer, not mine. >>> >>> But if you send me a tarball, then maybe the answer will be on my >>> computer. >> I am sorry, but I don't play hide-and-seek - if you know what else >> could have caused this, I am a willing participant. If you don't know >> (or won't tell), then I don't have time to waste. I was willing to >> help you out, but if you can't be arsed, then so be it. > > Well, the most obvious answer is that there is no params file in the > directory that you are trying to compile. > > /sbin/shorewall reads shorewall.conf prior to launching the compiler. > Given that shorewall.conf can use variables from params, the params file > is read first. Because shorewall.conf has not be read yet, its > CONFIG_PATH setting is not yet available. > > The CONFIG_PATH used is formed by prepending the directory named in the > compile or check command, to the default CONFIG_PATH. > > So, at a minimum, the directory named in a 'compile' > or 'check' command must contain a params file and shorewall.conf. >
I plan to leave this as it is for 4.5.13. In 4.5.14, though, I could
change the code so that:
a) If the user is root, the behavior remains the same.
b) If the user is not root, /sbin/shorewall (actulally lib.cli-std)
would only look for the params file in the directory specified on
the command line.
I prefer the current behavior for root, because it allows for creation
of a temporary test directory containing only those configuration files
that are being changed. It is not necessary that the directory contain
params and shorewall.conf.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
