* Wed Jun 17 2015 Thomas Woerner <twoerner@redhat.com> - 0.3.14.2-1

- reunification of the firewalld spec files for all Fedora releases - fix dependencies for -applet and -config: use_python3 is the proper switch not with_python3 (RHBZ#1232493) - firewalld.spec: - fixed requirements for -applet and -config - man pages: - adapted firewall-applet man page to new version - firewall-applet: - Only honour active connections for zone changes - Change QSettings path and file names - firewall-config: - Only honour active connections for zone changes in the “Change Zones of Connections” menu - Translations: - updated translations - marked translations for “Connections” for review * Tue Jun 16 2015 Stephen Gallagher <sgallagh@redhat.com> 0.3.14.1-2 - Fix issue with missing polkit policy when installing firewalld on Cloud Edition. * Fri Jun 12 2015 Thomas Woerner <twoerner@redhat.com> - 0.3.14.1-1 - firewall-applet - do not use isSystemTrayAvailable check to fix KDE5 startup - dropped gtk applet remain: org.fedoraproject.FirewallApplet.gschema.xml * Fri Jun 12 2015 Thomas Woerner <twoerner@redhat.com> - 0.3.14-1 - renamed python2-firewall to python-firewall - fixed requirements for GUI parts with Python3 - dropped upstream merged python3 patch - firewalld: - print real zone names in error messages - iptables 1.4.21 does not accept limits of 1/day, minimum is 2/day now - rate limit fix for rich rules - fix readdition of removed permanent direct settings - adaption of the polkit domains to use PK_ACTION_DIRECT_INFO - fixed two minor Python3 issues in firewall.core.io.direct - fixed use of fallback configuration values - fixed use without firewalld.conf - firewalld main restructureization - IPv6_rpfilter now also available as a property on D-Bus in the config interface - fixed wait option use for ipXtables - added --concurrent support for ebtables - richLanguage: allow masquerading with destination - richLanguage: limit masquerading forward rule to new connections - ipXtables: No dns lookups in available_tables and _detect_wait_option - full ebtables support: start, stop, reload, panic mode, direct chains and rules - fix for reload with direct rules - fix or flaws found by landscape.io - pid file handling fixes in case of pid file removal - fix for client issue in case of a dbus NoReply error - configuration - new services: dropbox-lansync, ptp - new icmptypes: timestamp-request, timestamp-reply - man pages: - firewalld.zones(5): fixed typos - firewalld.conf(5): Fixed wrong reference to firewalld.lockdown-whitelist page - firewall-applet: - new version using Qt4 fixing several issues with the Gtk version - spec file: - enabled Python3 support: new backends python-firewall and python3-firewall - some cleanup - git: - migrated to github - translations: - migrated to zanata - build environment: - no need for autoconf-2.69, 2.68 is sufficient * Thu May 07 2015 Stephen Gallagher <sgallagh@redhat.com> 0.3.13-7 - Use VARIANT_ID instead of VARIANT for making decisions * Thu Apr 16 2015 Stephen Gallagher <sgallagh@redhat.com> 0.3.13-6 - Switch to using $VARIANT directly from /etc/os-release * Fri Mar 13 2015 Stephen Gallagher <sgallagh@redhat.com> 0.3.13-5 - Fix bugs with posttrans - Remove nonexistent fedora-cloud.conf symlink * Fri Mar 13 2015 Stephen Gallagher <sgallagh@redhat.com> 0.3.13-4 - Remove per-edition config files - Decide on default configuration based on /etc/os-release
2015-06-17 13:58:36 +02:00 · 2015-06-17 13:58:36 +02:00 · 2c29709081
commit 2c29709081
parent 9ca578f732
2 changed files with 166 additions and 19 deletions
--- a/firewalld.spec
+++ b/firewalld.spec
@ -1,14 +1,14 @@
 %if (0%{?fedora} >= 13 || 0%{?rhel} >= 7)
-%define with_python3 1
-%if (0%{?fedora} >= 22 || 0%{?rhel} >= 8)
-%define use_python3 1
+%global with_python3 1
+%if (0%{?fedora} >= 23 || 0%{?rhel} >= 8)
+%global use_python3 1
 %endif
 %endif

 Summary: A firewall daemon with D-Bus interface providing a dynamic firewall
 Name: firewalld
-Version: 0.3.13
-Release: 2%{?dist}
+Version: 0.3.14.2
+Release: 1%{?dist}
 URL:     http://www.firewalld.org
 License: GPLv2+
 Source0: https://fedorahosted.org/released/firewalld/%{name}-%{version}.tar.bz2
@ -19,7 +19,6 @@ Source2: FedoraWorkstation.xml
 %if 0%{?fedora}
 Patch0: firewalld-0.2.6-MDNS-default.patch
 %endif
-Patch1: firewalld-0.3.13-python3.patch
 BuildArch: noarch
 BuildRequires: desktop-file-utils
 BuildRequires: gettext
@ -40,24 +39,37 @@ Requires: firewalld-filesystem = %{version}-%{release}
 %if 0%{?use_python3}
 Requires: python3-firewall  = %{version}-%{release}
 %else #0%{?use_python3}
-Requires: python2-firewall  = %{version}-%{release}
+Requires: python-firewall  = %{version}-%{release}
 %endif #0%{?use_python3}
-%if 0%{?fedora} > 20
+%if 0%{?fedora} == 21
 Requires: firewalld-config
 %endif

+%if 0%{?fedora} > 21
+Provides: variant_config(Server)
+Provides: variant_config(Workstation)
+
+# Remove old config subpackages
+Obsoletes: firewalld-config-standard <= 0.3.13
+Obsoletes: firewalld-config-cloud <= 0.3.13
+Obsoletes: firewalld-config-server <= 0.3.13
+Obsoletes: firewalld-config-workstation <= 0.3.13
+%endif
+
 %description
 firewalld is a firewall service daemon that provides a dynamic customizable 
 firewall with a D-Bus interface.

-%package -n python2-firewall
+%package -n python-firewall
 Summary: Python2 bindings for firewalld
+Provides: python2-firewall
+Obsoletes: python2-firewall
 Requires: dbus-python
 Requires: python-slip-dbus
 Requires: python-decorator
 Requires: pygobject3-base

-%description -n python2-firewall
+%description -n python-firewall
 Python2 bindings for firewalld.

 %if 0%{?with_python3}
@ -84,8 +96,13 @@ Summary: Firewall panel applet
 Requires: %{name} = %{version}-%{release}
 Requires: firewall-config = %{version}-%{release}
 Requires: hicolor-icon-theme
-Requires: gtk3
+%if 0%{?use_python3}
+Requires: python3-PyQt4
+Requires: python3-gobject
+%else
+Requires: PyQt4
 Requires: pygobject3-base
+%endif
 Requires: libnotify
 Requires: NetworkManager-glib

@ -98,14 +115,18 @@ Summary: Firewall configuration application
 Requires: %{name} = %{version}-%{release}
 Requires: hicolor-icon-theme
 Requires: gtk3
+%if 0%{?use_python3}
+Requires: python3-gobject
+%else
 Requires: pygobject3-base
+%endif
 Requires: NetworkManager-glib

 %description -n firewall-config
 The firewall configuration application provides an configuration interface for 
 firewalld.

-%if 0%{?fedora} > 20
+%if 0%{?fedora} == 21
 %package config-standard
 Summary: Firewalld standard configuration settings
 Requires: firewalld = %{version}-%{release}
@ -146,7 +167,6 @@ Workstation product specific firewalld configuration settings.
 %if 0%{?fedora}
 %patch0 -p1
 %endif
-%patch1 -p1

 %if 0%{?with_python3}
 rm -rf %{py3dir}
@ -225,6 +245,40 @@ rm -f %{buildroot}%{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.poli
 %postun
 %systemd_postun_with_restart firewalld.service 

+%if 0%{?fedora} > 21
+%posttrans
+# If we don't yet have a symlink or existing file for firewalld.conf,
+# create it. Note: this will intentionally reset the policykit policy
+# at the same time, so they are in sync.
+
+# Import /etc/os-release to get the variant definition
+. /etc/os-release || :
+
+if [ ! -e %{_sysconfdir}/firewalld/firewalld.conf ]; then
+    case "$VARIANT_ID" in
+        server)
+            ln -sf firewalld-server.conf %{_sysconfdir}/firewalld/firewalld.conf || :
+            ;;
+        workstation)
+            ln -sf firewalld-workstation.conf %{_sysconfdir}/firewalld/firewalld.conf || :
+            ;;
+        *)
+            ln -sf firewalld-standard.conf %{_sysconfdir}/firewalld/firewalld.conf
+            ;;
+    esac
+fi
+
+if [ ! -e %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy ]; then
+    case "$VARIANT_ID" in
+        workstation)
+            ln -sf org.fedoraproject.FirewallD1.desktop.policy %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy || :
+            ;;
+        *)
+            # For all other editions, we'll use the Server polkit policy
+            ln -sf org.fedoraproject.FirewallD1.server.policy %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy || :
+    esac
+fi
+%endif

 %post -n firewall-applet
 /bin/touch --no-create %{_datadir}/icons/hicolor &>/dev/null || :
@ -255,7 +309,7 @@ fi
 /usr/bin/gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
 /usr/bin/glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || :

-%if 0%{?fedora} > 20
+%if 0%{?fedora} == 21
 %post config-standard
 if [ $1 -eq 1 ]; then # Initial installation
    # link standard config
@ -314,13 +368,18 @@ fi
 %if 0%{?fedora} <= 20
 %config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf
 %endif
+%if 0%{?fedora} > 21
+%ghost %config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf
+%config(noreplace) %{_sysconfdir}/firewalld/firewalld-standard.conf
+%config(noreplace) %{_sysconfdir}/firewalld/firewalld-server.conf
+%config(noreplace) %{_sysconfdir}/firewalld/firewalld-workstation.conf
+%endif
 %config(noreplace) %{_sysconfdir}/firewalld/lockdown-whitelist.xml
 %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/icmptypes
 %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/services
 %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/zones
 %defattr(0644,root,root)
 %config(noreplace) %{_sysconfdir}/sysconfig/firewalld
-#%attr(0755,root,root) %{_initrddir}/firewalld
 %{_unitdir}/firewalld.service
 %config(noreplace) %{_sysconfdir}/dbus-1/system.d/FirewallD.conf
 %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.desktop.policy
@ -328,11 +387,14 @@ fi
 %if 0%{?fedora} <= 20
 %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
 %endif
+%if 0%{?fedora} > 21
+%ghost %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
+%endif
 %{_mandir}/man1/firewall*cmd*.1*
 %{_mandir}/man1/firewalld*.1*
 %{_mandir}/man5/firewall*.5*

-%files -n python2-firewall
+%files -n python-firewall
 %attr(0755,root,root) %dir %{python2_sitelib}/firewall
 %attr(0755,root,root) %dir %{python2_sitelib}/firewall/config
 %attr(0755,root,root) %dir %{python2_sitelib}/firewall/core
@ -381,7 +443,6 @@ fi
 %defattr(0644,root,root)
 %{_sysconfdir}/xdg/autostart/firewall-applet.desktop
 %{_datadir}/icons/hicolor/*/apps/firewall-applet*.*
-%{_datadir}/glib-2.0/schemas/org.fedoraproject.FirewallApplet.gschema.xml
 %{_mandir}/man1/firewall-applet*.1*

 %files -n firewall-config
@ -395,7 +456,7 @@ fi
 %{_datadir}/glib-2.0/schemas/org.fedoraproject.FirewallConfig.gschema.xml
 %{_mandir}/man1/firewall-config*.1*

-%if 0%{?fedora} > 20
+%if 0%{?fedora} == 21
 %files config-standard
 %config(noreplace) %{_sysconfdir}/firewalld/firewalld-standard.conf
 %ghost %config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf
@ -413,6 +474,92 @@ fi
 %endif

 %changelog
+* Wed Jun 17 2015 Thomas Woerner <twoerner@redhat.com> - 0.3.14.2-1
+- reunification of the firewalld spec files for all Fedora releases
+- fix dependencies for -applet and -config: use_python3 is the proper switch
+  not with_python3 (RHBZ#1232493)
+- firewalld.spec:
+  - fixed requirements for -applet and -config
+- man pages:
+  - adapted firewall-applet man page to new version
+- firewall-applet:
+  - Only honour active connections for zone changes
+  - Change QSettings path and file names
+- firewall-config:
+  - Only honour active connections for zone changes in the “Change Zones of Connections” menu
+- Translations:
+  - updated translations
+  - marked translations for “Connections” for review
+
+* Tue Jun 16 2015 Stephen Gallagher <sgallagh@redhat.com> 0.3.14.1-2
+- Fix issue with missing polkit policy when installing firewalld on
+  Cloud Edition.
+
+* Fri Jun 12 2015 Thomas Woerner <twoerner@redhat.com> - 0.3.14.1-1
+- firewall-applet
+  - do not use isSystemTrayAvailable check to fix KDE5 startup
+  - dropped gtk applet remain: org.fedoraproject.FirewallApplet.gschema.xml
+
+* Fri Jun 12 2015 Thomas Woerner <twoerner@redhat.com> - 0.3.14-1
+- renamed python2-firewall to python-firewall
+- fixed requirements for GUI parts with Python3
+- dropped upstream merged python3 patch
+- firewalld:
+  - print real zone names in error messages
+  - iptables 1.4.21 does not accept limits of 1/day, minimum is 2/day now
+  - rate limit fix for rich rules
+  - fix readdition of removed permanent direct settings
+  - adaption of the polkit domains to use PK_ACTION_DIRECT_INFO
+  - fixed two minor Python3 issues in firewall.core.io.direct
+  - fixed use of fallback configuration values
+  - fixed use without firewalld.conf
+  - firewalld main restructureization
+  - IPv6_rpfilter now also available as a property on D-Bus in the config interface
+  - fixed wait option use for ipXtables
+  - added --concurrent support for ebtables
+  - richLanguage: allow masquerading with destination
+  - richLanguage: limit masquerading forward rule to new connections
+  - ipXtables: No dns lookups in available_tables and _detect_wait_option
+  - full ebtables support: start, stop, reload, panic mode, direct chains and rules
+  - fix for reload with direct rules
+  - fix or flaws found by landscape.io
+  - pid file handling fixes in case of pid file removal
+  - fix for client issue in case of a dbus NoReply error
+- configuration
+  - new services: dropbox-lansync, ptp
+  - new icmptypes: timestamp-request, timestamp-reply
+- man pages:
+  - firewalld.zones(5): fixed typos
+  - firewalld.conf(5): Fixed wrong reference to firewalld.lockdown-whitelist page
+- firewall-applet:
+  - new version using Qt4 fixing several issues with the Gtk version
+- spec file:
+  - enabled Python3 support: new backends python-firewall and python3-firewall
+  - some cleanup
+- git:
+  - migrated to github
+- translations:
+  - migrated to zanata
+- build environment:
+  - no need for autoconf-2.69, 2.68 is sufficient
+
+* Thu May 07 2015 Stephen Gallagher <sgallagh@redhat.com> 0.3.13-7
+- Use VARIANT_ID instead of VARIANT for making decisions
+
+* Thu Apr 16 2015 Stephen Gallagher <sgallagh@redhat.com> 0.3.13-6
+- Switch to using $VARIANT directly from /etc/os-release
+
+* Fri Mar 13 2015 Stephen Gallagher <sgallagh@redhat.com> 0.3.13-5
+- Fix bugs with posttrans
+- Remove nonexistent fedora-cloud.conf symlink
+
+* Fri Mar 13 2015 Stephen Gallagher <sgallagh@redhat.com> 0.3.13-4
+- Remove per-edition config files
+- Decide on default configuration based on /etc/os-release
+
+* Mon Feb 23 2015 Jiri Popelka <jpopelka@redhat.com> - 0.3.13-3
+- use python3 bindings on fedora >=23
+
 *  Wed Jan 28 2015 Thomas Woerner <twoerner@redhat.com> - 0.3.13-2
 - enable python2 and python3 bindings for fedora >= 20 and rhel >= 7
 - use python3 bindings on fedora >= 22 and rhel >= 8 for firewalld,
--- a/2
+++ b/2
@ -1 +1 @@
-3f292adb4599f387f1ed83ad5c13dc62  firewalld-0.3.13.tar.bz2
+5984690845a7be38dff3cedff273b73a  firewalld-0.3.14.2.tar.bz2