tag 802283 + patch
thanks
Le 10/10/17 à 12:49, Laurent Bigonville a écrit :
On Sun, 18 Jun 2017 16:16:42 +0200 Michael Biebl <bi...@debian.org>
wrote:
> Hi Laurent!
>
> On Mon, 19 Oct 2015 03:24:38 +0200 Laurent Bigonville
<bi...@debian.org>
> wrote:
> > Package: firewalld
> > Version: 0.3.13-1
> > Severity: normal
> >
> > Hi,
> >
> > I think we should create an alternative for the
> > /usr/share/polkit-1/actions/org.fedoraproject.FirewallD1.policy
symlink.
> >
> > It can either point to org.fedoraproject.FirewallD1.server.policy
(the
> > default and the more strict policy) or to
> > org.fedoraproject.FirewallD1.desktop.policy one.
>
> Do you know how Fedora/RH handles that symlink? Do they have a config
> tool which set's that symlink?
The symlink is created at the build time (and defaults to the server
config)
Apparently in recent versions of firewalld, the build system installs:
-rw-r--r--. 1 root root 3916 jun 18 16:27
/usr/share/polkit-1/actions/org.fedoraproject.FirewallD1.desktop.policy.choice
lrwxrwxrwx. 1 root root 49 jun 18 16:27
/usr/share/polkit-1/actions/org.fedoraproject.FirewallD1.policy ->
org.fedoraproject.FirewallD1.server.policy.choice
-rw-r--r--. 1 root root 4024 jun 18 16:27
/usr/share/polkit-1/actions/org.fedoraproject.FirewallD1.server.policy.choice
That makes our live even easier to create the alternative
I actually already have a patch here to do that
>From 97de6680c623bedcf75c8d7a13dd7a0693d210c2 Mon Sep 17 00:00:00 2001
From: Laurent Bigonville <bi...@debian.org>
Date: Tue, 14 Feb 2017 15:36:26 +0100
Subject: [PATCH] Handle
/usr/share/polkit-1/actions/org.fedoraproject.FirewallD1.policy symlink using
alternatives
Closes: #802283
---
debian/firewalld.postinst | 6 ++++++
debian/firewalld.prerm | 25 +++++++++++++++++++++++++
debian/rules | 2 ++
3 files changed, 33 insertions(+)
create mode 100644 debian/firewalld.prerm
diff --git a/debian/firewalld.postinst b/debian/firewalld.postinst
index cc7b96d..68ee272 100644
--- a/debian/firewalld.postinst
+++ b/debian/firewalld.postinst
@@ -12,6 +12,12 @@ case "$1" in
chmod 0750 /etc/firewalld
fi
fi
+ update-alternatives --install /usr/share/polkit-1/actions/org.fedoraproject.FirewallD1.policy \
+ org.fedoraproject.FirewallD1.policy \
+ /usr/share/polkit-1/actions/org.fedoraproject.FirewallD1.server.policy.choice 20
+ update-alternatives --install /usr/share/polkit-1/actions/org.fedoraproject.FirewallD1.policy \
+ org.fedoraproject.FirewallD1.policy \
+ /usr/share/polkit-1/actions/org.fedoraproject.FirewallD1.desktop.policy.choice 10
;;
abort-upgrade|abort-remove|abort-deconfigure)
diff --git a/debian/firewalld.prerm b/debian/firewalld.prerm
new file mode 100644
index 0000000..d0e3239
--- /dev/null
+++ b/debian/firewalld.prerm
@@ -0,0 +1,25 @@
+#!/bin/sh
+set -e
+
+
+case "$1" in
+ # only remove in remove/deconfigure so we don't disrupt users' preferences
+ remove|deconfigure)
+ update-alternatives --remove org.fedoraproject.FirewallD1.policy \
+ /usr/share/polkit-1/actions/org.fedoraproject.FirewallD1.server.policy.choice
+ update-alternatives --remove org.fedoraproject.FirewallD1.policy \
+ /usr/share/polkit-1/actions/org.fedoraproject.FirewallD1.desktop.policy.choice
+ ;;
+
+ upgrade|failed-upgrade)
+ ;;
+
+ *)
+ echo "prerm called with unknown argument \`$1'" >&2
+ exit 0
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
diff --git a/debian/rules b/debian/rules
index a826853..101276e 100755
--- a/debian/rules
+++ b/debian/rules
@@ -25,6 +25,8 @@ override_dh_auto_configure:
--with-ipset=/sbin/ipset
override_dh_install:
+ # Delete the symlink and let update-alternatives handle it
+ rm -f debian/tmp/usr/share/polkit-1/actions/org.fedoraproject.FirewallD1.policy
dh_install --list-missing
override_dh_fixperms:
--
2.15.0.rc0
