Thanks for the suggestion, seems like a reasonable idea to add a file-based trigger for the /usr/lib/firewalld/zones/ directory.On Sun, Apr 13, 2025 at 01:15:28AM +0200, Andrea Bolognani wrote: [..snip..]> I think what might be happening is that we don't have any code in the> libvirt package that matches the following snippet from the upstream > spec file:> > %post daemon-driver-network> %if %{with_firewalld_zone} > %firewalld_reload > %endifNice find! [..snip..]> It would probably make sense to at least attempt to reload firewalld> when the network driver is installed, the way upstream and Fedora > already do. Instead of all packages shipping zones doing this firewalld should likely better register a trigger, like e.g. glib does for new schemas: /usr/share/glib-2.0/schemas libglib2.0-0t64:amd64 in /var/lib/dpkg/triggers/File so probably best to move the issue there?
I need to check if we should include /usr/lib/firewalld/services/ as well or if firewalld picks those up automatically.
Regards Michael
OpenPGP_signature.asc
Description: OpenPGP digital signature
