meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw/0002-add-an-option-to-specify-iptables-location.patch - openbmc/openbmc - Gitiles

 From 808577f8464f542076840d0d93fe168a5f79442c Mon Sep 17 00:00:00 2001
 From: Silcet <camorga1@gmail.com>
 Date: Tue, 27 Apr 2021 05:40:03 +0000
 Subject: [PATCH] setup: add an option to specify iptables location

 When cross-compiling it isn't certain that the location of iptables on the
 target will be the same as on the host.  It also doesn't make sense the
 test the version of the host during setup.  We provide an option to
 specify an alternate iptables directory.  This is assumed to be a
 cross-compile environment and therefore no attempt is made to verify the
 version of iptables to be used.

 Upstream-Status: Pending

 Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>

 The patch was imported from the OpenEmbedded git server
 (git://git.openembedded.org/openembedded) as of commit id
 2cc1bd9dd060f5002c2fde7aacba86fe230c12af.

 Signed-off-by: Silcet <camorga1@gmail.com>
 ---
  setup.py | 65 ++++++++++++++++++++++++++++++++------------------------
  1 file changed, 37 insertions(+), 28 deletions(-)

 --- a/setup.py
 +++ b/setup.py
 @@ -245,45 +245,50 @@ shutil.copytree('src', 'staging')
  os.unlink(os.path.join('staging', 'ufw-init'))
  os.unlink(os.path.join('staging', 'ufw-init-functions'))

 +iptables_set = 0
  iptables_exe = ''
  iptables_dir = ''

 -for e in ['iptables']:
 -    # Historically iptables was in /sbin, then later also symlinked from
 -    # /usr/sbin/iptables to /sbin/iptables. Debian bullseye moves iptables
 -    # to /usr/sbin with no symlink in /sbin except on upgrades. To accomodate
 -    # buildds that may still have the old iptables, search /usr/sbin first
 -    for dir in ['/usr/sbin', '/sbin', '/usr/bin', '/bin', '/usr/local/sbin', \
 -                '/usr/local/bin']:
 -        if e == "iptables":
 -            if os.path.exists(os.path.join(dir, e)):
 -                iptables_dir = dir
 -                iptables_exe = os.path.join(iptables_dir, "iptables")
 -                print("Found '%s'" % iptables_exe)
 -            else:
 -                continue
 -
 -        if iptables_exe != "":
 -            break
 -
 -
 -if iptables_exe == '':
 -    print("ERROR: could not find required binary 'iptables'", file=sys.stderr)
 -    sys.exit(1)
 -
 -for e in ['ip6tables', 'iptables-restore', 'ip6tables-restore']:
 -    if not os.path.exists(os.path.join(iptables_dir, e)):
 -        print("ERROR: could not find required binary '%s'" % (e), file=sys.stderr)
 +if "--iptables-dir" in sys.argv:
 +    iptables_dir = sys.argv[sys.argv.index("--iptables-dir") + 1]
 +    iptables_exe = os.path.join(iptables_dir, "iptables")
 +    iptables_set = 1
 +    print("INFO: iptables manually set: '%s'" % (iptables_exe))
 +    sys.argv.remove(iptables_dir)
 +    sys.argv.remove("--iptables-dir")
 +
 +if not iptables_set:
 +    for e in ['iptables']:
 +        for dir in ['/usr/sbin', '/sbin', '/usr/bin', '/bin', '/usr/local/sbin', \
 +                    '/usr/local/bin']:
 +            if e == "iptables":
 +                if os.path.exists(os.path.join(dir, e)):
 +                    iptables_dir = dir
 +                    iptables_exe = os.path.join(iptables_dir, "iptables")
 +                    print("Found '%s'" % iptables_exe)
 +                else:
 +                    continue
 +
 +            if iptables_exe != "":
 +                break
 +
 +    if iptables_exe == '':
 +        print("ERROR: could not find required binary 'iptables'", file=sys.stderr)
          sys.exit(1)

 -(rc, out) = cmd([iptables_exe, '-V'])
 -if rc != 0:
 -    raise OSError(errno.ENOENT, "Could not find version for '%s'" % \
 -                  (iptables_exe))
 -version = re.sub('^v', '', re.split('\s', str(out))[1])
 -print("Found '%s' version '%s'" % (iptables_exe, version))
 -if version < "1.4":
 -    print("WARN: version '%s' has limited IPv6 support. See README for details." % (version), file=sys.stderr)
 +    for e in ['ip6tables', 'iptables-restore', 'ip6tables-restore']:
 +        if not os.path.exists(os.path.join(iptables_dir, e)):
 +            print("ERROR: could not find required binary '%s'" % (e), file=sys.stderr)
 +            sys.exit(1)
 +
 +    (rc, out) = cmd([iptables_exe, '-V'])
 +    if rc != 0:
 +        raise OSError(errno.ENOENT, "Could not find version for '%s'" % \
 +                      (iptables_exe))
 +    version = re.sub('^v', '', re.split('\s', str(out))[1])
 +    print("Found '%s' version '%s'" % (iptables_exe, version))
 +    if version < "1.4":
 +        print("WARN: version '%s' has limited IPv6 support. See README for details." % (version), file=sys.stderr)

  setup (name='ufw',
        version=ufw_version,
	From 808577f8464f542076840d0d93fe168a5f79442c Mon Sep 17 00:00:00 2001
	From: Silcet <camorga1@gmail.com>
	Date: Tue, 27 Apr 2021 05:40:03 +0000
	Subject: [PATCH] setup: add an option to specify iptables location

	When cross-compiling it isn't certain that the location of iptables on the
	target will be the same as on the host. It also doesn't make sense the
	test the version of the host during setup. We provide an option to
	specify an alternate iptables directory. This is assumed to be a
	cross-compile environment and therefore no attempt is made to verify the
	version of iptables to be used.

	Upstream-Status: Pending

	Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>

	The patch was imported from the OpenEmbedded git server
	(git://git.openembedded.org/openembedded) as of commit id
	2cc1bd9dd060f5002c2fde7aacba86fe230c12af.

	Signed-off-by: Silcet <camorga1@gmail.com>
	---
	setup.py \| 65 ++++++++++++++++++++++++++++++++------------------------
	1 file changed, 37 insertions(+), 28 deletions(-)

	--- a/setup.py
	+++ b/setup.py
	@@ -245,45 +245,50 @@ shutil.copytree('src', 'staging')
	os.unlink(os.path.join('staging', 'ufw-init'))
	os.unlink(os.path.join('staging', 'ufw-init-functions'))

	+iptables_set = 0
	iptables_exe = ''
	iptables_dir = ''

	-for e in ['iptables']:
	- # Historically iptables was in /sbin, then later also symlinked from
	- # /usr/sbin/iptables to /sbin/iptables. Debian bullseye moves iptables
	- # to /usr/sbin with no symlink in /sbin except on upgrades. To accomodate
	- # buildds that may still have the old iptables, search /usr/sbin first
	- for dir in ['/usr/sbin', '/sbin', '/usr/bin', '/bin', '/usr/local/sbin', \
	- '/usr/local/bin']:
	- if e == "iptables":
	- if os.path.exists(os.path.join(dir, e)):
	- iptables_dir = dir
	- iptables_exe = os.path.join(iptables_dir, "iptables")
	- print("Found '%s'" % iptables_exe)
	- else:
	- continue
	-
	- if iptables_exe != "":
	- break
	-
	-
	-if iptables_exe == '':
	- print("ERROR: could not find required binary 'iptables'", file=sys.stderr)
	- sys.exit(1)
	-
	-for e in ['ip6tables', 'iptables-restore', 'ip6tables-restore']:
	- if not os.path.exists(os.path.join(iptables_dir, e)):
	- print("ERROR: could not find required binary '%s'" % (e), file=sys.stderr)
	+if "--iptables-dir" in sys.argv:
	+ iptables_dir = sys.argv[sys.argv.index("--iptables-dir") + 1]
	+ iptables_exe = os.path.join(iptables_dir, "iptables")
	+ iptables_set = 1
	+ print("INFO: iptables manually set: '%s'" % (iptables_exe))
	+ sys.argv.remove(iptables_dir)
	+ sys.argv.remove("--iptables-dir")
	+
	+if not iptables_set:
	+ for e in ['iptables']:
	+ for dir in ['/usr/sbin', '/sbin', '/usr/bin', '/bin', '/usr/local/sbin', \
	+ '/usr/local/bin']:
	+ if e == "iptables":
	+ if os.path.exists(os.path.join(dir, e)):
	+ iptables_dir = dir
	+ iptables_exe = os.path.join(iptables_dir, "iptables")
	+ print("Found '%s'" % iptables_exe)
	+ else:
	+ continue
	+
	+ if iptables_exe != "":
	+ break
	+
	+ if iptables_exe == '':
	+ print("ERROR: could not find required binary 'iptables'", file=sys.stderr)
	sys.exit(1)

	-(rc, out) = cmd([iptables_exe, '-V'])
	-if rc != 0:
	- raise OSError(errno.ENOENT, "Could not find version for '%s'" % \
	- (iptables_exe))
	-version = re.sub('^v', '', re.split('\s', str(out))[1])
	-print("Found '%s' version '%s'" % (iptables_exe, version))
	-if version < "1.4":
	- print("WARN: version '%s' has limited IPv6 support. See README for details." % (version), file=sys.stderr)
	+ for e in ['ip6tables', 'iptables-restore', 'ip6tables-restore']:
	+ if not os.path.exists(os.path.join(iptables_dir, e)):
	+ print("ERROR: could not find required binary '%s'" % (e), file=sys.stderr)
	+ sys.exit(1)
	+
	+ (rc, out) = cmd([iptables_exe, '-V'])
	+ if rc != 0:
	+ raise OSError(errno.ENOENT, "Could not find version for '%s'" % \
	+ (iptables_exe))
	+ version = re.sub('^v', '', re.split('\s', str(out))[1])
	+ print("Found '%s' version '%s'" % (iptables_exe, version))
	+ if version < "1.4":
	+ print("WARN: version '%s' has limited IPv6 support. See README for details." % (version), file=sys.stderr)

	setup (name='ufw',
	version=ufw_version,