Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 1 | SUMMARY = "Dynamic firewall daemon with a D-Bus interface" |
| 2 | HOMEPAGE = "https://firewalld.org/" |
| 3 | BUGTRACKER = "https://github.com/firewalld/firewalld/issues" |
Brad Bishop | 779d0ac | 2019-09-27 08:23:48 -0400 | [diff] [blame] | 4 | UPSTREAM_CHECK_URI = "https://github.com/firewalld/firewalld/releases" |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 5 | LICENSE = "GPLv2+" |
| 6 | LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" |
| 7 | |
Brad Bishop | 26bdd44 | 2019-08-16 17:08:17 -0400 | [diff] [blame] | 8 | SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/v${PV}/${BP}.tar.gz \ |
Brad Bishop | 26bdd44 | 2019-08-16 17:08:17 -0400 | [diff] [blame] | 9 | file://firewalld.init \ |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 10 | " |
Brad Bishop | 00ab237 | 2019-10-14 11:06:18 -0400 | [diff] [blame] | 11 | SRC_URI[md5sum] = "2549c2006def07a19b4c77ec960e5aab" |
| 12 | SRC_URI[sha256sum] = "fbd1b72b3c4b4d0c20659f664b2ba36175364ffbb9cebf3bdfaf9b5e6983be77" |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 13 | |
| 14 | # glib-2.0-native is needed for GSETTINGS_RULES autoconf macro from gsettings.m4 |
Brad Bishop | 4fe7a13 | 2019-10-07 09:34:48 -0400 | [diff] [blame] | 15 | DEPENDS = "intltool-native glib-2.0-native libxslt-native docbook-xsl-stylesheets-native" |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 16 | |
| 17 | inherit gettext autotools bash-completion python3native gsettings systemd update-rc.d |
| 18 | |
| 19 | PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" |
Brad Bishop | 4fe7a13 | 2019-10-07 09:34:48 -0400 | [diff] [blame] | 20 | PACKAGECONFIG[systemd] = "--with-systemd-unitdir=${systemd_system_unitdir},--disable-systemd" |
| 21 | |
| 22 | PACKAGES += "${PN}-zsh-completion" |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 23 | |
| 24 | # iptables, ip6tables, ebtables, and ipset *should* be unnecessary |
| 25 | # when the nftables backend is available, because nftables supersedes all of them. |
| 26 | # However we still need iptables and ip6tables to be available otherwise any |
| 27 | # application relying on "direct passthrough" rules (such as docker) will break. |
| 28 | # /etc/sysconfig/firewalld is a Red Hat-ism, only referenced by |
| 29 | # the Red Hat-specific init script which we aren't using, so we disable that. |
| 30 | EXTRA_OECONF = "\ |
| 31 | --with-nft=${sbindir}/nft \ |
| 32 | --without-ipset \ |
| 33 | --with-iptables=${sbindir}/iptables \ |
| 34 | --with-iptables-restore=${sbindir}/iptables-restore \ |
| 35 | --with-ip6tables=${sbindir}/ip6tables \ |
| 36 | --with-ip6tables-restore=${sbindir}/ip6tables-restore \ |
| 37 | --without-ebtables \ |
| 38 | --without-ebtables-restore \ |
| 39 | --disable-sysconfig \ |
Brad Bishop | 4fe7a13 | 2019-10-07 09:34:48 -0400 | [diff] [blame] | 40 | --with-xml-catalog=${STAGING_ETCDIR_NATIVE}/xml/catalog \ |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 41 | " |
| 42 | |
| 43 | INITSCRIPT_NAME = "firewalld" |
Brad Bishop | 4fe7a13 | 2019-10-07 09:34:48 -0400 | [diff] [blame] | 44 | SYSTEMD_SERVICE_${PN} = "firewalld.service" |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 45 | |
| 46 | do_install_append() { |
| 47 | if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then |
| 48 | : |
| 49 | else |
| 50 | # firewalld ships an init script but it contains Red Hat-isms, replace it with our own |
| 51 | rm -rf ${D}${sysconfdir}/rc.d/ |
| 52 | install -d ${D}${sysconfdir}/init.d |
| 53 | install -m0755 ${WORKDIR}/firewalld.init ${D}${sysconfdir}/init.d/firewalld |
| 54 | fi |
| 55 | |
| 56 | # We ran ./configure with PYTHON pointed at the binary inside $STAGING_BINDIR_NATIVE |
| 57 | # so now we need to fix up any references to point at the proper path in the image. |
| 58 | # This hack is also in distutils.bbclass, but firewalld doesn't use distutils/setuptools. |
| 59 | if [ ${PN} != "${BPN}-native" ]; then |
| 60 | sed -i -e s:${STAGING_BINDIR_NATIVE}/python3-native/python3:${bindir}/python3:g \ |
| 61 | ${D}${bindir}/* ${D}${sbindir}/* ${D}${sysconfdir}/firewalld/*.xml |
| 62 | fi |
| 63 | sed -i -e s:${STAGING_BINDIR_NATIVE}:${bindir}:g \ |
| 64 | ${D}${bindir}/* ${D}${sbindir}/* ${D}${sysconfdir}/firewalld/*.xml |
| 65 | } |
| 66 | |
| 67 | FILES_${PN} += "\ |
| 68 | ${PYTHON_SITEPACKAGES_DIR}/firewall \ |
Brad Bishop | 4fe7a13 | 2019-10-07 09:34:48 -0400 | [diff] [blame] | 69 | ${datadir}/dbus-1 \ |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 70 | ${datadir}/polkit-1 \ |
| 71 | ${datadir}/metainfo \ |
| 72 | " |
Brad Bishop | 4fe7a13 | 2019-10-07 09:34:48 -0400 | [diff] [blame] | 73 | FILES_${PN}-zsh-completion = "${datadir}/zsh/site-functions" |
Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 74 | |
| 75 | RDEPENDS_${PN} = "\ |
| 76 | nftables \ |
| 77 | iptables \ |
| 78 | python3-core \ |
| 79 | python3-io \ |
| 80 | python3-fcntl \ |
| 81 | python3-shell \ |
| 82 | python3-syslog \ |
| 83 | python3-xml \ |
| 84 | python3-dbus \ |
| 85 | python3-slip-dbus \ |
| 86 | python3-decorator \ |
| 87 | python3-pygobject \ |
| 88 | " |