PGNd
2014-Oct-03 13:35 UTC
tarball's ./install.sh installs bins with incorrect paths, ignores shorewallrc's DESTDIR=
starting from an extracted tarball build's dir
cd shorewall-lite-4.6.4-Beta2-19-g205dd6e/
with
cat shorewall-core-4.6.4-Beta2-19-g205dd6e/shorewallrc.suse
HOST=suse
PREFIX=/usr
SHAREDIR=${PREFIX}/share
LIBEXECDIR=${PREFIX}/lib
PERLLIBDIR=${PREFIX}/lib/perl5
CONFDIR=/etc
SBINDIR=/usr/sbin
MANDIR=${PREFIX}/man/
INITDIR=/etc/init.d
INITSOURCE=init.suse.sh
INITFILE=${PRODUCT}
AUXINITSOURCE AUXINITFILE SYSTEMD=/etc/systemd
SERVICEFILE=${PRODUCT}.service
SYSCONFFILE=sysconfig
SYSCONFDIR=/etc/sysconfig
SPARSE ANNOTATED VARLIB=/var/lib
VARDIR=${VARLIB}/${PRODUCT}
DESTDIR=/usr/local/shorewall-custom
cleaning
rm -rf /usr/local/shorewall-custom
installing with specific rc target
./install.sh shorewallrc.suse
populates correctly
tree -dxC /usr/local/shorewall-custom
/usr/local/shorewall-custom
├── etc
│ ├── init.d
│ ├── logrotate.d
│ ├── shorewall
│ ├── shorewall6
│ ├── shorewall6-lite
│ ├── shorewall-lite
│ ├── sysconfig
│ │ └── network
│ │ ├── if-down.d
│ │ └── if-up.d
│ └── systemd
├── usr
│ ├── lib
│ │ ├── perl5
│ │ │ └── Shorewall
│ │ ├── shorewall
│ │ ├── shorewall6
│ │ ├── shorewall6-lite
│ │ ├── shorewall-init
│ │ └── shorewall-lite
│ ├── man
│ │ ├── man5
│ │ └── man8
│ ├── sbin
│ └── share
│ ├── man
│ │ ├── man5
│ │ └── man8
│ ├── shorewall
│ │ ├── configfiles
│ │ └── Shorewall
│ ├── shorewall6
│ │ └── configfiles
│ ├── shorewall6-lite
│ ├── shorewall-init
│ └── shorewall-lite
└── var
└── lib
├── shorewall
├── shorewall6
├── shorewall6-lite
└── shorewall-lite
bin exists
ls -al /usr/local/shorewall-custom/usr/sbin/shorewall-lite
-r-xr--r-- 1 root root 1.5K Oct 3 06:05
/usr/local/shorewall-custom/usr/sbin/shorewall-lite*
checking
/usr/local/shorewall-custom/usr/sbin/shorewall-lite version
4.6.3.4
reports INCORRECT version. That's the *system*-installed version, not THIS
just-installed version
checking
cat /usr/local/shorewall-custom/usr/sbin/shorewall-lite
...
PRODUCT=shorewall-lite
#
# This is modified by the installer when ${SHAREDIR} != /usr/share
#
. /usr/share/shorewall/shorewallrc
g_program=$PRODUCT
g_sharedir="$SHAREDIR"/shorewall-lite
g_confdir="$CONFDIR"/shorewall-lite
g_readrc=1
. ${SHAREDIR}/shorewall/lib.cli
shorewall_cli $@
paths should be (?) relative to the executable, as specified in the correct
shorewallrc with DESTDIR= set
e.g.,
vi /usr/local/shorewall-custom/usr/sbin/shorewall-lite
...
PRODUCT=shorewall-lite
#
# This is modified by the installer when ${SHAREDIR} != /usr/share
#
- . /usr/share/shorewall/shorewallrc
+ . ./usr/share/shorewall/shorewallrc
g_program=$PRODUCT
- g_sharedir="$SHAREDIR"/shorewall-lite
- g_confdir="$CONFDIR"/shorewall-lite
+ g_sharedir="${DESTDIR}/$SHAREDIR"/shorewall-lite
+ g_confdir="${DESTDIR}/$CONFDIR"/shorewall-lite
g_readrc=1
- . ${SHAREDIR}/shorewall/lib.cli
+ . ${DESTDIR}/${SHAREDIR}/shorewall/lib.cli
shorewall_cli $@
now, correctly
/usr/local/shorewall-custom/usr/sbin/shorewall-lite version
4.6.4-Beta2-19-g205dd6e
true for, at least, all installed
/usr/local/shorewall-custom/usr/sbin/shorewall-*
only currently an issue if DESTDIR=, the 'preferred' method of
location-targeted install, is used
not a problem if, instead, ${PREFIX} etc in build-time shorewallrc* is
hard-coded, per prior discussion
also,
g_confdir="${DESTDIR}/$CONFDIR"/shorewall-lite
may NOT be (?) correct/sufficient -- as the used config file/dir needs to be
override-able from shell cmd line, within systemd service file, etc.
------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users