From: Thomas Petazzoni via buildroot <buildroot@buildroot.org>
To: Adam Duskett <aduskett@gmail.com>
Cc: buildroot@buildroot.org
Subject: Re: [Buildroot] [PATCH v2 1/1] package/firewalld: new package
Date: Sun, 13 Aug 2023 23:59:10 +0200 [thread overview]
Message-ID: <20230813235910.3b1e4be8@windsurf> (raw)
In-Reply-To: <20230604025204.324443-1-aduskett@gmail.com>
Hello Adam,
On Sat, 3 Jun 2023 19:52:04 -0700
Adam Duskett <aduskett@gmail.com> wrote:
> Firewalld provides a dynamically managed firewall with
> support for network or firewall zones to define the trust level of network
> connections or interfaces.
Thanks for the patch, which I have applied to our next branch, with a
few small changes. See below.
> package/Config.in | 1 +
> package/firewalld/Config.in | 43 ++++++
> package/firewalld/S46firewalld | 66 ++++++++
> package/firewalld/firewalld.hash | 3 +
> package/firewalld/firewalld.mk | 257 +++++++++++++++++++++++++++++++
> 5 files changed, 370 insertions(+)
An entry in the DEVELOPERS file was missing, so I've added that.
> diff --git a/package/firewalld/Config.in b/package/firewalld/Config.in
> new file mode 100644
> index 0000000000..4f58a3ea05
> --- /dev/null
> +++ b/package/firewalld/Config.in
> @@ -0,0 +1,43 @@
> +config BR2_PACKAGE_FIREWALLD
> + bool "firewalld"
> + depends on BR2_USE_MMU # gobject-introspection, python-gobject
> + depends on BR2_PACKAGE_GOBJECT_INTROSPECTION_ARCH_SUPPORTS
> + depends on BR2_USE_WCHAR # glib2, dbus-python, nftables
> + depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_9 # gobject-introspection
> + depends on BR2_TOOLCHAIN_HAS_THREADS # dbus-python
> + depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_12
> + depends on BR2_TOOLCHAIN_USES_GLIBC # gobject-introspection
> + depends on BR2_HOST_GCC_AT_LEAST_8 # gobject-introspection -> host-qemu
> + depends on BR2_PACKAGE_PYTHON3 # dbus-python, gobject-introspection
I think for a package like this a "select BR2_PACKAGE_PYTHON3" made
more sense than "depends on BR2_PACKAGE_PYTHON3", so I've changed that
and of course propagated the reverse dependencies as needed.
> + select BR2_PACKAGE_DBUS # dbus-python
> + select BR2_PACKAGE_DBUS_PYTHON
> + select BR2_PACKAGE_GOBJECT_INTROSPECTION
> + select BR2_PACKAGE_JANSSON # Uses the nftables json interface
> + select BR2_PACKAGE_NFTABLES
> + select BR2_PACKAGE_PYTHON_GOBJECT
> + help
> + Firewalld provides a dynamically managed firewall with
> + support for network or firewall zones to define the trust
> + level of network connections or interfaces. It has support
> + for IPv4, IPv6 firewall settings and for ethernet bridges and
> + a separation of runtime and permanent configuration options.
> + It also provides an interface for services or applications to
> + add ip*tables and ebtables rules directly.
> +
> + Note: Firewalld uses nftables as the backend and requires
> + kernel version >= 5.3.
> +
> + https://github.com/firewalld/firewalld
> +
> +comment "firewalld needs python3"
> + depends on !BR2_PACKAGE_PYTHON3
> + depends on BR2_PACKAGE_GOBJECT_INTROSPECTION_ARCH_SUPPORTS
So I dropped this comment.
> +
> +comment "firewalld needs a glibc toolchain w/ wchar, dynamic library, headers >= 3.12, gcc >= 4.9, host gcc >= 8"
Interestingly, you mentioned "dynamic library" here, but there was
nothing related to BR2_STATIC_LIBS. Turned out that with Python3 being
selected, in fact !BR2_STATIC_LIBS has been added in the dependencies,
and therefore "needs [...] dynamic library" is indeed correct.
> + depends on BR2_USE_MMU
> + depends on BR2_PACKAGE_GOBJECT_INTROSPECTION_ARCH_SUPPORTS
> + depends on !BR2_TOOLCHAIN_USES_GLIBC || \
> + !BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_12 || \
> + !BR2_USE_WCHAR || BR2_STATIC_LIBS || \
> + !BR2_TOOLCHAIN_GCC_AT_LEAST_4_9 || \
> + !BR2_HOST_GCC_AT_LEAST_8
> +ifeq ($(BR2_SYSTEM_ENABLE_NLS),y)
> +FIREWALLD_CONF_OPTS += --enable-nls
> +endif
This NLS option is already handled in a generic way by the
autotools-package infrastructure, so it is not necessary to do it here.
I did a build, which went well, so I've pushed your patch with the
above changes.
Thanks for this contribution!
Thomas
--
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering and training
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
next prev parent reply other threads:[~2023-08-13 21:59 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-04 2:52 [Buildroot] [PATCH v2 1/1] package/firewalld: new package Adam Duskett
2023-08-13 21:59 ` Thomas Petazzoni via buildroot [this message]
2023-08-13 22:00 ` Thomas Petazzoni via buildroot
2023-08-15 15:00 ` Julien Olivain
2023-08-15 16:30 ` Yann E. MORIN
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230813235910.3b1e4be8@windsurf \
--to=buildroot@buildroot.org \
--cc=aduskett@gmail.com \
--cc=thomas.petazzoni@bootlin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.