From: Thomas Petazzoni via buildroot <buildroot@buildroot.org>
To: Adam Duskett <aduskett@gmail.com>
Cc: buildroot@buildroot.org
Subject: Re: [Buildroot] [PATCH v2 1/1] package/firewalld: new package
Date: Sun, 13 Aug 2023 23:59:10 +0200 [thread overview]
Message-ID: <20230813235910.3b1e4be8@windsurf> (raw)
In-Reply-To: <20230604025204.324443-1-aduskett@gmail.com>
Hello Adam,
On Sat, 3 Jun 2023 19:52:04 -0700
Adam Duskett <aduskett@gmail.com> wrote:
> Firewalld provides a dynamically managed firewall with
> support for network or firewall zones to define the trust level of network
> connections or interfaces.
Thanks for the patch, which I have applied to our next branch, with a
few small changes. See below.
> package/Config.in | 1 +
> package/firewalld/Config.in | 43 ++++++
> package/firewalld/S46firewalld | 66 ++++++++
> package/firewalld/firewalld.hash | 3 +
> package/firewalld/firewalld.mk | 257 +++++++++++++++++++++++++++++++
> 5 files changed, 370 insertions(+)
An entry in the DEVELOPERS file was missing, so I've added that.
> diff --git a/package/firewalld/Config.in b/package/firewalld/Config.in
> new file mode 100644
> index 0000000000..4f58a3ea05
> --- /dev/null
> +++ b/package/firewalld/Config.in
> @@ -0,0 +1,43 @@
> +config BR2_PACKAGE_FIREWALLD
> + bool "firewalld"
> + depends on BR2_USE_MMU # gobject-introspection, python-gobject
> + depends on BR2_PACKAGE_GOBJECT_INTROSPECTION_ARCH_SUPPORTS
> + depends on BR2_USE_WCHAR # glib2, dbus-python, nftables
> + depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_9 # gobject-introspection
> + depends on BR2_TOOLCHAIN_HAS_THREADS # dbus-python
> + depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_12
> + depends on BR2_TOOLCHAIN_USES_GLIBC # gobject-introspection
> + depends on BR2_HOST_GCC_AT_LEAST_8 # gobject-introspection -> host-qemu
> + depends on BR2_PACKAGE_PYTHON3 # dbus-python, gobject-introspection
I think for a package like this a "select BR2_PACKAGE_PYTHON3" made
more sense than "depends on BR2_PACKAGE_PYTHON3", so I've changed that
and of course propagated the reverse dependencies as needed.
> + select BR2_PACKAGE_DBUS # dbus-python
> + select BR2_PACKAGE_DBUS_PYTHON
> + select BR2_PACKAGE_GOBJECT_INTROSPECTION
> + select BR2_PACKAGE_JANSSON # Uses the nftables json interface
> + select BR2_PACKAGE_NFTABLES
> + select BR2_PACKAGE_PYTHON_GOBJECT
> + help
> + Firewalld provides a dynamically managed firewall with
> + support for network or firewall zones to define the trust
> + level of network connections or interfaces. It has support
> + for IPv4, IPv6 firewall settings and for ethernet bridges and
> + a separation of runtime and permanent configuration options.
> + It also provides an interface for services or applications to
> + add ip*tables and ebtables rules directly.
> +
> + Note: Firewalld uses nftables as the backend and requires
> + kernel version >= 5.3.
> +
> + https://github.com/firewalld/firewalld
> +
> +comment "firewalld needs python3"
> + depends on !BR2_PACKAGE_PYTHON3
> + depends on BR2_PACKAGE_GOBJECT_INTROSPECTION_ARCH_SUPPORTS
So I dropped this comment.
> +
> +comment "firewalld needs a glibc toolchain w/ wchar, dynamic library, headers >= 3.12, gcc >= 4.9, host gcc >= 8"
Interestingly, you mentioned "dynamic library" here, but there was
nothing related to BR2_STATIC_LIBS. Turned out that with Python3 being
selected, in fact !BR2_STATIC_LIBS has been added in the dependencies,
and therefore "needs [...] dynamic library" is indeed correct.
> + depends on BR2_USE_MMU
> + depends on BR2_PACKAGE_GOBJECT_INTROSPECTION_ARCH_SUPPORTS
> + depends on !BR2_TOOLCHAIN_USES_GLIBC || \
> + !BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_12 || \
> + !BR2_USE_WCHAR || BR2_STATIC_LIBS || \
> + !BR2_TOOLCHAIN_GCC_AT_LEAST_4_9 || \
> + !BR2_HOST_GCC_AT_LEAST_8
> +ifeq ($(BR2_SYSTEM_ENABLE_NLS),y)
> +FIREWALLD_CONF_OPTS += --enable-nls
> +endif
This NLS option is already handled in a generic way by the
autotools-package infrastructure, so it is not necessary to do it here.
I did a build, which went well, so I've pushed your patch with the
above changes.
Thanks for this contribution!
Thomas
--
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering and training
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
next prev parent reply other threads:[~2023-08-13 21:59 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-04 2:52 [Buildroot] [PATCH v2 1/1] package/firewalld: new package Adam Duskett
2023-08-13 21:59 ` Thomas Petazzoni via buildroot [this message]
2023-08-13 22:00 ` Thomas Petazzoni via buildroot
2023-08-15 15:00 ` Julien Olivain
2023-08-15 16:30 ` Yann E. MORIN
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230813235910.3b1e4be8@windsurf \
--to=buildroot@buildroot.org \
--cc=aduskett@gmail.com \
--cc=thomas.petazzoni@bootlin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox