new, version 0.3.14.2

based on fedora package, 01f44ea

diff --git a/FedoraServer.xml b/FedoraServer.xml
new file mode 100644 (file)
index 0000000..617e131
--- /dev/null
+++ b/FedoraServer.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="utf-8"?>
+<zone>
+  <short>Public</short>
+  <description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description>
+  <service name="ssh"/>
+  <service name="dhcpv6-client"/>
+  <service name="cockpit"/>
+</zone>

diff --git a/FedoraWorkstation.xml b/FedoraWorkstation.xml
new file mode 100644 (file)
index 0000000..d29d550
--- /dev/null
+++ b/FedoraWorkstation.xml
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="utf-8"?>
+<zone>
+  <short>Fedora Workstation</short>
+  <description>Unsolicited incoming network packets are rejected from port 1 to 1024, except for select network services. Incoming packets that are related to outgoing network connections are accepted. Outgoing network connections are allowed.</description>
+  <service name="dhcpv6-client"/>
+  <service name="ssh"/>
+  <service name="samba-client"/>
+  <port protocol="udp" port="1025-65535"/>
+  <port protocol="tcp" port="1025-65535"/>
+</zone>

diff --git a/MDNS-default.patch b/MDNS-default.patch
new file mode 100644 (file)
index 0000000..0316962
--- /dev/null
+++ b/MDNS-default.patch
@@ -0,0 +1,40 @@
+From 0e9306e9df41142503b4efc90032043183a3cb7b Mon Sep 17 00:00:00 2001
+From: Stef Walter <stefw@gnome.org>
+Date: Mon, 6 Aug 2012 10:01:09 +0200
+Subject: [PATCH] Make MDNS work in all but the most restrictive zones
+
+ * MDNS is a discovery protocol, and much like DNS or DHCP should
+   be available for the network to function as expected.
+ * Avahi (the main MDNS) implementation has taken steps to make sure
+   no private information is published by default.
+ * See: https://fedoraproject.org/wiki/Desktop/Whiteboards/AvahiDefault
+---
+ config/zones/public.xml | 1 +
+ config/zones/work.xml   | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/config/zones/public.xml b/config/zones/public.xml
+index 929ad72..a56e95c 100644
+--- a/config/zones/public.xml
++++ b/config/zones/public.xml
+@@ -3,5 +3,6 @@
+   <short>Public</short>
+   <description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description>
+   <service name="ssh"/>
++  <service name="mdns"/>
+   <service name="dhcpv6-client"/>
+ </zone>
+diff --git a/config/zones/work.xml b/config/zones/work.xml
+index 7e750fc..77f13c8 100644
+--- a/config/zones/work.xml
++++ b/config/zones/work.xml
+@@ -3,5 +3,6 @@
+   <short>Work</short>
+   <description>For use in work areas. You mostly trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description>
+   <service name="ssh"/>
++  <service name="mdns"/>
+   <service name="dhcpv6-client"/>
+ </zone>
+-- 
+1.7.11.2
+

diff --git a/firewalld.spec b/firewalld.spec
new file mode 100644 (file)
index 0000000..6462714
--- /dev/null
+++ b/firewalld.spec
@@ -0,0 +1,442 @@
+#
+# Conditional build:
+%bcond_with    python3 # CPython 3.x package
+
+Summary:       A firewall daemon with D-Bus interface providing a dynamic firewall
+Name:          firewalld
+Version:       0.3.14.2
+Release:       0.1
+License:       GPL v2+
+Source0:       https://fedorahosted.org/released/firewalld/%{name}-%{version}.tar.bz2
+# Source0-md5: 5984690845a7be38dff3cedff273b73a
+Source1:       FedoraServer.xml
+Group:         Networking/Admin
+Source2:       FedoraWorkstation.xml
+Patch0:                MDNS-default.patch
+Patch1:                pid_file_RHBZ1233232.patch
+URL:           http://www.firewalld.org/
+BuildRequires: desktop-file-utils
+BuildRequires: docbook-style-xsl
+BuildRequires: gettext
+BuildRequires: glib2
+# glib2-devel is needed for gsettings.m4
+BuildRequires: glib2-devel
+BuildRequires: intltool
+BuildRequires: python-devel
+BuildRequires: rpm-pythonprov
+BuildRequires: rpmbuild(macros) >= 1.713
+BuildRequires: systemd-units
+%if %{with python3}
+BuildRequires: python3-devel
+%endif
+Requires:      ebtables
+Requires:      iptables
+Requires(post):        systemd
+Requires(preun):       systemd
+Requires(postun):      systemd
+Requires:      firewalld-config
+Requires:      firewalld-filesystem = %{version}-%{release}
+Requires:      python-firewall = %{version}-%{release}
+Obsoletes:     firewalld-config-cloud <= 0.3.15
+Obsoletes:     firewalld-config-server <= 0.3.15
+Obsoletes:     firewalld-config-standard <= 0.3.15
+Obsoletes:     firewalld-config-workstation <= 0.3.15
+BuildArch:     noarch
+BuildRoot:     %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+
+%description
+firewalld is a firewall service daemon that provides a dynamic
+customizable firewall with a D-Bus interface.
+
+%package -n python-firewall
+Summary:       Python2 bindings for firewalld
+Group:         Libraries/Python
+Requires:      pygobject3-base
+Requires:      python-dbus
+Requires:      python-decorator
+Requires:      python-slip-dbus
+Provides:      python2-firewall
+Obsoletes:     python2-firewall
+
+%description -n python-firewall
+Python2 bindings for firewalld.
+
+%package -n python3-firewall
+Summary:       Python3 bindings for firewalld
+Group:         Libraries/Python
+Requires:      python3-dbus
+Requires:      python3-decorator
+Requires:      python3-gobject
+Requires:      python3-slip-dbus
+
+%description -n python3-firewall
+Python3 bindings for firewalld.
+
+%package -n firewalld-filesystem
+Summary:       Firewalld directory layout and rpm macros
+Group:         Base
+
+%description -n firewalld-filesystem
+This package provides directories and rpm macros which are required by
+other packages that add firewalld configuration files.
+
+%package -n firewall-applet
+Summary:       Firewall panel applet
+Group:         X11/Applications
+Requires:      %{name} = %{version}-%{release}
+Requires:      NetworkManager-glib
+Requires:      PyQt4
+Requires:      firewall-config = %{version}-%{release}
+Requires:      hicolor-icon-theme
+Requires:      libnotify
+Requires:      pygobject3-base
+
+%description -n firewall-applet
+The firewall panel applet provides a status information of firewalld
+and also the firewall settings.
+
+%package -n firewall-config
+Summary:       Firewall configuration application
+Group:         Base
+Requires:      %{name} = %{version}-%{release}
+Requires:      NetworkManager-glib
+Requires:      gtk+3
+Requires:      hicolor-icon-theme
+Requires:      pygobject3-base
+
+%description -n firewall-config
+The firewall configuration application provides an configuration
+interface for firewalld.
+
+%package config-standard
+Summary:       Firewalld standard configuration settings
+Group:         Base
+Requires:      firewalld = %{version}-%{release}
+Provides:      firewalld-config
+Conflicts:     firewalld-config-server
+Conflicts:     firewalld-config-workstation
+Conflicts:     system-release-server
+Conflicts:     system-release-workstation
+
+%description config-standard
+Standard product firewalld configuration settings.
+
+%package config-server
+Summary:       Firewalld server configuration settings
+Group:         Base
+Requires:      firewalld = %{version}-%{release}
+Requires:      system-release-server
+Provides:      firewalld-config
+Conflicts:     firewalld-config-standard
+Conflicts:     firewalld-config-workstation
+
+%description config-server
+Server product specific firewalld configuration settings.
+
+%package config-workstation
+Summary:       Firewalld workstation configuration settings
+Group:         Base
+Requires:      firewalld = %{version}-%{release}
+Requires:      system-release-workstation
+Provides:      firewalld-config
+Conflicts:     firewalld-config-server
+Conflicts:     firewalld-config-standard
+
+%description config-workstation
+Workstation product specific firewalld configuration settings.
+
+%prep
+%setup -q
+%patch0 -p1
+%patch1 -p1
+
+%if %{with python3}
+rm -rf py3
+cp -a . py3
+%endif
+
+%build
+%configure \
+       --enable-sysconfig \
+       --enable-rpmmacros \
+       PYTHON=%{__python}
+
+%if %{with python3}
+cd py3
+       %configure \
+       --enable-sysconfig \
+       --enable-rpmmacros \
+       PYTHON=%{__python3}
+%endif
+
+%install
+rm -rf $RPM_BUILD_ROOT
+%{__make} install \
+       PYTHON=%{__python} \
+       DESTDIR=$RPM_BUILD_ROOT
+
+%if %{with python3}
+cd py3
+%{__make} -C src \
+       install-nobase_dist_pythonDATA \
+       PYTHON=%{__python3} \
+       DESTDIR=$RPM_BUILD_ROOT
+%endif
+
+%find_lang %{name} --all-name
+
+desktop-file-install --delete-original \
+       --dir $RPM_BUILD_ROOT%{_sysconfdir}/xdg/autostart \
+       $RPM_BUILD_ROOT%{_sysconfdir}/xdg/autostart/firewall-applet.desktop
+
+desktop-file-install --delete-original \
+       --dir $RPM_BUILD_ROOT%{_desktopdir} \
+       $RPM_BUILD_ROOT%{_desktopdir}/firewall-config.desktop
+
+install -d $RPM_BUILD_ROOT%{_prefix}/lib/firewalld/zones/
+install -c %{SOURCE1} $RPM_BUILD_ROOT%{_prefix}/lib/firewalld/zones/FedoraServer.xml
+install -c %{SOURCE2} $RPM_BUILD_ROOT%{_prefix}/lib/firewalld/zones/FedoraWorkstation.xml
+
+# standard firewalld.conf
+mv $RPM_BUILD_ROOT%{_sysconfdir}/firewalld/firewalld.conf \
+       $RPM_BUILD_ROOT%{_sysconfdir}/firewalld/firewalld-standard.conf
+
+# server firewalld.conf
+cp -a $RPM_BUILD_ROOT%{_sysconfdir}/firewalld/firewalld-standard.conf \
+       $RPM_BUILD_ROOT%{_sysconfdir}/firewalld/firewalld-server.conf
+sed -i 's|^DefaultZone=.*|DefaultZone=FedoraServer|g' \
+       $RPM_BUILD_ROOT%{_sysconfdir}/firewalld/firewalld-server.conf
+
+# workstation firewalld.conf
+cp -a $RPM_BUILD_ROOT%{_sysconfdir}/firewalld/firewalld-standard.conf \
+       $RPM_BUILD_ROOT%{_sysconfdir}/firewalld/firewalld-workstation.conf
+sed -i 's|^DefaultZone=.*|DefaultZone=FedoraWorkstation|g' \
+       $RPM_BUILD_ROOT%{_sysconfdir}/firewalld/firewalld-workstation.conf
+
+rm -f $RPM_BUILD_ROOT%{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%post
+%systemd_post firewalld.service
+
+%preun
+%systemd_preun firewalld.service
+
+%postun
+%systemd_postun_with_restart firewalld.service
+
+%posttrans
+# If we don't yet have a symlink or existing file for firewalld.conf,
+# create it. Note: this will intentionally reset the policykit policy
+# at the same time, so they are in sync.
+
+# Import %{_sysconfdir}/os-release to get the variant definition
+. %{_sysconfdir}/os-release || :
+
+if [ ! -e %{_sysconfdir}/firewalld/firewalld.conf ]; then
+       case "$VARIANT_ID" in
+               server)
+                       ln -sf firewalld-server.conf %{_sysconfdir}/firewalld/firewalld.conf || :
+                       ;;
+               workstation)
+                       ln -sf firewalld-workstation.conf %{_sysconfdir}/firewalld/firewalld.conf || :
+                       ;;
+               *)
+                       ln -sf firewalld-standard.conf %{_sysconfdir}/firewalld/firewalld.conf
+                       ;;
+    esac
+fi
+
+if [ ! -e %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy ]; then
+       case "$VARIANT_ID" in
+               workstation)
+                       ln -sf org.fedoraproject.FirewallD1.desktop.policy %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy || :
+                       ;;
+               *)
+                       # For all other editions, we'll use the Server polkit policy
+                       ln -sf org.fedoraproject.FirewallD1.server.policy %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy || :
+       esac
+fi
+
+%post -n firewall-applet
+%update_icon_cache hicolor
+
+%postun -n firewall-applet
+%update_icon_cache hicolor
+%glib_compile_schemas
+
+%posttrans -n firewall-applet
+%update_icon_cache hicolor
+%glib_compile_schemas
+
+%post -n firewall-config
+%update_icon_cache hicolor
+
+%postun -n firewall-config
+%update_icon_cache hicolor
+%glib_compile_schemas
+
+%posttrans -n firewall-config
+%update_icon_cache hicolor
+%glib_compile_schemas
+
+%post config-standard
+if [ $1 -eq 1 ]; then # Initial installation
+       # link standard config
+       rm -f %{_sysconfdir}/firewalld/firewalld.conf
+       ln -sf firewalld-standard.conf %{_sysconfdir}/firewalld/firewalld.conf || :
+fi
+
+%triggerin config-standard -- firewalld
+if [ $1 -eq 1 ]; then
+       # link server policy
+       rm -f %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
+       ln -sf org.fedoraproject.FirewallD1.server.policy %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy || :
+fi
+
+%post config-server
+if [ $1 -eq 1 ]; then # Initial installation
+       # link server config
+       rm -f %{_sysconfdir}/firewalld/firewalld.conf
+       ln -sf firewalld-server.conf %{_sysconfdir}/firewalld/firewalld.conf || :
+fi
+
+%triggerin config-server -- firewalld
+if [ $1 -eq 1 ]; then
+       # link server policy
+       rm -f %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
+       ln -sf org.fedoraproject.FirewallD1.server.policy %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy || :
+fi
+
+%post config-workstation
+if [ $1 -eq 1 ]; then # Initial installation
+       # link workstation config
+       rm -f %{_sysconfdir}/firewalld/firewalld.conf
+       ln -sf firewalld-workstation.conf %{_sysconfdir}/firewalld/firewalld.conf || :
+fi
+
+%triggerin config-workstation -- firewalld
+if [ $1 -eq 1 ]; then
+       # link desktop policy
+       rm -f %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
+       ln -sf org.fedoraproject.FirewallD1.desktop.policy %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy || :
+fi
+
+%files -f %{name}.lang
+%defattr(644,root,root,755)
+%doc README
+%attr(755,root,root) %{_sbindir}/firewalld
+%attr(755,root,root) %{_bindir}/firewall-cmd
+%attr(755,root,root) %{_bindir}/firewall-offline-cmd
+%dir %{bash_compdir}
+%{bash_compdir}/firewall-cmd
+%{_prefix}/lib/firewalld/icmptypes/*.xml
+%{_prefix}/lib/firewalld/services/*.xml
+%{_prefix}/lib/firewalld/zones/*.xml
+%{_prefix}/lib/firewalld/xmlschema/*.xsd
+%dir %attr(750,root,root) %dir %{_sysconfdir}/firewalld
+#%ghost %config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf
+#%config(noreplace) %{_sysconfdir}/firewalld/firewalld-standard.conf
+#%config(noreplace) %{_sysconfdir}/firewalld/firewalld-server.conf
+#%config(noreplace) %{_sysconfdir}/firewalld/firewalld-workstation.conf
+%config(noreplace) %{_sysconfdir}/firewalld/lockdown-whitelist.xml
+%attr(750,root,root) %dir %{_sysconfdir}/firewalld/icmptypes
+%attr(750,root,root) %dir %{_sysconfdir}/firewalld/services
+%attr(750,root,root) %dir %{_sysconfdir}/firewalld/zones
+%defattr(0644,root,root)
+%config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/firewalld
+#%{systemdunitdir}/firewalld.service
+%config(noreplace) /etc/dbus-1/system.d/FirewallD.conf
+%{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.desktop.policy
+%{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.server.policy
+#%ghost %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
+%{_mandir}/man1/firewall*cmd*.1*
+%{_mandir}/man1/firewalld*.1*
+%{_mandir}/man5/firewall*.5*
+
+%files -n python-firewall
+%defattr(644,root,root,755)
+%dir %{py_sitescriptdir}/firewall
+%dir %{py_sitescriptdir}/firewall/config
+%dir %{py_sitescriptdir}/firewall/core
+%dir %{py_sitescriptdir}/firewall/core/io
+%dir %{py_sitescriptdir}/firewall/server
+%{py_sitescriptdir}/firewall/*.py*
+%{py_sitescriptdir}/firewall/config/*.py*
+%{py_sitescriptdir}/firewall/core/*.py*
+%{py_sitescriptdir}/firewall/core/io/*.py*
+%{py_sitescriptdir}/firewall/server/*.py*
+
+%if %{with python3}
+%files -n python3-firewall
+%defattr(644,root,root,755)
+%dir %{py3_sitescriptdir}/firewall
+%dir %{py3_sitescriptdir}/firewall/__pycache__
+%dir %{py3_sitescriptdir}/firewall/config
+%dir %{py3_sitescriptdir}/firewall/config/__pycache__
+%dir %{py3_sitescriptdir}/firewall/core
+%dir %{py3_sitescriptdir}/firewall/core/__pycache__
+%dir %{py3_sitescriptdir}/firewall/core/io
+%dir %{py3_sitescriptdir}/firewall/core/io/__pycache__
+%dir %{py3_sitescriptdir}/firewall/server
+%dir %{py3_sitescriptdir}/firewall/server/__pycache__
+%{py3_sitescriptdir}/firewall/__pycache__/*.py*
+%{py3_sitescriptdir}/firewall/*.py*
+%{py3_sitescriptdir}/firewall/config/*.py*
+%{py3_sitescriptdir}/firewall/config/__pycache__/*.py*
+%{py3_sitescriptdir}/firewall/core/*.py*
+%{py3_sitescriptdir}/firewall/core/__pycache__/*.py*
+%{py3_sitescriptdir}/firewall/core/io/*.py*
+%{py3_sitescriptdir}/firewall/core/io/__pycache__/*.py*
+%{py3_sitescriptdir}/firewall/server/*.py*
+%{py3_sitescriptdir}/firewall/server/__pycache__/*.py*
+%endif
+
+%files -n firewalld-filesystem
+%defattr(644,root,root,755)
+%dir %{_prefix}/lib/firewalld
+%dir %{_prefix}/lib/firewalld/icmptypes
+%dir %{_prefix}/lib/firewalld/services
+%dir %{_prefix}/lib/firewalld/zones
+%dir %{_prefix}/lib/firewalld/xmlschema
+#%{_rpmconfigdir}/macros.d/macros.firewalld
+
+%files -n firewall-applet
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_bindir}/firewall-applet
+%defattr(0644,root,root)
+%{_sysconfdir}/xdg/autostart/firewall-applet.desktop
+%{_iconsdir}/hicolor/*/apps/firewall-applet*.*
+%{_mandir}/man1/firewall-applet*.1*
+
+%files -n firewall-config
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_bindir}/firewall-config
+%defattr(0644,root,root)
+%{_datadir}/firewalld/firewall-config.glade
+%{_datadir}/firewalld/gtk3_chooserbutton.py*
+%{_desktopdir}/firewall-config.desktop
+%{_datadir}/appdata/firewall-config.appdata.xml
+%{_iconsdir}/hicolor/*/apps/firewall-config*.*
+%{_datadir}/glib-2.0/schemas/org.fedoraproject.FirewallConfig.gschema.xml
+%{_mandir}/man1/firewall-config*.1*
+
+%files config-standard
+%defattr(644,root,root,755)
+%config(noreplace) %{_sysconfdir}/firewalld/firewalld-standard.conf
+#%ghost %config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf
+#%ghost %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
+
+%files config-server
+%defattr(644,root,root,755)
+%config(noreplace) %{_sysconfdir}/firewalld/firewalld-server.conf
+#%ghost %config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf
+#%ghost %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
+
+%files config-workstation
+%defattr(644,root,root,755)
+%config(noreplace) %{_sysconfdir}/firewalld/firewalld-workstation.conf
+#%ghost %config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf
+#%ghost %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy

diff --git a/pid_file_RHBZ1233232.patch b/pid_file_RHBZ1233232.patch
new file mode 100644 (file)
index 0000000..f785bc7
--- /dev/null
+++ b/pid_file_RHBZ1233232.patch
@@ -0,0 +1,58 @@
+commit 3a1f22c95bb5723456533de5aa821143682b8e3d
+Author: Thomas Woerner <twoerner@redhat.com>
+Date:   Thu Jun 18 16:55:40 2015 +0200
+
+    firewalld: Fixed 'pid_file' referenced before assignment (RHBZ#1233232)
+
+diff --git a/src/firewalld b/src/firewalld
+index 2db71a8..bd81316 100755
+--- a/src/firewalld
++++ b/src/firewalld
+@@ -82,6 +82,7 @@ def setup_logging(args):
+             log.addDebugLogging("*", log.stdout)
+ 
+ def startup(args):
++    pid_file = "/var/run/firewalld.pid"
+     try:
+         if not args.nofork:
+             # do the UNIX double-fork magic, see Stevens' "Advanced
+@@ -119,7 +120,6 @@ def startup(args):
+ 
+         if not args.nopid:
+             # write the pid file
+-            pid_file = "/var/run/firewalld.pid"
+             with open(pid_file, "w") as f:
+                 f.write(str(os.getpid()))
+ 
+@@ -128,27 +128,27 @@ def startup(args):
+         server.run_server(args.debug_gc)
+ 
+         # Clean up on exit
+-        if os.path.exists(pid_file) and not args.nopid:
++        if not args.nopid and os.path.exists(pid_file):
+             os.remove(pid_file)
+ 
+     except OSError as e:
+         log.fatal(_("Fork #1 failed: %d (%s)") % (e.errno, e.strerror))
+         log.error(traceback.format_exc())
+-        if os.path.exists(pid_file) and not args.nopid:
++        if not args.nopid and os.path.exists(pid_file):
+             os.remove(pid_file)
+         sys.exit(1)
+ 
+     except dbus.exceptions.DBusException as e:
+         log.fatal(str(e))
+         log.error(traceback.format_exc())
+-        if os.path.exists(pid_file) and not args.nopid:
++        if not args.nopid and os.path.exists(pid_file):
+             os.remove(pid_file)
+         sys.exit(1)
+ 
+     except IOError as e:
+         log.fatal(str(e))
+         log.error(traceback.format_exc())
+-        if os.path.exists(pid_file) and not args.nopid:
++        if not args.nopid and os.path.exists(pid_file):
+             os.remove(pid_file)
+         sys.exit(1)
+