3 %bcond_with python3 # CPython 3.x package
5 Summary: A firewall daemon with D-Bus interface providing a dynamic firewall
10 Source0: https://fedorahosted.org/released/firewalld/%{name}-%{version}.tar.bz2
11 # Source0-md5: 5984690845a7be38dff3cedff273b73a
12 Source1: FedoraServer.xml
13 Group: Networking/Admin
14 Source2: FedoraWorkstation.xml
15 Patch0: MDNS-default.patch
16 Patch1: pid_file_RHBZ1233232.patch
17 URL: http://www.firewalld.org/
18 BuildRequires: desktop-file-utils
19 BuildRequires: docbook-style-xsl
20 BuildRequires: gettext
22 # glib2-devel is needed for gsettings.m4
23 BuildRequires: glib2-devel
24 BuildRequires: intltool
25 BuildRequires: python-devel
26 BuildRequires: rpm-pythonprov
27 BuildRequires: rpmbuild(macros) >= 1.713
28 BuildRequires: systemd-units
30 BuildRequires: python3-devel
34 Requires(post): systemd
35 Requires(preun): systemd
36 Requires(postun): systemd
37 Requires: firewalld-config
38 Requires: firewalld-filesystem = %{version}-%{release}
39 Requires: python-firewall = %{version}-%{release}
40 Obsoletes: firewalld-config-cloud <= 0.3.15
41 Obsoletes: firewalld-config-server <= 0.3.15
42 Obsoletes: firewalld-config-standard <= 0.3.15
43 Obsoletes: firewalld-config-workstation <= 0.3.15
45 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
48 firewalld is a firewall service daemon that provides a dynamic
49 customizable firewall with a D-Bus interface.
51 %package -n python-firewall
52 Summary: Python2 bindings for firewalld
53 Group: Libraries/Python
54 Requires: pygobject3-base
56 Requires: python-decorator
57 Requires: python-slip-dbus
58 Provides: python2-firewall
59 Obsoletes: python2-firewall
61 %description -n python-firewall
62 Python2 bindings for firewalld.
64 %package -n python3-firewall
65 Summary: Python3 bindings for firewalld
66 Group: Libraries/Python
67 Requires: python3-dbus
68 Requires: python3-decorator
69 Requires: python3-gobject
70 Requires: python3-slip-dbus
72 %description -n python3-firewall
73 Python3 bindings for firewalld.
75 %package -n firewalld-filesystem
76 Summary: Firewalld directory layout and rpm macros
79 %description -n firewalld-filesystem
80 This package provides directories and rpm macros which are required by
81 other packages that add firewalld configuration files.
83 %package -n firewall-applet
84 Summary: Firewall panel applet
85 Group: X11/Applications
86 Requires: %{name} = %{version}-%{release}
87 Requires: NetworkManager-glib
89 Requires: firewall-config = %{version}-%{release}
90 Requires: hicolor-icon-theme
92 Requires: pygobject3-base
94 %description -n firewall-applet
95 The firewall panel applet provides a status information of firewalld
96 and also the firewall settings.
98 %package -n firewall-config
99 Summary: Firewall configuration application
101 Requires: %{name} = %{version}-%{release}
102 Requires: NetworkManager-glib
104 Requires: hicolor-icon-theme
105 Requires: pygobject3-base
107 %description -n firewall-config
108 The firewall configuration application provides an configuration
109 interface for firewalld.
111 %package config-standard
112 Summary: Firewalld standard configuration settings
114 Requires: firewalld = %{version}-%{release}
115 Provides: firewalld-config
116 Conflicts: firewalld-config-server
117 Conflicts: firewalld-config-workstation
118 Conflicts: system-release-server
119 Conflicts: system-release-workstation
121 %description config-standard
122 Standard product firewalld configuration settings.
124 %package config-server
125 Summary: Firewalld server configuration settings
127 Requires: firewalld = %{version}-%{release}
128 Requires: system-release-server
129 Provides: firewalld-config
130 Conflicts: firewalld-config-standard
131 Conflicts: firewalld-config-workstation
133 %description config-server
134 Server product specific firewalld configuration settings.
136 %package config-workstation
137 Summary: Firewalld workstation configuration settings
139 Requires: firewalld = %{version}-%{release}
140 Requires: system-release-workstation
141 Provides: firewalld-config
142 Conflicts: firewalld-config-server
143 Conflicts: firewalld-config-standard
145 %description config-workstation
146 Workstation product specific firewalld configuration settings.
173 rm -rf $RPM_BUILD_ROOT
176 DESTDIR=$RPM_BUILD_ROOT
181 install-nobase_dist_pythonDATA \
182 PYTHON=%{__python3} \
183 DESTDIR=$RPM_BUILD_ROOT
186 %find_lang %{name} --all-name
188 desktop-file-install --delete-original \
189 --dir $RPM_BUILD_ROOT%{_sysconfdir}/xdg/autostart \
190 $RPM_BUILD_ROOT%{_sysconfdir}/xdg/autostart/firewall-applet.desktop
192 desktop-file-install --delete-original \
193 --dir $RPM_BUILD_ROOT%{_desktopdir} \
194 $RPM_BUILD_ROOT%{_desktopdir}/firewall-config.desktop
196 install -d $RPM_BUILD_ROOT%{_prefix}/lib/firewalld/zones/
197 install -c %{SOURCE1} $RPM_BUILD_ROOT%{_prefix}/lib/firewalld/zones/FedoraServer.xml
198 install -c %{SOURCE2} $RPM_BUILD_ROOT%{_prefix}/lib/firewalld/zones/FedoraWorkstation.xml
200 # standard firewalld.conf
201 mv $RPM_BUILD_ROOT%{_sysconfdir}/firewalld/firewalld.conf \
202 $RPM_BUILD_ROOT%{_sysconfdir}/firewalld/firewalld-standard.conf
204 # server firewalld.conf
205 cp -a $RPM_BUILD_ROOT%{_sysconfdir}/firewalld/firewalld-standard.conf \
206 $RPM_BUILD_ROOT%{_sysconfdir}/firewalld/firewalld-server.conf
207 sed -i 's|^DefaultZone=.*|DefaultZone=FedoraServer|g' \
208 $RPM_BUILD_ROOT%{_sysconfdir}/firewalld/firewalld-server.conf
210 # workstation firewalld.conf
211 cp -a $RPM_BUILD_ROOT%{_sysconfdir}/firewalld/firewalld-standard.conf \
212 $RPM_BUILD_ROOT%{_sysconfdir}/firewalld/firewalld-workstation.conf
213 sed -i 's|^DefaultZone=.*|DefaultZone=FedoraWorkstation|g' \
214 $RPM_BUILD_ROOT%{_sysconfdir}/firewalld/firewalld-workstation.conf
216 rm -f $RPM_BUILD_ROOT%{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
219 rm -rf $RPM_BUILD_ROOT
222 %systemd_post firewalld.service
225 %systemd_preun firewalld.service
228 %systemd_postun_with_restart firewalld.service
231 # If we don't yet have a symlink or existing file for firewalld.conf,
232 # create it. Note: this will intentionally reset the policykit policy
233 # at the same time, so they are in sync.
235 # Import %{_sysconfdir}/os-release to get the variant definition
236 . %{_sysconfdir}/os-release || :
238 if [ ! -e %{_sysconfdir}/firewalld/firewalld.conf ]; then
239 case "$VARIANT_ID" in
241 ln -sf firewalld-server.conf %{_sysconfdir}/firewalld/firewalld.conf || :
244 ln -sf firewalld-workstation.conf %{_sysconfdir}/firewalld/firewalld.conf || :
247 ln -sf firewalld-standard.conf %{_sysconfdir}/firewalld/firewalld.conf
252 if [ ! -e %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy ]; then
253 case "$VARIANT_ID" in
255 ln -sf org.fedoraproject.FirewallD1.desktop.policy %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy || :
258 # For all other editions, we'll use the Server polkit policy
259 ln -sf org.fedoraproject.FirewallD1.server.policy %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy || :
263 %post -n firewall-applet
264 %update_icon_cache hicolor
266 %postun -n firewall-applet
267 %update_icon_cache hicolor
268 %glib_compile_schemas
270 %posttrans -n firewall-applet
271 %update_icon_cache hicolor
272 %glib_compile_schemas
274 %post -n firewall-config
275 %update_icon_cache hicolor
277 %postun -n firewall-config
278 %update_icon_cache hicolor
279 %glib_compile_schemas
281 %posttrans -n firewall-config
282 %update_icon_cache hicolor
283 %glib_compile_schemas
285 %post config-standard
286 if [ $1 -eq 1 ]; then # Initial installation
287 # link standard config
288 rm -f %{_sysconfdir}/firewalld/firewalld.conf
289 ln -sf firewalld-standard.conf %{_sysconfdir}/firewalld/firewalld.conf || :
292 %triggerin config-standard -- firewalld
293 if [ $1 -eq 1 ]; then
295 rm -f %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
296 ln -sf org.fedoraproject.FirewallD1.server.policy %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy || :
300 if [ $1 -eq 1 ]; then # Initial installation
302 rm -f %{_sysconfdir}/firewalld/firewalld.conf
303 ln -sf firewalld-server.conf %{_sysconfdir}/firewalld/firewalld.conf || :
306 %triggerin config-server -- firewalld
307 if [ $1 -eq 1 ]; then
309 rm -f %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
310 ln -sf org.fedoraproject.FirewallD1.server.policy %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy || :
313 %post config-workstation
314 if [ $1 -eq 1 ]; then # Initial installation
315 # link workstation config
316 rm -f %{_sysconfdir}/firewalld/firewalld.conf
317 ln -sf firewalld-workstation.conf %{_sysconfdir}/firewalld/firewalld.conf || :
320 %triggerin config-workstation -- firewalld
321 if [ $1 -eq 1 ]; then
322 # link desktop policy
323 rm -f %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
324 ln -sf org.fedoraproject.FirewallD1.desktop.policy %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy || :
327 %files -f %{name}.lang
328 %defattr(644,root,root,755)
330 %attr(755,root,root) %{_sbindir}/firewalld
331 %attr(755,root,root) %{_bindir}/firewall-cmd
332 %attr(755,root,root) %{_bindir}/firewall-offline-cmd
334 %{bash_compdir}/firewall-cmd
335 %{_prefix}/lib/firewalld/icmptypes/*.xml
336 %{_prefix}/lib/firewalld/services/*.xml
337 %{_prefix}/lib/firewalld/zones/*.xml
338 %{_prefix}/lib/firewalld/xmlschema/*.xsd
339 %dir %attr(750,root,root) %dir %{_sysconfdir}/firewalld
340 #%ghost %config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf
341 #%config(noreplace) %{_sysconfdir}/firewalld/firewalld-standard.conf
342 #%config(noreplace) %{_sysconfdir}/firewalld/firewalld-server.conf
343 #%config(noreplace) %{_sysconfdir}/firewalld/firewalld-workstation.conf
344 %config(noreplace) %{_sysconfdir}/firewalld/lockdown-whitelist.xml
345 %attr(750,root,root) %dir %{_sysconfdir}/firewalld/icmptypes
346 %attr(750,root,root) %dir %{_sysconfdir}/firewalld/services
347 %attr(750,root,root) %dir %{_sysconfdir}/firewalld/zones
348 %defattr(0644,root,root)
349 %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/firewalld
350 #%{systemdunitdir}/firewalld.service
351 %config(noreplace) /etc/dbus-1/system.d/FirewallD.conf
352 %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.desktop.policy
353 %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.server.policy
354 #%ghost %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
355 %{_mandir}/man1/firewall*cmd*.1*
356 %{_mandir}/man1/firewalld*.1*
357 %{_mandir}/man5/firewall*.5*
359 %files -n python-firewall
360 %defattr(644,root,root,755)
361 %dir %{py_sitescriptdir}/firewall
362 %dir %{py_sitescriptdir}/firewall/config
363 %dir %{py_sitescriptdir}/firewall/core
364 %dir %{py_sitescriptdir}/firewall/core/io
365 %dir %{py_sitescriptdir}/firewall/server
366 %{py_sitescriptdir}/firewall/*.py*
367 %{py_sitescriptdir}/firewall/config/*.py*
368 %{py_sitescriptdir}/firewall/core/*.py*
369 %{py_sitescriptdir}/firewall/core/io/*.py*
370 %{py_sitescriptdir}/firewall/server/*.py*
373 %files -n python3-firewall
374 %defattr(644,root,root,755)
375 %dir %{py3_sitescriptdir}/firewall
376 %dir %{py3_sitescriptdir}/firewall/__pycache__
377 %dir %{py3_sitescriptdir}/firewall/config
378 %dir %{py3_sitescriptdir}/firewall/config/__pycache__
379 %dir %{py3_sitescriptdir}/firewall/core
380 %dir %{py3_sitescriptdir}/firewall/core/__pycache__
381 %dir %{py3_sitescriptdir}/firewall/core/io
382 %dir %{py3_sitescriptdir}/firewall/core/io/__pycache__
383 %dir %{py3_sitescriptdir}/firewall/server
384 %dir %{py3_sitescriptdir}/firewall/server/__pycache__
385 %{py3_sitescriptdir}/firewall/__pycache__/*.py*
386 %{py3_sitescriptdir}/firewall/*.py*
387 %{py3_sitescriptdir}/firewall/config/*.py*
388 %{py3_sitescriptdir}/firewall/config/__pycache__/*.py*
389 %{py3_sitescriptdir}/firewall/core/*.py*
390 %{py3_sitescriptdir}/firewall/core/__pycache__/*.py*
391 %{py3_sitescriptdir}/firewall/core/io/*.py*
392 %{py3_sitescriptdir}/firewall/core/io/__pycache__/*.py*
393 %{py3_sitescriptdir}/firewall/server/*.py*
394 %{py3_sitescriptdir}/firewall/server/__pycache__/*.py*
397 %files -n firewalld-filesystem
398 %defattr(644,root,root,755)
399 %dir %{_prefix}/lib/firewalld
400 %dir %{_prefix}/lib/firewalld/icmptypes
401 %dir %{_prefix}/lib/firewalld/services
402 %dir %{_prefix}/lib/firewalld/zones
403 %dir %{_prefix}/lib/firewalld/xmlschema
404 #%{_rpmconfigdir}/macros.d/macros.firewalld
406 %files -n firewall-applet
407 %defattr(644,root,root,755)
408 %attr(755,root,root) %{_bindir}/firewall-applet
409 %defattr(0644,root,root)
410 %{_sysconfdir}/xdg/autostart/firewall-applet.desktop
411 %{_iconsdir}/hicolor/*/apps/firewall-applet*.*
412 %{_mandir}/man1/firewall-applet*.1*
414 %files -n firewall-config
415 %defattr(644,root,root,755)
416 %attr(755,root,root) %{_bindir}/firewall-config
417 %defattr(0644,root,root)
418 %{_datadir}/firewalld/firewall-config.glade
419 %{_datadir}/firewalld/gtk3_chooserbutton.py*
420 %{_desktopdir}/firewall-config.desktop
421 %{_datadir}/appdata/firewall-config.appdata.xml
422 %{_iconsdir}/hicolor/*/apps/firewall-config*.*
423 %{_datadir}/glib-2.0/schemas/org.fedoraproject.FirewallConfig.gschema.xml
424 %{_mandir}/man1/firewall-config*.1*
426 %files config-standard
427 %defattr(644,root,root,755)
428 %config(noreplace) %{_sysconfdir}/firewalld/firewalld-standard.conf
429 #%ghost %config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf
430 #%ghost %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
433 %defattr(644,root,root,755)
434 %config(noreplace) %{_sysconfdir}/firewalld/firewalld-server.conf
435 #%ghost %config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf
436 #%ghost %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
438 %files config-workstation
439 %defattr(644,root,root,755)
440 %config(noreplace) %{_sysconfdir}/firewalld/firewalld-workstation.conf
441 #%ghost %config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf
442 #%ghost %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy