From fde365ab9436c5d32a45083c21834e9f714bfb6f Mon Sep 17 00:00:00 2001 From: Philip Whineray Date: Wed, 11 Nov 2015 07:44:28 +0000 Subject: [PATCH] Make sure use same defaults file for all Make it read-all so non-root use in update-ipsets is OK Make the source test for readability so we do not get an error if not --- sbin/firehol.in | 4 ++-- sbin/fireqos.in | 10 ++++++++-- sbin/link-balancer.in | 13 ++++++++++--- sbin/update-ipsets.in | 20 +++++++++++++++++--- sbin/vnetbuild.in | 11 ++++++++--- 5 files changed, 45 insertions(+), 13 deletions(-) diff --git a/sbin/firehol.in b/sbin/firehol.in index a997049..76745d0 100755 --- a/sbin/firehol.in +++ b/sbin/firehol.in @@ -807,7 +807,7 @@ MULTICAST_IPV6="FF00::/16" # --- END OF FIREHOL DEFAULTS --- # load the defaults if they exist -if [ -f "${FIREHOL_CONFIG_DIR}/firehol-defaults.conf" ] +if [ -r "${FIREHOL_CONFIG_DIR}/firehol-defaults.conf" ] then source "${FIREHOL_CONFIG_DIR}/firehol-defaults.conf" || exit 1 fi @@ -1624,7 +1624,7 @@ then -e '/^# --- BEGIN OF FIREHOL DEFAULTS ---/,/^# --- END OF FIREHOL DEFAULTS ---/p' \ "${PROGRAM_FILE}" > "${FIREHOL_CONFIG_DIR}/firehol-defaults.conf" || exit 1 ${CHOWN_CMD} root:root "${FIREHOL_CONFIG_DIR}/firehol-defaults.conf" || exit 1 - ${CHMOD_CMD} 600 "${FIREHOL_CONFIG_DIR}/firehol-defaults.conf" || exit 1 + ${CHMOD_CMD} 644 "${FIREHOL_CONFIG_DIR}/firehol-defaults.conf" || exit 1 fi load_ips() { diff --git a/sbin/fireqos.in b/sbin/fireqos.in index 0aeb165..0a21a5f 100755 --- a/sbin/fireqos.in +++ b/sbin/fireqos.in @@ -71,7 +71,13 @@ PROGRAM_FILE="$0" # enabled extended pattern matching in bash shopt -s extglob -FIREHOL_CONFIG_DIR=/etc/firehol +if [ "@AUTOCONF_RUN@" = "Y" ] +then + FIREHOL_CONFIG_DIR="@FIREHOL_CONFIG_DIR@" +else + FIREHOL_CONFIG_DIR="/etc/firehol" +fi + FIREQOS_SYSLOG_FACILITY="daemon" FIREQOS_CONFIG=/etc/firehol/fireqos.conf FIREQOS_LOCK_FILE=/var/run/fireqos.lock @@ -115,7 +121,7 @@ FIREQOS_INTERFACE_DEFAULT_CLASSID=8000 # load the defaults if they exist, ignoring any mark definitions marksreset() { :; } markdef() { :; } -if [ -f "${FIREHOL_CONFIG_DIR}/firehol-defaults.conf" ] +if [ -r "${FIREHOL_CONFIG_DIR}/firehol-defaults.conf" ] then source "${FIREHOL_CONFIG_DIR}/firehol-defaults.conf" || exit 1 fi diff --git a/sbin/link-balancer.in b/sbin/link-balancer.in index fa1e1fb..945fa5b 100755 --- a/sbin/link-balancer.in +++ b/sbin/link-balancer.in @@ -72,6 +72,13 @@ then exit 1 fi +if [ "@AUTOCONF_RUN@" = "Y" ] +then + FIREHOL_CONFIG_DIR="@FIREHOL_CONFIG_DIR@" +else + FIREHOL_CONFIG_DIR="/etc/firehol" +fi + declare -a LB_ORIGINAL_ARGS=("${@}") LB_DEFAULT_WORKING_DIRECTORY="${PWD}" @@ -117,7 +124,7 @@ LB_RULE_STEP=100 declare -A LB_ALTERED=() # Where is the link-balancer configuration files? -LB_CONFIG_DIR="/etc/firehol" +LB_CONFIG_DIR="${FIREHOL_CONFIG_DIR}" # Link-balancer main configuration file. LB_CONFIG="${LB_CONFIG_DIR}/link-balancer.conf" @@ -127,9 +134,9 @@ LB_DEFAULT_IPV=4 marksreset() { :; } markdef() { :; } -if [ -f "${LB_CONFIG_DIR}/firehol-defaults.conf" ] +if [ -r "${FIREHOL_CONFIG_DIR}/firehol-defaults.conf" ] then - source "${LB_CONFIG_DIR}/firehol-defaults.conf" || exit 1 + source "${FIREHOL_CONFIG_DIR}/firehol-defaults.conf" || exit 1 fi # temporary variable (default LB_DEFAULT_IPV=4) diff --git a/sbin/update-ipsets.in b/sbin/update-ipsets.in index b5420ab..ff28ea2 100755 --- a/sbin/update-ipsets.in +++ b/sbin/update-ipsets.in @@ -103,6 +103,20 @@ get_version() { PROGRAM_FILE="${0}" +if [ "@AUTOCONF_RUN@" = "Y" ] +then + FIREHOL_CONFIG_DIR="@FIREHOL_CONFIG_DIR@" +else + FIREHOL_CONFIG_DIR="/etc/firehol" +fi + +marksreset() { :; } +markdef() { :; } +if [ -r "${FIREHOL_CONFIG_DIR}/firehol-defaults.conf" ] +then + source "${FIREHOL_CONFIG_DIR}/firehol-defaults.conf" || exit 1 +fi + PATH="${PATH}:/sbin:/usr/sbin" LC_ALL=C @@ -3559,7 +3573,7 @@ geolite2_country() { $GIT_CMD -C "${BASE_DIR}" checkout ${ipset}/README-EDIT.md >/dev/null 2>&1 if [ ! -f ${ipset}/README-EDIT.md ] then - touch ${ipset}/README-EDIT.md + $TOUCH_CMD ${ipset}/README-EDIT.md git_add_if_not_already_added ${ipset}/README-EDIT.md fi fi @@ -3713,7 +3727,7 @@ ipdeny_country() { $GIT_CMD -C "${BASE_DIR}" checkout ${ipset}/README-EDIT.md >/dev/null 2>&1 if [ ! -f ${ipset}/README-EDIT.md ] then - touch ${ipset}/README-EDIT.md + $TOUCH_CMD ${ipset}/README-EDIT.md git_add_if_not_already_added ${ipset}/README-EDIT.md fi fi @@ -3840,7 +3854,7 @@ ip2location_country() { $GIT_CMD -C "${BASE_DIR}" checkout ${ipset}/README-EDIT.md >/dev/null 2>&1 if [ ! -f ${ipset}/README-EDIT.md ] then - touch ${ipset}/README-EDIT.md + $TOUCH_CMD ${ipset}/README-EDIT.md git_add_if_not_already_added ${ipset}/README-EDIT.md fi fi diff --git a/sbin/vnetbuild.in b/sbin/vnetbuild.in index 88d13ea..02526f5 100755 --- a/sbin/vnetbuild.in +++ b/sbin/vnetbuild.in @@ -50,13 +50,18 @@ get_version() { return 0 } -CONFIG_DIR="/etc/firehol" +if [ "@AUTOCONF_RUN@" = "Y" ] +then + FIREHOL_CONFIG_DIR="@FIREHOL_CONFIG_DIR@" +else + FIREHOL_CONFIG_DIR="/etc/firehol" +fi marksreset() { :; } markdef() { :; } -if [ -f "${CONFIG_DIR}/firehol-defaults.conf" ] +if [ -r "${FIREHOL_CONFIG_DIR}/firehol-defaults.conf" ] then - source "${CONFIG_DIR}/firehol-defaults.conf" || exit 1 + source "${FIREHOL_CONFIG_DIR}/firehol-defaults.conf" || exit 1 fi # Load commands vnetbuild will need.