Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 499174 - net-firewall/shorewall*-4.5.21.7 version bump
Summary: net-firewall/shorewall*-4.5.21.7 version bump
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Thomas Deutschmann (RETIRED)
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-01-25 00:25 UTC by Thomas Deutschmann (RETIRED)
Modified: 2014-03-15 23:03 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
shorewall-4.5.21.5-ebuilds.tar.xz (shorewall-4.5.21.5-ebuilds.tar.xz,7.06 KB, application/x-xz-compressed-tar)
2014-01-25 00:25 UTC, Thomas Deutschmann (RETIRED) 		Details
shorewall-4.5.21.6 EBuilds (shorewall-4.5.21.6-ebuilds.tar.xz,7.05 KB, application/x-xz-compressed-tar)
2014-02-01 14:00 UTC, Thomas Deutschmann (RETIRED) 		Details
shorewall-4.5.21.6 EBuilds as patch (shorewall-4.5.21.6.patch,59.03 KB, patch)
2014-02-01 14:00 UTC, Thomas Deutschmann (RETIRED) 		Details | Diff
shorewall-4.5.21.7 EBuilds as patch (shorewall-4.5.21.7.patch,69.12 KB, patch)
2014-03-09 14:28 UTC, Thomas Deutschmann (RETIRED) 		Details | Diff
shorewall-4.5.21.7 EBuilds (shorewall-4.5.21.7-ebuilds.tar.xz,7.69 KB, application/x-xz-compressed-tar)
2014-03-09 14:29 UTC, Thomas Deutschmann (RETIRED) 		Details
Show Obsolete (3) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Deutschmann (RETIRED) gentoo-dev 2014-01-25 00:25:38 UTC 
Created attachment 368654 [details]
shorewall-4.5.21.5-ebuilds.tar.xz

Hi,

I am attaching the new files required for net-firewall/shorewall*-4.5.21.5 as discussed with Michael (xmw) from the proxy maintenance team.

Steps to do:

1) Unpack to /tmp (tar xaf shorewall-4.5.21.5-ebuilds.tar.xz)

2) Merge the content from "/tmp/net-firewall" with "/usr/portage/net-firewall" (all files in "/tmp/net-firewall" should be new files; if you need to replace or change an existing file there's something wrong).

3) Update the Manifest file, you have multiple options:

a) Run repmon in each shorewall directory ("/usr/portage/net-firewall/shorewall{,6,-lite,6-lite,-core,-init}"), e.g. "repoman --digest=y -d full"

b) Download the sources by hand:

wget http://www1.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/shorewall-4.5.21.5.tar.bz2
wget http://www1.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/shorewall6-4.5.21.5.tar.bz2
wget http://www1.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/shorewall6-lite-4.5.21.5.tar.bz2
wget http://www1.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/shorewall-core-4.5.21.5.tar.bz2
wget http://www1.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/shorewall-docs-html-4.5.21.5.tar.bz2
wget http://www1.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/shorewall-init-4.5.21.5.tar.bz2
wget http://www1.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/shorewall-lite-4.5.21.5.tar.bz2

Please note that the shorewall team offers signatures for each file. I recommend that you check them before you update the Manifest files or commit CVS:

First, you need Tom Eastep's GPG key (shorewall author):

1) Download the GPG key:
wget https://lists.shorewall.net/shorewall.gpg.key

2) Import the key:
gpg --import shorewall.gpg.key

3) Verify and sign the key
gpg --edit-key teastep@shorewall.net

3.1) In the gpg shell, call "fpr" to show the the key's fingerprint. It should match the following information:

pub   1024D/6C562AC4 2005-07-26 Shoreline Firewall <teastep@shorewall.net>
Primary key fingerprint: 94C5 6B34 AE09 A1EA 13E1  C1A7 A2F7 A69B 6C56 2AC4

3.2) Now sign the key, a local key sign is enough. In the same gpg shell type
lsign

3.3) Before we can quit the gpg shell, we need to save the changes. Type
save

3.4) Now you can quit the gpg shell with
quit


Now, download the signatures for shorewall*-4.5.21.5:

wget http://www1.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/shorewall-4.5.21.5.tar.bz2.asc
wget http://www1.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/shorewall6-4.5.21.5.tar.bz2.asc
wget http://www1.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/shorewall6-lite-4.5.21.5.tar.bz2.asc
wget http://www1.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/shorewall-core-4.5.21.5.tar.bz2.asc
wget http://www1.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/shorewall-docs-html-4.5.21.5.tar.bz2.asc
wget http://www1.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/shorewall-init-4.5.21.5.tar.bz2.asc
wget http://www1.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/shorewall-lite-4.5.21.5.tar.bz2.asc

These signatures should be placed in the same folder where you saved the source files.

Finally you can run the following command to verify the signatures:

# find /usr/portage/distfiles -type f -name "shorewall*.asc" -print0 | xargs --max-args 1 --verbose --null gpg --verify

(You need to adjust the path if you don't work in "/usr/portage/distfiles")

Now you should see 7 good signatures.

Done.


If you have any questions or experience any problems, please comment in this bug report or contact me directly.

Thanks for your time!
Comment 1 Jeroen Roovers (RETIRED) gentoo-dev 2014-01-25 02:52:18 UTC 
Comment on attachment 368654 [details]
shorewall-4.5.21.5-ebuilds.tar.xz

Please don't attach entire ebuilds - just unified diffs for the ones that you changed.
Comment 2 Jeroen Roovers (RETIRED) gentoo-dev 2014-01-25 02:56:02 UTC 
(In reply to Thomas D. from comment #0)
> I am attaching the new files required for net-firewall/shorewall*-4.5.21.5
> as discussed with Michael (xmw) from the proxy maintenance team.

> If you have any questions or experience any problems, please comment in this
> bug report or contact me directly.

Why do you include Package Maintainer 101 stuff like this? I sure hope no one on proxy-maint actually requires this kind of hand-holding.
Comment 3 Thomas Deutschmann (RETIRED) gentoo-dev 2014-01-25 10:15:30 UTC 
@Jeroen:

The previous maintainer (Constanze) is going to retire [1]. I contacted proxy-maint and asked how to proceed.

Michael (xmw) you removed from the CC list, member of the proxy maintenance team, responded and will help me with this package to get it updated in the main portage tree.

We discussed how we will do the work and because shorewall is split into 6 packages, we decided that I'll attache a archive of changes and he'll use "vim -C DirDiff"...
Yes, I could also create a big diff with "diff -uRN" or one diff per file (>25) or something else but the important thing to notice is (and I thought the first paragraph says said): All persons who will be actual involved in this decided together how they will work together. And now you enter the game, remove xmw from the CC list, are saying I shouldn't do it that way... Don't get me wrong: I really appreciate the work you are doing and often I'll learn something from your criticism, but in this case it looks like you haven't read c0.



> Why do you include Package Maintainer 101 stuff like this? I sure
> hope no one on proxy-maint actually requires this kind of hand-holding.

I am very sure he or any other proxy-maint member knows that very well.

But I don't know if xmw will always be the person who will help me. So I thought (and still think) it is a good thing to write it down once - completely. Documentation is always a good thing... not?



[1] https://bugs.gentoo.org/show_bug.cgi?id=332341#c14
Comment 4 Jeroen Roovers (RETIRED) gentoo-dev 2014-01-25 15:27:06 UTC 
(In reply to Thomas D. from comment #3)
> The previous maintainer (Constanze) is going to retire [1]. I contacted
> proxy-maint and asked how to proceed.

netmon was handling this fine before Constanze, but help is always welcome.

> Documentation is always a good thing... not?

Sure.
Comment 5 Thomas Deutschmann (RETIRED) gentoo-dev 2014-02-01 13:58:44 UTC 
shorewall-4.5.21.6 was released. Because shorewall-4.5.21.5 didn't made it into the tree I am updating the request for shorewall-4.5.21.6.
Comment 6 Thomas Deutschmann (RETIRED) gentoo-dev 2014-02-01 14:00:27 UTC 
Created attachment 369244 [details]
shorewall-4.5.21.6 EBuilds
Comment 7 Thomas Deutschmann (RETIRED) gentoo-dev 2014-02-01 14:00:56 UTC 
Created attachment 369246 [details, diff]
shorewall-4.5.21.6 EBuilds as patch
Comment 8 Thomas Deutschmann (RETIRED) gentoo-dev 2014-03-09 14:27:01 UTC 
shorewall-4.5.21.7 was released. Because shorewall-4.5.21.{5,6} didn't made it into the tree I am updating the request for shorewall-4.5.21.7...
Comment 9 Thomas Deutschmann (RETIRED) gentoo-dev 2014-03-09 14:28:47 UTC 
Created attachment 372206 [details, diff]
shorewall-4.5.21.7 EBuilds as patch
Comment 10 Thomas Deutschmann (RETIRED) gentoo-dev 2014-03-09 14:29:46 UTC 
Created attachment 372208 [details]
shorewall-4.5.21.7 EBuilds
Comment 11 Markos Chandras (RETIRED) gentoo-dev 2014-03-15 22:36:42 UTC 
The patchset looks good but there are conflicts with metadata.xml because you are creating them from scratch instead of patching the existing ones.
Comment 12 Markos Chandras (RETIRED) gentoo-dev 2014-03-15 23:03:07 UTC 
All done. Thank you for your patches and apologies for the delay! Hopefully we will do better next time.