Summary: | net-firewall/shorewall6-4.5.11.2: keepdirs /var/lock | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Diego Elio Pettenò (RETIRED) <flameeyes> |
Component: | New packages | Assignee: | Vieri <rentorbuy> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | burcheri.massimo+bugs-gentoo, netmon, proxy-maint, whissi |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 332633 |
Description
Diego Elio Pettenò (RETIRED)
2013-02-26 15:34:56 UTC
Changed keepdir to dodir in net-firewall/shorewall6-4.5.11.2-r1 *** Bug 475412 has been marked as a duplicate of this bug. *** (In reply to Constanze Hausner from comment #1) > Changed keepdir to dodir in net-firewall/shorewall6-4.5.11.2-r1 That's not the fix. init.d scripts should check'n'create the directory during invocation. /var/lock is a symlink to /run/lock which is on tmpfs and empty after reboot. Now really fixed in 4.5.18 :). Sorry, I was a bit confused there. We already have the check in the initscripts, so we do need neither dodir nor keepdir in the ebuilds. Thanks for pointing that out to me. (In reply to Constanze Hausner from comment #4) > Now really fixed in 4.5.18 :). > > Sorry, I was a bit confused there. > We already have the check in the initscripts, so we do need neither dodir > nor keepdir in the ebuilds. > > Thanks for pointing that out to me. You're still missing the point. In what I might term as modern Linux filesystems, you don't use /var/lock at all anymore. You use /run/lock instead. Hi, I forked shorewall (because 4.5.17 had a serious bug which took too long for me to get fixed). I also fixed the /var/lock issue the right way, at least I I think so. See <https://github.com/Whissi/gentoo-overlay/blob/master/net-firewall/shorewall/files/shorewall.conf-SUBSYSLOCK.patch>. Maybe Jeroen can also answer if it is valid. @jer I'm sorry, if I'm missing the point. I didn't know that the use of /var/lock is disapproved. Is this documented somewhere? I didn't find anything abount using it at runtime in the tracker bug. @Thomas Good to see, that you're invested in this package. I don't use shorewall, so I often miss updates or security problems, sorry. Would you like to proxy-maintain this package? *** Bug 477274 has been marked as a duplicate of this bug. *** problem is still in 4.5.18, while it was not in 4.5.15 i have 2 diff gentoo installs that have this problem, have created /var/lock/subsys now this resolves it for me for now Hi, fist, this problem will be finally patched in the upcoming week, when Constanze will publish a new version. You may run into a problem, because in 4.5.18 Constanze tried to fix the problem by moving the creation from ebuild to the init.d script (this wlll avoid emerge's QA message, but doesn't fix the initial problem). So if you now do a fresh installation and use /sbin/shorewall* before you executed /etc/init.d/shorewall* you may get an error, because the directory is missing. Thanks for the report. Again, I hope this will be fixed with the upcoming version next week. Fixed by Thomas in 4.5.19. Thank you Thomas :). Fix also backported to 4.5.18-r1 by Thomas D. |