Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 534062

Summary: net-firewall/shorewall-4.6.5.2 systemd service files use invalid paths
Product: Gentoo Linux Reporter: Reuben Martin <reuben.m>
Component: Current packagesAssignee: Thomas Deutschmann (RETIRED) <whissi>
Status: RESOLVED FIXED    
Severity: normal CC: jlec, netmon, proxy-maint
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on: 534232    
Bug Blocks:    

Description Reuben Martin 2014-12-31 04:20:35 UTC 
Service files (both shorewall.service and shorewall.service6) have an invalid path set for both ExecStart and ExecStop. The "usr" tokens in the path string are doubled up.

So for example the shorewall.service file contains:

ExecStart=/usr/usr/sbin/shorewall $OPTIONS start $STARTOPTIONS
ExecStop=/usr/usr/sbin/shorewall $OPTIONS stop $STOPOPTIONS

Which should be:

ExecStart=/usr/sbin/shorewall $OPTIONS start $STARTOPTIONS
ExecStop=/usr/sbin/shorewall $OPTIONS stop $STOPOPTIONS

Reproducible: Always
Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev 2014-12-31 12:10:44 UTC 
Hi,

seems like you don't use net-firewall/shorewall::gentoo. We don't have a file like "shorewall.service6". Also, our service files are OK, see:

http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/net-firewall/shorewall/files/4.6/shorewall.systemd?view=markup

http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/net-firewall/shorewall/files/4.6/shorewall6.systemd?view=markup
Comment 2 Reuben Martin 2014-12-31 17:56:59 UTC 
Oops. Brain dead typo. Should obviously be shorewall6.service.

Is there perhaps something in shorewall's build process that appends the $PREFIX value to ExecStart and ExecStop within the service files?
Comment 3 Reuben Martin 2015-01-01 00:28:43 UTC 
Think I found the problem.

From a sed regex found in install.sh:

[ ${SBINDIR} != /sbin ] && eval sed -i \'s\|/sbin/\|${SBINDIR}/\|\' ${DESTDIR}${SERVICEDIR}/$PRODUCT.service

was written assuming the existing service file uses "/sbin/..." for the path rather than "/usr/sbin/..."
Comment 4 Thomas Deutschmann (RETIRED) gentoo-dev 2015-01-01 16:52:36 UTC 
Thank you. Now I see the problem.

Shorewall's install.sh has a feature to update paths based on the values from the "shorewallrc" file. This feature requires default values to work. Because we ship service files with a different value, the logic will break our service files...

To fix this problem, we'll need to change our service files back to the default value, i.e. "Exec{Start,Stop}=/sbin...".

I'll fill a new bug shortly (bump to shorewall v4.6.5.3) which will include these changes.

Thanks!
Comment 5 Justin Lecher (RETIRED) gentoo-dev 2015-01-04 09:52:37 UTC 
+*shorewall-4.6.5.3 (04 Jan 2015)
+
+  04 Jan 2015; Justin Lecher <jlec@gentoo.org> -shorewall-4.6.5.2.ebuild,
+  +shorewall-4.6.5.3.ebuild, files/4.6/shorewall.initd,
+  files/4.6/shorewall.systemd, files/4.6/shorewall-init.initd,
+  files/4.6/shorewall-init.systemd, files/4.6/shorewall-lite.initd,
+  files/4.6/shorewall-lite.systemd, files/4.6/shorewall6-lite.initd,
+  files/4.6/shorewall6-lite.systemd, files/4.6/shorewall6.initd,
+  files/4.6/shorewall6.systemd, files/4.6/shorewallrc,
+  -files/4.6/shorewallrc-r1, metadata.xml:
+  Version Bump, #534232, Thanks Thomas D. for the patch; fixes bugs, #530704,
+  #534062
+