514970 – net-firewall/ebtables: /etc/init.d/ebtables should not set use logger

Bug 514970 - net-firewall/ebtables: /etc/init.d/ebtables should not set use logger

Summary: net-firewall/ebtables: /etc/init.d/ebtables should not set use logger

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo's Team for Core System packages

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2014-06-24 22:19 UTC by KK
Modified:	2021-02-09 15:59 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description KK 2014-06-24 22:19:53 UTC

ebtables - like iptables and ip6tables - rightly depends on net ("before net"). Furthermore the init script /etc/init.d/ebtables also specifies "use logger" as a dependency which on the face of it seems correct.

This however results in a circular dependency and an incorrect startup sequence if logger (e.g. syslog-ng) itslef also depends on net ("rc_need=net.foo") which is not an uncommon scenario.

iptables and ip6tables both overcome this issue by not listing "use logger" in their init scripts but rather relying on using the respective configuration file /etc/conf.d in case the dependency is desired. The relevant section in iptables (ip6tables contains the same information) reads as follows:

===== start /etc/conf.d/iptables =====
# If you need to log iptables messages as soon as iptables starts,
# AND your logger does NOT depend on the network, then you may wish
# to uncomment the next line.
# If your logger depends on the network, and you uncomment this line
# you will create an unresolvable circular dependency during startup.
# After commenting or uncommenting this line, you must run 'rc-update -u'.
#rc_use="logger"
===== end /etc/conf.d/iptables =====

Suggested fix: Apply the same logic used for iptables and ip6tables to resolve the issue. This is an easy fix and works well within the defined framework.

Comment 1 Larry the Git Cow gentoo-dev

2021-02-09 15:59:24 UTC

The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=13ebe1e91aa41530b5c241dc52b411dbae8f66c8

commit 13ebe1e91aa41530b5c241dc52b411dbae8f66c8
Author:     Mike Frysinger <vapier@chromium.org>
AuthorDate: 2021-02-09 15:40:13 +0000
Commit:     Mike Frysinger <vapier@gentoo.org>
CommitDate: 2021-02-09 15:58:04 +0000

    net-firewall/ebtables: make logger usage optional #514970
    
    Use the same pattern adopted in iptables init scripts to make the
    use of the logger init service optional.  This avoids circular deps
    if the logger service requires the network, and shouldn't be a big
    deal as most people probably aren't logging packets.
    
    Fixes: https://bugs.gentoo.org/514970
    Signed-off-by: Mike Frysinger <vapier@gentoo.org>

 net-firewall/ebtables/files/ebtables.confd-r1 | 8 ++++++++
 net-firewall/ebtables/files/ebtables.initd-r1 | 3 +--
 2 files changed, 9 insertions(+), 2 deletions(-)