Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 498878 - net-firewall/iptables: move from / to /usr
Summary: net-firewall/iptables: move from / to /usr
Status: CONFIRMED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo's Team for Core System packages
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-01-22 03:32 UTC by Mike Gilbert
Modified: 2024-02-06 22:49 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mike Gilbert gentoo-dev 2014-01-22 03:32:33 UTC 
The ebuild passes --libexecdir="${EPREFIX}/$(get_libdir)" to econf.

It looks like this was used to control the install location for the xtables modules. However, upstream changed this to ${libdir}/xtables, which causes the modules to be intstalled in /usr/lib/xtables instead of /lib/xtables.

https://git.netfilter.org/iptables/commit/?id=411a4e50ec1030f2dc51c5b0156e0c7255c81905

The --libexec flag should be removed from the ebuild.

Also, you may want to consider passing --libdir=/$(get_libdir) or --with-xtlibdir=/$(get_libdir)/xtables if iptables should be usable without /usr mounted.
Comment 1 dwfreed 2014-01-22 03:38:20 UTC 
It's worth noting that because iptables installs .pc files, you don't want to override libdir, or you'll prevent pkg-config from locating those files.  Setting xtlibdir would probably be the best choice here, if you want iptables to be usable before /usr is mounted.
Comment 2 SpanKY gentoo-dev 2015-08-14 09:24:08 UTC 
alternatively we could move the progs & libs files to /usr
Comment 3 Mike Gilbert gentoo-dev 2015-08-14 14:09:04 UTC 
(In reply to SpanKY from comment #2)
> alternatively we could move the progs & libs files to /usr

Sure. I would be good to have an announcement for that; I'm sure there are scripts out there that call /sbin/iptables.
Comment 4 Larry the Git Cow gentoo-dev 2024-02-06 22:49:53 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4fc9966a33ed4f82e6c10f3dc518326fa1063cde

commit 4fc9966a33ed4f82e6c10f3dc518326fa1063cde
Author:     Eli Schwartz <eschwartz93@gmail.com>
AuthorDate: 2024-02-06 15:29:48 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2024-02-06 22:49:31 +0000

    net-firewall/iptables: remove usr-ldscript support
    
    Per news item 2024-01-05-usr-initramfs, we no longer support this use
    case. It is fragile and hacky and leads to bizarre forms of load errors.
    
    The functionality is, despite being called "split-usr", not really about
    split-usr at all.
    
    [sam: Add bug #332175 and bug #498878 ref.]
    
    Bug: https://bugs.gentoo.org/332175
    Bug: https://bugs.gentoo.org/498878
    Signed-off-by: Eli Schwartz <eschwartz93@gmail.com>
    Signed-off-by: Sam James <sam@gentoo.org>

 .../iptables/{iptables-1.8.9-r1.ebuild => iptables-1.8.9-r2.ebuild}  | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)