|
 |
ea8ea4 |
From 0a1a9dab8f9a1101ef7338e2ea42f6b8355d0087 Mon Sep 17 00:00:00 2001
|
|
|
ea8ea4 |
From: Eric Garver <eric@garver.life>
|
|
|
ea8ea4 |
Date: Tue, 18 Feb 2020 12:55:15 -0500
|
|
|
ea8ea4 |
Subject: [PATCH 147/154] fix: add logrotate policy
|
|
|
ea8ea4 |
|
|
|
ea8ea4 |
Fixes: rhbz 1754117
|
|
|
ea8ea4 |
(cherry picked from commit bd17df59bc340c59fe0e9b864ac9a1fedafbdca0)
|
|
|
ea8ea4 |
(cherry picked from commit 8832bed2cebdab86d09a83cb9a3599731445168d)
|
|
|
ea8ea4 |
---
|
|
|
ea8ea4 |
.gitignore | 1 +
|
|
|
ea8ea4 |
config/Makefile.am | 18 +++++++++++++++++-
|
|
|
ea8ea4 |
config/firewalld.logrotate.in | 7 +++++++
|
|
|
ea8ea4 |
firewalld.spec | 1 +
|
|
|
ea8ea4 |
4 files changed, 26 insertions(+), 1 deletion(-)
|
|
|
ea8ea4 |
create mode 100644 config/firewalld.logrotate.in
|
|
|
ea8ea4 |
|
|
|
ea8ea4 |
diff --git a/.gitignore b/.gitignore
|
|
|
ea8ea4 |
index 11e257f5f0b0..b312003f6fa5 100644
|
|
|
ea8ea4 |
--- a/.gitignore
|
|
|
ea8ea4 |
+++ b/.gitignore
|
|
|
ea8ea4 |
@@ -8,6 +8,7 @@
|
|
|
ea8ea4 |
/config/firewall-config.appdata.xml
|
|
|
ea8ea4 |
/config/firewall-config.desktop
|
|
|
ea8ea4 |
/config/firewalld.service
|
|
|
ea8ea4 |
+/config/firewalld.logrotate
|
|
|
ea8ea4 |
/config/firewalld-sysctls.conf
|
|
|
ea8ea4 |
/config/lockdown-whitelist.xml
|
|
|
ea8ea4 |
/config/org.fedoraproject.FirewallConfig.gschema.valid
|
|
|
ea8ea4 |
diff --git a/config/Makefile.am b/config/Makefile.am
|
|
|
ea8ea4 |
index 0a3e228bff74..d16f87c9c092 100644
|
|
|
ea8ea4 |
--- a/config/Makefile.am
|
|
|
ea8ea4 |
+++ b/config/Makefile.am
|
|
|
ea8ea4 |
@@ -35,6 +35,7 @@ BUILT_SOURCES = \
|
|
|
ea8ea4 |
$(polkit1_action_DATA) \
|
|
|
ea8ea4 |
$(gsettings_SCHEMAS) \
|
|
|
ea8ea4 |
firewalld-sysctls.conf \
|
|
|
ea8ea4 |
+ firewalld.logrotate \
|
|
|
ea8ea4 |
firewalld.service
|
|
|
ea8ea4 |
|
|
|
ea8ea4 |
@INTLTOOL_DESKTOP_RULE@
|
|
|
ea8ea4 |
@@ -44,7 +45,7 @@ BUILT_SOURCES = \
|
|
|
ea8ea4 |
|
|
|
ea8ea4 |
all: $(desktop_DATA) $(appdata_DATA) $(applet_desktop_DATA) $(polkit1_action_DATA) $(gsettings_SCHEMAS)
|
|
|
ea8ea4 |
|
|
|
ea8ea4 |
-CLEANFILES = *~ *\# .\#* firewalld.service firewalld-sysctls.conf
|
|
|
ea8ea4 |
+CLEANFILES = *~ *\# .\#* firewalld.service firewalld-sysctls.conf firewalld.logrotate
|
|
|
ea8ea4 |
|
|
|
ea8ea4 |
DISTCLEANFILES = \
|
|
|
ea8ea4 |
$(desktop_DATA) \
|
|
|
ea8ea4 |
@@ -285,6 +286,7 @@ EXTRA_DIST = \
|
|
|
ea8ea4 |
$(CONFIG_FILES) \
|
|
|
ea8ea4 |
lockdown-whitelist.xml.in \
|
|
|
ea8ea4 |
firewalld.init \
|
|
|
ea8ea4 |
+ firewalld.logrotate.in \
|
|
|
ea8ea4 |
firewalld-sysctls.conf.in \
|
|
|
ea8ea4 |
firewalld.service.in \
|
|
|
ea8ea4 |
firewalld.sysconfig \
|
|
|
ea8ea4 |
@@ -296,6 +298,9 @@ UNINSTALL_TARGETS = uninstall-config
|
|
|
ea8ea4 |
INSTALL_TARGETS += install-modprobe.d
|
|
|
ea8ea4 |
UNINSTALL_TARGETS += uninstall-modprobe.d
|
|
|
ea8ea4 |
|
|
|
ea8ea4 |
+INSTALL_TARGETS += install-logrotate.d
|
|
|
ea8ea4 |
+UNINSTALL_TARGETS += uninstall-logrotate.d
|
|
|
ea8ea4 |
+
|
|
|
ea8ea4 |
if USE_SYSTEMD
|
|
|
ea8ea4 |
INSTALL_TARGETS += install-service
|
|
|
ea8ea4 |
UNINSTALL_TARGETS += uninstall-service
|
|
|
ea8ea4 |
@@ -328,6 +333,9 @@ firewalld.service: firewalld.service.in
|
|
|
ea8ea4 |
firewalld-sysctls.conf: firewalld-sysctls.conf.in
|
|
|
ea8ea4 |
$(edit) $< >$@
|
|
|
ea8ea4 |
|
|
|
ea8ea4 |
+firewalld.logrotate: firewalld.logrotate.in
|
|
|
ea8ea4 |
+ $(edit) $< >$@
|
|
|
ea8ea4 |
+
|
|
|
ea8ea4 |
install-sysconfig:
|
|
|
ea8ea4 |
$(MKDIR_P) $(DESTDIR)$(sysconfdir)/sysconfig
|
|
|
ea8ea4 |
$(INSTALL_DATA) $(srcdir)/firewalld.sysconfig $(DESTDIR)$(sysconfdir)/sysconfig/firewalld
|
|
|
ea8ea4 |
@@ -368,6 +376,14 @@ uninstall-modprobe.d:
|
|
|
ea8ea4 |
rm -f $(DESTDIR)$(sysconfdir)/modprobe.d/firewalld-sysctls.conf
|
|
|
ea8ea4 |
rmdir $(DESTDIR)$(sysconfdir)/modprobe.d || :
|
|
|
ea8ea4 |
|
|
|
ea8ea4 |
+install-logrotate.d:
|
|
|
ea8ea4 |
+ $(MKDIR_P) $(DESTDIR)$(sysconfdir)/logrotate.d
|
|
|
ea8ea4 |
+ $(INSTALL_DATA) firewalld.logrotate $(DESTDIR)$(sysconfdir)/logrotate.d/firewalld
|
|
|
ea8ea4 |
+
|
|
|
ea8ea4 |
+uninstall-logrotate.d:
|
|
|
ea8ea4 |
+ rm -f $(DESTDIR)$(sysconfdir)/logrotate.d/firewalld
|
|
|
ea8ea4 |
+ rmdir $(DESTDIR)$(sysconfdir)/logrotate.d || :
|
|
|
ea8ea4 |
+
|
|
|
ea8ea4 |
install-config:
|
|
|
ea8ea4 |
$(MKDIR_P) $(DESTDIR)$(sconfdir)
|
|
|
ea8ea4 |
$(MKDIR_P) $(DESTDIR)$(sconfdir)/icmptypes
|
|
|
ea8ea4 |
diff --git a/config/firewalld.logrotate.in b/config/firewalld.logrotate.in
|
|
|
ea8ea4 |
new file mode 100644
|
|
|
ea8ea4 |
index 000000000000..8dba63b765e6
|
|
|
ea8ea4 |
--- /dev/null
|
|
|
ea8ea4 |
+++ b/config/firewalld.logrotate.in
|
|
|
ea8ea4 |
@@ -0,0 +1,7 @@
|
|
|
ea8ea4 |
+@localstatedir@/log/firewalld {
|
|
|
ea8ea4 |
+ weekly
|
|
|
ea8ea4 |
+ missingok
|
|
|
ea8ea4 |
+ rotate 4
|
|
|
ea8ea4 |
+ copytruncate
|
|
|
ea8ea4 |
+ minsize 1M
|
|
|
ea8ea4 |
+}
|
|
|
ea8ea4 |
diff --git a/firewalld.spec b/firewalld.spec
|
|
|
ea8ea4 |
index 65e84849e2fc..cade59891cd7 100644
|
|
|
ea8ea4 |
--- a/firewalld.spec
|
|
|
ea8ea4 |
+++ b/firewalld.spec
|
|
|
ea8ea4 |
@@ -243,6 +243,7 @@ fi
|
|
|
ea8ea4 |
%{_mandir}/man1/firewalld*.1*
|
|
|
ea8ea4 |
%{_mandir}/man5/firewall*.5*
|
|
|
ea8ea4 |
%{_sysconfdir}/modprobe.d/firewalld-sysctls.conf
|
|
|
ea8ea4 |
+%{_sysconfdir}/logrotate.d/firewalld
|
|
|
ea8ea4 |
|
|
|
ea8ea4 |
%files -n python-firewall
|
|
|
ea8ea4 |
%attr(0755,root,root) %dir %{python2_sitelib}/firewall
|
|
|
ea8ea4 |
--
|
|
|
ea8ea4 |
2.25.2
|
|
|
ea8ea4 |
|