diff options
| -rw-r--r-- | configure.ac | 18 | ||||
| -rw-r--r-- | extras/Makefile.am | 2 | ||||
| -rw-r--r-- | extras/firewalld/Makefile.am | 6 | ||||
| -rw-r--r-- | extras/firewalld/glusterfs.xml | 13 | ||||
| -rw-r--r-- | glusterfs.spec.in | 34 |
5 files changed, 72 insertions, 1 deletions
diff --git a/configure.ac b/configure.ac index a93c1cd6de3..dfe105fab66 100644 --- a/configure.ac +++ b/configure.ac @@ -211,6 +211,7 @@ AC_CONFIG_FILES([Makefile extras/ocf/volume extras/LinuxRPM/Makefile extras/geo-rep/Makefile + extras/firewalld/Makefile extras/hook-scripts/add-brick/Makefile extras/hook-scripts/add-brick/pre/Makefile extras/hook-scripts/add-brick/post/Makefile @@ -731,6 +732,22 @@ AC_SUBST(ZLIB_CFLAGS) AC_SUBST(ZLIB_LIBS) # end CDC xlator secion +#start firewalld section +BUILD_FIREWALLD="no" +AC_ARG_ENABLE([firewalld], + AC_HELP_STRING([--enable-firewalld], + [enable installation configuration for firewalld]), + [BUILD_FIREWALLD="${enableval}"], [BUILD_FIREWALLD="no"]) + +if test "x${BUILD_FIREWALLD}" = "xyes"; then + if !(which firewalld 1>/dev/null 2>&1) ; then + BUILD_FIREWALLD="no (firewalld not installed)" + fi +fi +AM_CONDITIONAL([USE_FIREWALLD],test ["x${BUILD_FIREWALLD}" = "xyes"]) + +#endof firewald section + # Data tiering requires sqlite AC_ARG_ENABLE([tiering], AC_HELP_STRING([--disable-tiering], @@ -1343,4 +1360,5 @@ echo "Encryption xlator : $BUILD_CRYPT_XLATOR" echo "Unit Tests : $BUILD_UNITTEST" echo "POSIX ACLs : $BUILD_POSIX_ACLS" echo "Data Classification : $BUILD_GFDB" +echo "firewalld-config : $BUILD_FIREWALLD" echo diff --git a/extras/Makefile.am b/extras/Makefile.am index 6c11cb4b7a9..76dbb36ab9e 100644 --- a/extras/Makefile.am +++ b/extras/Makefile.am @@ -5,7 +5,7 @@ EditorModedir = $(docdir) EditorMode_DATA = glusterfs-mode.el glusterfs.vim SUBDIRS = init.d systemd benchmarking hook-scripts $(OCF_SUBDIR) LinuxRPM \ - $(GEOREP_EXTRAS_SUBDIR) ganesha snap_scheduler + $(GEOREP_EXTRAS_SUBDIR) ganesha snap_scheduler firewalld confdir = $(sysconfdir)/glusterfs conf_DATA = glusterfs-logrotate gluster-rsyslog-7.2.conf gluster-rsyslog-5.8.conf \ diff --git a/extras/firewalld/Makefile.am b/extras/firewalld/Makefile.am new file mode 100644 index 00000000000..a5c11b0b783 --- /dev/null +++ b/extras/firewalld/Makefile.am @@ -0,0 +1,6 @@ +EXTRA_DIST = glusterfs.xml + +if USE_FIREWALLD +staticdir = /usr/lib/firewalld/services/ +static_DATA = glusterfs.xml +endif diff --git a/extras/firewalld/glusterfs.xml b/extras/firewalld/glusterfs.xml new file mode 100644 index 00000000000..f8efd90c3b5 --- /dev/null +++ b/extras/firewalld/glusterfs.xml @@ -0,0 +1,13 @@ +<?xml version="1.0" encoding="utf-8"?> +<service> +<short>glusterfs-static</short> +<description>Default ports for gluster-distributed storage</description> +<port protocol="tcp" port="24007"/> <!--For glusterd --> +<port protocol="tcp" port="24008"/> <!--For glusterd RDMA port management --> +<port protocol="tcp" port="38465"/> <!--Gluster NFS service --> +<port protocol="tcp" port="38466"/> <!--Gluster NFS service --> +<port protocol="tcp" port="38467"/> <!--Gluster NFS service --> +<port protocol="tcp" port="38468"/> <!--Gluster NFS service --> +<port protocol="tcp" port="38469"/> <!--Gluster NFS service --> +<port protocol="tcp" port="49152-49664"/> <!--512 ports for bricks --> +</service> diff --git a/glusterfs.spec.in b/glusterfs.spec.in index cd1b272fe9c..94f6144e713 100644 --- a/glusterfs.spec.in +++ b/glusterfs.spec.in @@ -85,6 +85,10 @@ %global _with_systemd true %endif +%if ( 0%{?fedora} ) || ( 0%{?rhel} && 0%{?rhel} >= 7 ) +%global _with_firewalld --enable-firewalld +%endif + %if 0%{?_tmpfilesdir:1} %define _with_tmpfilesdir --with-tmpfilesdir=%{_tmpfilesdir} %else @@ -225,6 +229,10 @@ BuildRequires: glib2-devel BuildRequires: libattr-devel %endif +%if (0%{?_with_firewalld:1}) +BuildRequires: firewalld +%endif + Obsoletes: hekafs Obsoletes: %{name}-common < %{version}-%{release} Obsoletes: %{name}-core < %{version}-%{release} @@ -594,6 +602,7 @@ This package provides the translators needed on any GlusterFS client. %{?_without_epoll} \ %{?_without_fusermount} \ %{?_without_georeplication} \ + %{?_with_firewalld} \ %{?_without_ocf} \ %{?_without_qemu_block} \ %{?_without_rdma} \ @@ -874,6 +883,15 @@ if [ -e /etc/ld.so.conf.d/glusterfs.conf ]; then rm -f /etc/ld.so.conf.d/glusterfs.conf /sbin/ldconfig fi + +%if (0%{?_with_firewalld:1}) +#reload service files if firewalld running +if $(systemctl is-active firewalld 1>/dev/null 2>&1); then + #firewalld-filesystem is not available for rhel7, so command used for reload. + firewall-cmd --reload +fi +%endif + pidof -c -o %PPID -x glusterd &> /dev/null if [ $? -eq 0 ]; then kill -9 `pgrep -f gsyncd.py` &> /dev/null @@ -931,6 +949,15 @@ fi %postun api /sbin/ldconfig +%postun server +%if (0%{?_with_firewalld:1}) +#reload service files if firewalld running +if $(systemctl is-active firewalld 1>/dev/null 2>&1); then + firewall-cmd --reload +fi +%endif + + %postun libs /sbin/ldconfig @@ -1231,8 +1258,15 @@ fi %{_libexecdir}/glusterfs/peer_add_secret_pub %{_sharedstatedir}/glusterd/hooks/1/delete/post/S57glusterfind-delete-post.py +%if ( 0%{?_with_firewalld:1} ) +/usr/lib/firewalld/services/glusterfs.xml +%endif + %changelog +* Tue Sep 15 2015 Anand Nekkunti <anekkunt@redhat.com> +- adding glusterfs-firewalld service (#1057295) + * Tue Sep 1 2015 Kaleb S. KEITHLEY <kkeithle@redhat.com> - erroneous ghost of ../hooks/1/delete causes install failure (#1258976) |