meta-openembedded: subtree update:fd1a0c9210..1bfaa2e63a

Alex Kiernan (1):
      ostree: Upgrade 2019.3 -> 2019.4

Alexander Kanavin (1):
      lua: change a hard readline dependency into an optional one

Andreas Müller (5):
      catfish: upgrade 1.4.9 -> 1.4.10
      polkit-group-rules: Fix error in do_rootfs for rpm package-manager
      jack: upgrade 1.9.12 -> 1.9.13
      fluidsynth: upgrade 2.0.6 -> 2.0.7
      xfce4-panel: upgrade 4.14.0 -> 4.14.1

Bartosz Golaszewski (3):
      networkd-dispatcher: use distro_features_check to check for systemd
      networkd-dispatcher: remove unneeded RDEPENDS
      networkd-dispatcher: inherit systemd class

Changqing Li (1):
      multipath-tools: upgrade 0.8.1 -> 0.8.2

Hongxu Jia (1):
      lvm2: remove unsupported OPTIONS+="event_timeout" rule

Khem Raj (6):
      nvme-cli: Use install-spec target
      jsonrpc: Disable coverage in default build
      bdwgc: Enable C++ support and Additional options for musl
      a2jmidid: Fix build on risv
      tinyalsa: Update to latest
      packagegroup-meta-multimedia: Remove libsquish from rdeps

Martin Schwan (1):
      python-waitress: Add recipes

Paul Eggleton (1):
      mosquitto: update to 1.6.7

Peiran Hong (1):
      tcpdump: Delete unused patch

Peter Kjellerstedt (1):
      kconfig-frontends: Retrieve the Git repository from GitLab

Randy MacLeod (1):
      rwmem: add DESCRIPTION since the summary is vague

Trevor Gamblin (1):
      rsyslog: fix CVE-2019-17040

Zang Ruochen (7):
      firewalld: upgrade 0.7.1 -> 0.7.2
      fetchmail: upgrade 6.3.26 -> 6.4.1
      python-asn1crypto: upgrade 0.24.0 -> 1.0.1
      python-attrs: upgrade 19.1.0 -> 19.2.0
      python-beautifulsoup4: upgrade 4.8.0 -> 4.8.1
      python-cmd2: upgrade 0.9.17 -> 0.9.18
      python-jinja2: upgrade 2.10.1 -> 2.10.3

Change-Id: Ief2d129403b43b308c19093ac63a498c8d51eb50
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>

1 files changed, 88 insertions, 0 deletions

diff --git a/meta-openembedded/meta-networking/recipes-connectivity/firewalld/firewalld_0.7.2.bb b/meta-openembedded/meta-networking/recipes-connectivity/firewalld/firewalld_0.7.2.bb
new file mode 100644
index 000000000..7d80a632d
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-connectivity/firewalld/firewalld_0.7.2.bb
@@ -0,0 +1,88 @@
+SUMMARY = "Dynamic firewall daemon with a D-Bus interface"
+HOMEPAGE = "https://firewalld.org/"
+BUGTRACKER = "https://github.com/firewalld/firewalld/issues"
+UPSTREAM_CHECK_URI = "https://github.com/firewalld/firewalld/releases"
+LICENSE = "GPLv2+"
+LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
+
+SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/v${PV}/${BP}.tar.gz \
+           file://firewalld.init \
+"
+SRC_URI[md5sum] = "2549c2006def07a19b4c77ec960e5aab"
+SRC_URI[sha256sum] = "fbd1b72b3c4b4d0c20659f664b2ba36175364ffbb9cebf3bdfaf9b5e6983be77"
+
+# glib-2.0-native is needed for GSETTINGS_RULES autoconf macro from gsettings.m4
+DEPENDS = "intltool-native glib-2.0-native libxslt-native docbook-xsl-stylesheets-native"
+
+inherit gettext autotools bash-completion python3native gsettings systemd update-rc.d
+
+PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}"
+PACKAGECONFIG[systemd] = "--with-systemd-unitdir=${systemd_system_unitdir},--disable-systemd"
+
+PACKAGES += "${PN}-zsh-completion"
+
+# iptables, ip6tables, ebtables, and ipset *should* be unnecessary
+# when the nftables backend is available, because nftables supersedes all of them.
+# However we still need iptables and ip6tables to be available otherwise any
+# application relying on "direct passthrough" rules (such as docker) will break.
+# /etc/sysconfig/firewalld is a Red Hat-ism, only referenced by
+# the Red Hat-specific init script which we aren't using, so we disable that.
+EXTRA_OECONF = "\
+    --with-nft=${sbindir}/nft \
+    --without-ipset \
+    --with-iptables=${sbindir}/iptables \
+    --with-iptables-restore=${sbindir}/iptables-restore \
+    --with-ip6tables=${sbindir}/ip6tables \
+    --with-ip6tables-restore=${sbindir}/ip6tables-restore \
+    --without-ebtables \
+    --without-ebtables-restore \
+    --disable-sysconfig \
+    --with-xml-catalog=${STAGING_ETCDIR_NATIVE}/xml/catalog \
+"
+
+INITSCRIPT_NAME = "firewalld"
+SYSTEMD_SERVICE_${PN} = "firewalld.service"
+
+do_install_append() {
+    if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
+        :
+    else
+        # firewalld ships an init script but it contains Red Hat-isms, replace it with our own
+        rm -rf ${D}${sysconfdir}/rc.d/
+        install -d ${D}${sysconfdir}/init.d
+        install -m0755 ${WORKDIR}/firewalld.init ${D}${sysconfdir}/init.d/firewalld
+    fi
+
+    # We ran ./configure with PYTHON pointed at the binary inside $STAGING_BINDIR_NATIVE
+    # so now we need to fix up any references to point at the proper path in the image.
+    # This hack is also in distutils.bbclass, but firewalld doesn't use distutils/setuptools.
+    if [ ${PN} != "${BPN}-native" ]; then
+        sed -i -e s:${STAGING_BINDIR_NATIVE}/python3-native/python3:${bindir}/python3:g \
+            ${D}${bindir}/* ${D}${sbindir}/* ${D}${sysconfdir}/firewalld/*.xml
+    fi
+    sed -i -e s:${STAGING_BINDIR_NATIVE}:${bindir}:g \
+        ${D}${bindir}/* ${D}${sbindir}/* ${D}${sysconfdir}/firewalld/*.xml
+}
+
+FILES_${PN} += "\
+    ${PYTHON_SITEPACKAGES_DIR}/firewall \
+    ${datadir}/dbus-1 \
+    ${datadir}/polkit-1 \
+    ${datadir}/metainfo \
+"
+FILES_${PN}-zsh-completion = "${datadir}/zsh/site-functions"
+
+RDEPENDS_${PN} = "\
+    nftables \
+    iptables \
+    python3-core \
+    python3-io \
+    python3-fcntl \
+    python3-shell \
+    python3-syslog \
+    python3-xml \
+    python3-dbus \
+    python3-slip-dbus \
+    python3-decorator \
+    python3-pygobject \
+"