[Kimchi-devel] [V2] spec: Open 8000 and 8001 port by default
Paulo Ricardo Paz Vital
pvital at linux.vnet.ibm.com
Fri Dec 20 13:28:27 UTC 2013
Hello Eli,
Am I missing something or you're supporting only the distro's package
managers? What happens if I decide to install Kimchi from the source
code?
Best regards,
--
Paulo Ricardo Paz Vital <pvital at linux.vnet.ibm.com>
IBM Linux Technology Center
On Fri, 2013-12-20 at 17:21 +0800, taget at linux.vnet.ibm.com wrote:
> From: Eli Qiao <taget at linux.vnet.ibm.com>
>
> V2 - V1 changes:
>
> 1.Add firewalld sevice configure file kimchid.xml to help open iptables port (Mark)
> 2.Add Ubuntu iptables rule (Royce)
>
> Signed-off-by: Eli Qiao <taget at linux.vnet.ibm.com>
> ---
> contrib/DEBIAN/control.in | 3 ++-
> contrib/DEBIAN/postinst | 2 ++
> contrib/DEBIAN/postrm | 2 ++
> contrib/kimchi.spec.fedora.in | 19 +++++++++++++++++++
> contrib/kimchi.spec.suse.in | 10 ++++++++--
> contrib/kimchid.service.fedora | 1 +
> src/Makefile.am | 1 +
> src/kimchid.xml | 7 +++++++
> 8 files changed, 42 insertions(+), 3 deletions(-)
> create mode 100644 src/kimchid.xml
>
> diff --git a/contrib/DEBIAN/control.in b/contrib/DEBIAN/control.in
> index 380584c..c0ea1f1 100644
> --- a/contrib/DEBIAN/control.in
> +++ b/contrib/DEBIAN/control.in
> @@ -17,7 +17,8 @@ Depends: python-cherrypy3 (>= 3.2.0),
> python-psutil (>= 0.6.0),
> python-ethtool,
> sosreport,
> - python-ipaddr
> + python-ipaddr,
> + firewalld
> Build-Depends:
> Maintainer: Aline Manera <alinefm at br.ibm.com>
> Description: Kimchi web server
> diff --git a/contrib/DEBIAN/postinst b/contrib/DEBIAN/postinst
> index c1fc22e..b27205c 100755
> --- a/contrib/DEBIAN/postinst
> +++ b/contrib/DEBIAN/postinst
> @@ -19,3 +19,5 @@
> # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
>
> service kimchid start
> +/usr/bin/firewall-cmd --reload
> +/usr/bin/firewall-cmd --add-service kimchid
> diff --git a/contrib/DEBIAN/postrm b/contrib/DEBIAN/postrm
> index ef90b49..3c70584 100755
> --- a/contrib/DEBIAN/postrm
> +++ b/contrib/DEBIAN/postrm
> @@ -26,3 +26,5 @@ case "$1" in
> rm -rf /var/log/kimchi /var/run/kimchi.pid /usr/share/kimchi/
> ;;
> esac
> +
> +/usr/bin/firewall-cmd --remove-service kimchid
> diff --git a/contrib/kimchi.spec.fedora.in b/contrib/kimchi.spec.fedora.in
> index 14ec359..3a3ca4c 100644
> --- a/contrib/kimchi.spec.fedora.in
> +++ b/contrib/kimchi.spec.fedora.in
> @@ -34,6 +34,7 @@ BuildRequires: python-unittest2
>
> %if 0%{?with_systemd}
> Requires: systemd
> +Requires: firewalld
> Requires(post): systemd
> Requires(preun): systemd
> Requires(postun): systemd
> @@ -63,6 +64,7 @@ make DESTDIR=%{buildroot} install
> %if 0%{?with_systemd}
> # Install the systemd scripts
> install -Dm 0644 contrib/kimchid.service.fedora %{buildroot}%{_unitdir}/kimchid.service
> +install -Dm 0640 src/kimchid.xml %{buildroot}%{_prefix}/lib/firewalld/services/kimchid.xml
> %endif
>
> %if 0%{?rhel} == 6
> @@ -83,16 +85,32 @@ fi
>
> %if 0%{?rhel} == 6
> start kimchid
> +# Add defult iptable rules to open 8000 and 8001 port
> +iptables -I INPUT -p tcp --dport 8000 -j ACCEPT
> +iptables -I INPUT -p tcp --dport 8001 -j ACCEPT
> +service iptables save
> %else
> service kimchid start
> +# Add firewalld rull to open 8000 and 8001 port
> +/usr/bin/firewall-cmd --reload
> +/usr/bin/firewall-cmd --add-service kimchid
> %endif
>
> %preun
> +%if 0%{?rhel} == 6
> +iptables -D INPUT -p tcp --dport 8000 -j ACCEPT
> +iptables -D INPUT -p tcp --dport 8001 -j ACCEPT
> +service iptables save
> +%else
> +/usr/bin/firewall-cmd --remove-service kimchid
> +%endif
> +
> if [ $1 -eq 0 ] ; then
> # Package removal, not upgrade
> /bin/systemctl --no-reload disable kimchid.service > /dev/null 2>&1 || :
> /bin/systemctl stop kimchid.service > /dev/null 2>&1 || :
> fi
> +
> exit 0
>
>
> @@ -153,6 +171,7 @@ rm -rf $RPM_BUILD_ROOT
>
> %if 0%{?with_systemd}
> %{_unitdir}/kimchid.service
> +%{_prefix}/lib/firewalld/services/kimchid.xml
> %endif
> %if 0%{?rhel} == 6
> /etc/init/kimchid.conf
> diff --git a/contrib/kimchi.spec.suse.in b/contrib/kimchi.spec.suse.in
> index 9051284..dde9dae 100644
> --- a/contrib/kimchi.spec.suse.in
> +++ b/contrib/kimchi.spec.suse.in
> @@ -46,10 +46,16 @@ install -Dm 0755 contrib/kimchid.sysvinit %{buildroot}%{_initrddir}/kimchid
> %post
> service kimchid start
> chkconfig kimchid on
> -
> +# Add iptables rules to open 8000 and 8001 port
> +iptables -I INPUT -p tcp --dport 8000 -j ACCEPT
> +iptables -I INPUT -p tcp --dport 8001 -j ACCEPT
> +service iptables save
> %preun
> service kimchid stop
> -
> +# Remove iptables rules to open 8000 and 8001 port
> +iptables -D INPUT -p tcp --dport 8000 -j ACCEPT
> +iptables -D INPUT -p tcp --dport 8001 -j ACCEPT
> +service iptables save
> %clean
> rm -rf $RPM_BUILD_ROOT
>
> diff --git a/contrib/kimchid.service.fedora b/contrib/kimchid.service.fedora
> index 7abe49b..e39f86b 100644
> --- a/contrib/kimchid.service.fedora
> +++ b/contrib/kimchid.service.fedora
> @@ -1,6 +1,7 @@
> [Unit]
> Description=Kimchi server
> Requires=libvirtd.service
> +Requires=firewalld.service
> After=libvirtd.service
>
> [Service]
> diff --git a/src/Makefile.am b/src/Makefile.am
> index 7d29e28..e3938a7 100644
> --- a/src/Makefile.am
> +++ b/src/Makefile.am
> @@ -24,6 +24,7 @@ SUBDIRS = kimchi distros.d
>
> EXTRA_DIST = kimchid.in \
> kimchi.conf.in \
> + kimchid.xml \
> $(NULL)
>
> bin_SCRIPTS = kimchid
> diff --git a/src/kimchid.xml b/src/kimchid.xml
> new file mode 100644
> index 0000000..dee4599
> --- /dev/null
> +++ b/src/kimchid.xml
> @@ -0,0 +1,7 @@
> +<?xml version="1.0" encoding="utf-8"?>
> +<service>
> + <short>kimchid</short>
> + <description>Kimchid is a daemon service for kimchi whichi is a HTML5 based management tool for KVM. It is designed to make it as easy as possible to get started with KVM and create your first guest.</description>
> + <port protocol="tcp" port="8000"/>
> + <port protocol="tcp" port="8001"/>
> +</service>
More information about the Kimchi-devel
mailing list