2018-06-21 23:51 CEST

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0005352GNUnetbuild processpublic2018-06-14 20:37
Reporterng0 
Assigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusnewResolutionopen 
Product VersionSVN HEAD 
Target Version0.11.0Fixed in Version 
Summary0005352: iptables is hardcoded. let's pick its location up at configure time.
DescriptionUnless someone beats me in it, this is a bug report for myself as one of many issues to fix-up to get GNUnet working properly on Guix. Also, assuming hardcoded locations is bad.

Unless we don't already scan for iptables, let's scan for iptables in the configure phase of the build process and use that location for the iptables binary.


more info: iptables exists in my profile (in other words: the visible $PATH). This is straight from HEAD commit.

--------------------------------------------------------------------------------


abyayala$ egrep -nr "iptables"
src/dns/gnunet-helper-dns.c:99:static const char *sbin_iptables;
src/dns/gnunet-helper-dns.c:715: * 6: skip sysctl, routing and iptables setup ("0")
src/dns/gnunet-helper-dns.c:719: * 3 iptables not executable
src/dns/gnunet-helper-dns.c:769: if (0 == access ("/sbin/iptables", X_OK))
src/dns/gnunet-helper-dns.c:770: sbin_iptables = "/sbin/iptables";
src/dns/gnunet-helper-dns.c:771: else if (0 == access ("/usr/sbin/iptables", X_OK))
src/dns/gnunet-helper-dns.c:772: sbin_iptables = "/usr/sbin/iptables";
src/dns/gnunet-helper-dns.c:776: "Fatal: executable iptables not found in approved directories: %s\n",
src/dns/gnunet-helper-dns.c:954: "iptables", "-m", "owner", "-t", "mangle", "-I", "OUTPUT", "1", "-p",
src/dns/gnunet-helper-dns.c:958: if (0 != fork_and_exec (sbin_iptables, mangle_args))
src/dns/gnunet-helper-dns.c:976: "iptables", "-t", "mangle", "-I", "OUTPUT", "2", "-p",
src/dns/gnunet-helper-dns.c:981: if (0 != fork_and_exec (sbin_iptables, mark_args))
src/dns/gnunet-helper-dns.c:1137: "iptables", "-t", "mangle", "-D", "OUTPUT", "-p", "udp",
src/dns/gnunet-helper-dns.c:1140: if (0 != fork_and_exec (sbin_iptables, mark_clean_args))
src/dns/gnunet-helper-dns.c:1160: "iptables", "-m", "owner", "-t", "mangle", "-D", "OUTPUT", "-p", "udp",
src/dns/gnunet-helper-dns.c:1164: if (0 != fork_and_exec (sbin_iptables, mangle_clean_args))
src/dns/test_gnunet_dns.sh:29:if ! iptables -t mangle --list &> /dev/null
src/dns/test_gnunet_dns.sh:31: echo "This test requires iptables with 'mangle' support. Skipping."
src/exit/gnunet-helper-exit.c:73: * Path to 'iptables' binary.
src/exit/gnunet-helper-exit.c:75:static const char *sbin_iptables;
src/exit/gnunet-helper-exit.c:671: if (0 == access ("/sbin/iptables", X_OK))
src/exit/gnunet-helper-exit.c:672: sbin_iptables = "/sbin/iptables";
src/exit/gnunet-helper-exit.c:673: else if (0 == access ("/usr/sbin/iptables", X_OK))
src/exit/gnunet-helper-exit.c:674: sbin_iptables = "/usr/sbin/iptables";
src/exit/gnunet-helper-exit.c:678: "Fatal: executable iptables not found in approved directories: %s\n",
src/exit/gnunet-helper-exit.c:761: char *const iptables_args[] =
src/exit/gnunet-helper-exit.c:763: "iptables", "-t", "nat", "-A", "POSTROUTING", "-o", argv[2], "-j", "MASQUERADE", NULL
src/exit/gnunet-helper-exit.c:765: if (0 != fork_and_exec (sbin_iptables,
src/exit/gnunet-helper-exit.c:766: iptables_args))
README:421:# iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 1080
README:425:# iptables -t nat -A PREROUTING -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 4433
contrib/apparmor/gnunet-helper-dns:31: /usr/lib/iptables/libxt_MARK.so mr,
contrib/apparmor/gnunet-helper-dns:32: /usr/lib/iptables/libxt_owner.so mr,
contrib/apparmor/gnunet-helper-dns:33: /usr/lib/iptables/libxt_standard.so mr,
contrib/apparmor/gnunet-helper-dns:34: /usr/lib/iptables/libxt_udp.so mr,
doc/documentation/chapters/user.texi:3154:make the necessary changes to your firewall (@code{iptables}) rules.
doc/documentation/chapters/developer.texi:7979:iptables -t mangle -I OUTPUT 1 -p udp --sport $LOCALPORT --dport 53 \
doc/documentation/chapters/developer.texi:7980:-j ACCEPT iptables -t mangle -I OUTPUT 2 -p udp --dport 53 -j MARK \
TagsNo tags attached.
Attached Files

-Relationships Relation Graph ] Dependency Graph ]
+Relationships

-Notes
There are no notes attached to this issue.
+Notes

-Issue History
Date Modified Username Field Change
2018-06-14 20:37 ng0 New Issue
+Issue History