diff options
author | lsf | 2023-03-07 11:55:16 +0100 |
---|---|---|
committer | lsf | 2023-03-07 11:55:16 +0100 |
commit | 3aa89c9b010086cf3ad1f56ae75d84ec1831f060 (patch) | |
tree | 14c9d4baa7dbdd07ce4fc25b1adf062e24c98f6d | |
parent | aabd02c85309782a48024156d6406f709e3c0a09 (diff) | |
download | aur-3aa89c9b010086cf3ad1f56ae75d84ec1831f060.tar.gz |
fix sed issues; align more with Arch upstream PKGBUILD
-rw-r--r-- | .SRCINFO | 29 | ||||
-rw-r--r-- | PKGBUILD | 108 | ||||
-rw-r--r-- | fix-systemd-service.patch | 34 |
3 files changed, 140 insertions, 31 deletions
@@ -1,6 +1,6 @@ pkgbase = opensnitch-git pkgdesc = A GNU/Linux port of the Little Snitch application firewall - pkgver = 1.6.0rc2.r21.564c263 + pkgver = 1.6.0rc5.r7.c2352d0 pkgrel = 1 url = https://github.com/evilsocket/opensnitch install = opensnitch.install @@ -12,25 +12,40 @@ pkgbase = opensnitch-git license = GPL3 makedepends = git makedepends = go - makedepends = python-setuptools makedepends = python-grpcio-tools + makedepends = python-build + makedepends = python-installer + makedepends = python-wheel + makedepends = python-setuptools + makedepends = python-nspektr + makedepends = python-jaraco.text makedepends = qt5-tools + depends = hicolor-icon-theme depends = libnetfilter_queue depends = libpcap depends = python-grpcio depends = python-protobuf - depends = python-pyinotify depends = python-slugify depends = python-pyqt5 - optdepends = logrotate: for logfile rotation support + depends = python-pyinotify + depends = python-notify2 + optdepends = logrotate: logfile rotation optdepends = opensnitch-ebpf-module-git: eBPF process monitor method (non-hardened kernel only) - optdepends = python-notify2: desktop notifications - optdepends = python-pyasn: display network names - optdepends = python-qt-material-git: theming + optdepends = python-pyasn: display network names of IP + optdepends = python-qt-material-git: extra ui themes provides = opensnitch conflicts = opensnitch backup = etc/opensnitchd/default-config.json + backup = etc/opensnitchd/system-fw.json source = git+https://github.com/evilsocket/opensnitch.git + source = fix-systemd-service.patch + source = https://raw.githubusercontent.com/archlinux/svntogit-community/eebb5fb16ed15251d3ead163e8e4b4229c21a999/trunk/remove-debian-path.patch + source = https://raw.githubusercontent.com/archlinux/svntogit-community/eebb5fb16ed15251d3ead163e8e4b4229c21a999/trunk/fix-setup.py.patch + source = https://raw.githubusercontent.com/archlinux/svntogit-community/eebb5fb16ed15251d3ead163e8e4b4229c21a999/trunk/tmpfiles.conf sha256sums = SKIP + sha256sums = 9c3b312492c8127ca5e766cc5d6a8f8abcc5212be0d012e9f91c0258db4e9970 + sha256sums = 4485913927e77c2edf46afcec9c2fbd6b1b6c8139d43d3b587b39ae2afdde398 + sha256sums = e77d2f6a6ada2761a987828e00c7725dee0c06bdb8793ae414d0df7fb1eb44a7 + sha256sums = 09bd2cda97f74033617fd31efce8eba68eac03b29ea6d0f55aba2cef18824a72 pkgname = opensnitch-git @@ -3,27 +3,62 @@ # Contributor: lsf # Contributor: Adam Hose <adis@blad.is> pkgname=opensnitch-git -pkgver=1.6.0rc2.r21.564c263 +pkgver=1.6.0rc5.r7.c2352d0 pkgrel=1 pkgdesc="A GNU/Linux port of the Little Snitch application firewall" arch=('i686' 'x86_64' 'armv6h' 'armv7h' 'aarch64') url="https://github.com/evilsocket/opensnitch" license=('GPL3') -makedepends=('git' 'go' 'python-setuptools' - 'python-grpcio-tools' 'qt5-tools') -depends=('libnetfilter_queue' 'libpcap' 'python-grpcio' 'python-protobuf' - 'python-pyinotify' 'python-slugify' 'python-pyqt5') -optdepends=('logrotate: for logfile rotation support' - 'opensnitch-ebpf-module-git: eBPF process monitor method (non-hardened kernel only)' - 'python-notify2: desktop notifications' - 'python-pyasn: display network names' - 'python-qt-material-git: theming') +makedepends=( + 'git' + 'go' + 'python-grpcio-tools' + 'python-build' + 'python-installer' + 'python-wheel' + 'python-setuptools' + 'python-nspektr' + 'python-jaraco.text' + 'qt5-tools' +) +depends=( + 'hicolor-icon-theme' + 'libnetfilter_queue' + 'libpcap' # check: do we still need this? Arch upstream says no? + 'python-grpcio' + 'python-protobuf' + 'python-slugify' + 'python-pyqt5' + 'python-pyinotify' + 'python-notify2' +) +optdepends=( + 'logrotate: logfile rotation' + 'opensnitch-ebpf-module-git: eBPF process monitor method (non-hardened kernel only)' + 'python-pyasn: display network names of IP' + 'python-qt-material-git: extra ui themes') provides=("${pkgname%-git}") conflicts=("${pkgname%-git}") -backup=("etc/${pkgname%-git}d/default-config.json") +backup=( + "etc/${pkgname%-git}d/default-config.json" + "etc/${pkgname%-git}d/system-fw.json" +) install="${pkgname%-git}.install" -source=('git+https://github.com/evilsocket/opensnitch.git') -sha256sums=('SKIP') +_arch_svntogit=https://raw.githubusercontent.com/archlinux/svntogit-community +_arch_commit=eebb5fb16ed15251d3ead163e8e4b4229c21a999 +_arch_git_url=${_arch_svntogit}/${_arch_commit}/trunk/ +source=( + 'git+https://github.com/evilsocket/opensnitch.git' + "fix-systemd-service.patch" + "${_arch_git_url}remove-debian-path.patch" + "${_arch_git_url}fix-setup.py.patch" + "${_arch_git_url}tmpfiles.conf" +) +sha256sums=('SKIP' + '9c3b312492c8127ca5e766cc5d6a8f8abcc5212be0d012e9f91c0258db4e9970' + '4485913927e77c2edf46afcec9c2fbd6b1b6c8139d43d3b587b39ae2afdde398' + 'e77d2f6a6ada2761a987828e00c7725dee0c06bdb8793ae414d0df7fb1eb44a7' + '09bd2cda97f74033617fd31efce8eba68eac03b29ea6d0f55aba2cef18824a72') pkgver() { cd "$srcdir/${pkgname%-git}" @@ -35,8 +70,27 @@ prepare() { go clean -modcache cd "$srcdir/${pkgname%-git}" - sed -i 's|local/bin|bin|g' "daemon/${pkgname%-git}d.service" - sed -i 's|/usr/lib/python3/dist-packages/data/|/usr/lib/python3.10/site-packages/pyasn/data/|g' ui/opensnitch/utils.py + + # Arch upstream patches + + # TODO file an upstream bug + # * fix an issue with setup.py installing to python's site-packages instead + # of /usr + # * prefer scaled SVG instead of pixellated 48x48 PNG + patch -p1 -i "$srcdir/fix-setup.py.patch" + + # TODO file an upstream bug + # fix a couple of issues with the systemd services + # (slightly adapted Arch upstream patch) + patch -p1 -i "$srcdir/fix-systemd-service.patch" + + # TODO file an upstream bug + # remove Debian-specific path from sys.path + patch -p1 -i "$srcdir/remove-debian-path.patch" + + # other fixes + + sed -i 's|/usr/lib/python3/dist-packages/data/|/usr/lib/python3.10/site-packages/pyasn/data/|g' ui/opensnitch/utils/__init__.py sed -i 's|/usr/lib/python3/dist-packages/|/usr/lib/python3.10/site-packages/|g' ui/bin/opensnitch-ui } @@ -62,8 +116,9 @@ build() { pushd ui pyrcc5 -o opensnitch/resources_rc.py opensnitch/res/resources.qrc - sed -i 's/^import ui_pb2/from . import ui_pb2/' opensnitch/ui_pb2* - python setup.py build + # sed -i 's/^import ui_pb2/from . import ui_pb2/' opensnitch/ui_pb2* + python -m build --wheel --no-isolation + # python setup.py build popd go clean -modcache @@ -77,15 +132,17 @@ build() { package() { cd "$srcdir/${pkgname%-git}" - pushd ui - export PYTHONHASHSEED=0 # to hopefully avoid annoying keychain popups - python setup.py install --root="$pkgdir/" --optimize=1 --skip-build - popd + # pushd ui + # export PYTHONHASHSEED=0 # to hopefully avoid annoying keychain popups + # python setup.py install --root="$pkgdir/" --optimize=1 --skip-build + # popd install -d "$pkgdir/etc/${pkgname%-git}d/rules" install -Dm755 "daemon/${pkgname%-git}d" -t "$pkgdir/usr/bin" install -Dm644 "daemon/${pkgname%-git}d.service" -t \ "$pkgdir/usr/lib/systemd/system" + install -vDm644 "$srcdir/tmpfiles.conf" \ + "$pkgdir/usr/lib/tmpfiles.d/${pkgname%-git}.conf" # install -Dm644 "daemon/${pkgname%-git}d-ebpf.service" -t \ # "$pkgdir/usr/lib/systemd/system" install -Dm644 daemon/default-config.json -t "$pkgdir/etc/${pkgname%-git}d" @@ -93,7 +150,10 @@ package() { install -Dm644 "utils/packaging/daemon/deb/debian/${pkgname%-git}.logrotate" \ "$pkgdir/etc/logrotate.d/${pkgname%-git}" - # clean up test dir to avoid conflicts with other packages - # that also do not clear up the test dir ^^ - rm -rf "$pkgdir/usr/lib/python3.10/site-packages/tests" + # python ui + python -m installer --destdir="$pkgdir" ui/dist/*.whl + + # tests are in site-packages, big no-no + local site_packages=$(python -c "import site; print(site.getsitepackages()[0])") + rm -rf "$pkgdir/$site_packages/tests" } diff --git a/fix-systemd-service.patch b/fix-systemd-service.patch new file mode 100644 index 000000000000..be16ae30e298 --- /dev/null +++ b/fix-systemd-service.patch @@ -0,0 +1,34 @@ +diff --git a/daemon/opensnitchd.service b/daemon/opensnitchd.service +index 3f05fad..0aea7fc 100644 +--- a/daemon/opensnitchd.service ++++ b/daemon/opensnitchd.service +@@ -4,9 +4,7 @@ Documentation=https://github.com/evilsocket/opensnitch/wiki + + [Service] + Type=simple +-PermissionsStartOnly=true +-ExecStartPre=/bin/mkdir -p /etc/opensnitchd/rules +-ExecStart=/usr/local/bin/opensnitchd -rules-path /etc/opensnitchd/rules ++ExecStart=/usr/bin/opensnitchd -rules-path /etc/opensnitchd/rules + Restart=always + RestartSec=30 + TimeoutStopSec=10 +diff --git a/utils/packaging/daemon/deb/debian/opensnitch.service b/utils/packaging/daemon/deb/debian/opensnitch.service +index b4301a5..6fc91f3 100644 +--- a/utils/packaging/daemon/deb/debian/opensnitch.service ++++ b/utils/packaging/daemon/deb/debian/opensnitch.service +@@ -1,13 +1,11 @@ + [Unit] + Description=Application firewall OpenSnitch +-Documentation=https://github.com/gustavo-iniguez-goya/opensnitch/wiki ++Documentation=https://github.com/evilsocket/opensnitch/wiki + Wants=network.target + After=network.target + + [Service] + Type=simple +-PermissionsStartOnly=true +-ExecStartPre=/bin/mkdir -p /etc/opensnitchd/rules + ExecStart=/usr/bin/opensnitchd -rules-path /etc/opensnitchd/rules + Restart=always + RestartSec=30 |