diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2022-02-23 11:58:58 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-02-23 11:58:58 -0500 |
| commit | 113f855802176a4ffbe167304ab83942116a65f1 (patch) | |
| tree | ed9cd62f91eee1f2a1bb04ab0086f0a55444217d | |
| parent | d3699bbce63f283a609053d4aca23e4abe7dae4d (diff) | |
| parent | eab5a4cfb7b3bbb63cd2a1d9a5a69e9bc32d4cef (diff) | |
| download | podman-113f855802176a4ffbe167304ab83942116a65f1.tar.gz podman-113f855802176a4ffbe167304ab83942116a65f1.tar.bz2 podman-113f855802176a4ffbe167304ab83942116a65f1.zip | |
Merge pull request #13323 from Luap99/iptables-module
Load ip_tables modules at boot
| -rw-r--r-- | Makefile | 6 | ||||
| -rw-r--r-- | contrib/modules-load.d/podman-iptables.conf | 5 | ||||
| -rw-r--r-- | podman.spec.rpkg | 6 |
3 files changed, 17 insertions, 0 deletions
@@ -44,6 +44,7 @@ MANDIR ?= ${PREFIX}/share/man SHAREDIR_CONTAINERS ?= ${PREFIX}/share/containers ETCDIR ?= ${PREFIX}/etc TMPFILESDIR ?= ${PREFIX}/lib/tmpfiles.d +MODULESLOADDIR ?= ${PREFIX}/lib/modules-load.d SYSTEMDDIR ?= ${PREFIX}/lib/systemd/system USERSYSTEMDDIR ?= ${PREFIX}/lib/systemd/user REMOTETAGS ?= remote exclude_graphdriver_btrfs btrfs_noversion exclude_graphdriver_devicemapper containers_image_openpgp @@ -779,6 +780,11 @@ install.bin: install ${SELINUXOPT} -m 755 -d ${DESTDIR}${TMPFILESDIR} install ${SELINUXOPT} -m 644 contrib/tmpfile/podman.conf ${DESTDIR}${TMPFILESDIR}/podman.conf +.PHONY: install.modules-load +install.modules-load: # This should only be used by distros which might use iptables-legacy, this is not needed on RHEL + install ${SELINUXOPT} -m 755 -d ${DESTDIR}${MODULESLOADDIR} + install ${SELINUXOPT} -m 644 contrib/modules-load.d/podman-iptables.conf ${DESTDIR}${MODULESLOADDIR}/podman-iptables.conf + .PHONY: install.man install.man: install ${SELINUXOPT} -d -m 755 $(DESTDIR)$(MANDIR)/man1 diff --git a/contrib/modules-load.d/podman-iptables.conf b/contrib/modules-load.d/podman-iptables.conf new file mode 100644 index 000000000..001ef8af8 --- /dev/null +++ b/contrib/modules-load.d/podman-iptables.conf @@ -0,0 +1,5 @@ +# On fedora 36 ip_tables is no longer auto loaded and rootless user have no permsissions to load it. +# When we have actual nftables support in the future we might want to revisit this. +# If you use iptables-nft this is not needed. +ip_tables +ip6_tables diff --git a/podman.spec.rpkg b/podman.spec.rpkg index d02b7ea99..f810d0307 100644 --- a/podman.spec.rpkg +++ b/podman.spec.rpkg @@ -206,6 +206,9 @@ PODMAN_VERSION=%{version} %{__make} DESTDIR=%{buildroot} PREFIX=%{_prefix} ETCDI install.docker \ install.docker-docs \ install.remote \ +%if 0%{?fedora} >= 36 + install.modules-load +%endif install -d -p %{buildroot}/%{_datadir}/%{name}/test/system cp -pav test/system %{buildroot}/%{_datadir}/%{name}/test/ @@ -242,6 +245,9 @@ done %{_userunitdir}/%{name}.socket %{_userunitdir}/%{name}-restart.service %{_usr}/lib/tmpfiles.d/%{name}.conf +%if 0%{?fedora} >= 36 + %{_usr}/lib/modules-load.d/%{name}-iptables.conf +%endif %files docker %{_bindir}/docker |