Skip to content

Commit

Permalink
rpm: do not load iptables modules on f41+
Browse files Browse the repository at this point in the history
As we started to default to nftables on f41[1,2] we no longer have to
load legacy iptables modules.

[1] https://fedoraproject.org/wiki/Changes/NetavarkNftablesDefault
[2] containers/netavark#1038

Signed-off-by: Paul Holzinger <[email protected]>
  • Loading branch information
Luap99 committed Sep 30, 2024
1 parent e1496c9 commit b5e1863
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions rpm/podman.spec
Original file line number Diff line number Diff line change
Expand Up @@ -266,8 +266,8 @@ PODMAN_VERSION=%{version} %{__make} DESTDIR=%{buildroot} PREFIX=%{_prefix} ETCDI
install.remote \
install.testing

# Only need this on Fedora until nftables becomes the default
%if %{defined fedora}
# See above for the iptables.conf declaration
%if %{defined fedora} && 0%{?fedora} < 41
%{__make} DESTDIR=%{buildroot} MODULESLOADDIR=%{_modulesloaddir} install.modules-load
%endif

Expand Down Expand Up @@ -307,7 +307,10 @@ ln -s ../virtiofsd %{buildroot}%{_libexecdir}/%{name}
%{_tmpfilesdir}/%{name}.conf
%{_systemdgeneratordir}/%{name}-system-generator
%{_systemdusergeneratordir}/%{name}-user-generator
%if %{defined fedora}
# iptables modules are only needed with iptables-legacy,
# as of f41 netavark will default to nftables so do not load unessary modules
# https://fedoraproject.org/wiki/Changes/NetavarkNftablesDefault
%if %{defined fedora} && 0%{?fedora} < 41
%{_modulesloaddir}/%{name}-iptables.conf
%endif

Expand Down

0 comments on commit b5e1863

Please sign in to comment.