From 5d889994472f9e43b3ae20fe42ebf490b9dd5380 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Tue, 17 Jun 2025 18:11:06 +0200 Subject: [PATCH] remove contrib/modules-load.d We used this to load the iptables module, since f41 we use nftables by default which does not need this at all so drop the module load file. If some distros default still to the legacy iptables they can manually add the moduled load file back. Signed-off-by: Paul Holzinger --- Makefile | 6 ------ contrib/modules-load.d/podman-iptables.conf | 5 ----- rpm/podman.spec | 5 ----- 3 files changed, 16 deletions(-) delete mode 100644 contrib/modules-load.d/podman-iptables.conf diff --git a/Makefile b/Makefile index 9574054762..75f44a093e 100644 --- a/Makefile +++ b/Makefile @@ -52,7 +52,6 @@ ETCDIR ?= /etc LIBDIR ?= ${PREFIX}/lib TMPFILESDIR ?= ${LIBDIR}/tmpfiles.d USERTMPFILESDIR ?= ${PREFIX}/share/user-tmpfiles.d -MODULESLOADDIR ?= ${LIBDIR}/modules-load.d SYSTEMDDIR ?= ${LIBDIR}/systemd/system USERSYSTEMDDIR ?= ${LIBDIR}/systemd/user SYSTEMDGENERATORSDIR ?= ${LIBDIR}/systemd/system-generators @@ -921,11 +920,6 @@ install.testing: install ${SELINUXOPT} -d -m 755 $(DESTDIR)$(BINDIR) install ${SELINUXOPT} -m 755 bin/podman-testing $(DESTDIR)$(BINDIR)/podman-testing -.PHONY: install.modules-load -install.modules-load: # This should only be used by distros which might use iptables-legacy, this is not needed on RHEL - install ${SELINUXOPT} -m 755 -d $(DESTDIR)${MODULESLOADDIR} - install ${SELINUXOPT} -m 644 contrib/modules-load.d/podman-iptables.conf $(DESTDIR)${MODULESLOADDIR}/podman-iptables.conf - .PHONY: install.man install.man: install ${SELINUXOPT} -d -m 755 $(DESTDIR)$(MANDIR)/man1 diff --git a/contrib/modules-load.d/podman-iptables.conf b/contrib/modules-load.d/podman-iptables.conf deleted file mode 100644 index 001ef8af84..0000000000 --- a/contrib/modules-load.d/podman-iptables.conf +++ /dev/null @@ -1,5 +0,0 @@ -# On fedora 36 ip_tables is no longer auto loaded and rootless user have no permsissions to load it. -# When we have actual nftables support in the future we might want to revisit this. -# If you use iptables-nft this is not needed. -ip_tables -ip6_tables diff --git a/rpm/podman.spec b/rpm/podman.spec index fd89e342f4..e0f0021bc2 100644 --- a/rpm/podman.spec +++ b/rpm/podman.spec @@ -296,11 +296,6 @@ PODMAN_VERSION=%{version} %{__make} DESTDIR=%{buildroot} PREFIX=%{_prefix} ETCDI install.remote \ install.testing -# See above for the iptables.conf declaration -%if %{defined fedora} && 0%{?fedora} < 41 -%{__make} DESTDIR=%{buildroot} MODULESLOADDIR=%{_modulesloaddir} install.modules-load -%endif - sed -i 's;%{buildroot};;g' %{buildroot}%{_bindir}/docker # do not include docker and podman-remote man pages in main package