package/nftables: fix the build of the pyhon bindings

nftables provides python bindings; it uses setuptools to install them. We currently install those bindings by telling the nftables buildsystem, autotools, to install the python bindings. However, we do not pass any of the environment variables that are needed for setuptools packages. When host-python-setuptools is installed before nftables is built [0], this breaks the system at runtime, as the bindings are not installed; only the egg is, resulting in runtime errors like: # python -c 'import nftables' Traceback (most recent call last): File "<string>", line 1, in <module> ModuleNotFoundError: No module named 'nftables' Upstream has been doing some changes on their python handling, but it is not in a released version yet, and we can't backport those changes either, due to other big changes. Instead, we split the pyhon bindings to their own package. For legacy handling, we make that new package default to y, so that existing (def)config still work. The only novelty is that it can be disabled now. Many thanks to Julien for testing and finding the offending dependency, to James for suggesting the package split, and to Adam for, well, trigerring the issue in the first place! ;-p Note: a git bisect of the issue turns up 72 candidates for the breakage, all around the time we dropped python2 support in early 2022; the last known-good commit is 55df30f8b1 (package/zfs: drop python2 support) and the first known-bad commit is 697acda00d (package/pkg-python: drop python2 host/setuptools support); everything in-between does not configure (package/python/Config.in.host still sourced but already removed), or does not build (host-python still in the dependency chain but already removed), so had to be skipped during the bisect. [0] This can happen when another python package using setuptools is built before nftables. However, with PPD, this never happens because host-python-setuptools is never in the dependency chain of nftables. Reported-by: Julien Olivain <ju.o@free.fr> Tested-by: Julien Olivain <ju.o@free.fr> Suggested-by: James Hilliard <james.hilliard1@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> Cc: Adam Duskett <aduskett@gmail.com> Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-08-17 21:11:30 +02:00 · 2023-08-17 21:11:30 +02:00 · eb74998125
commit eb74998125
parent d5162e790d
5 changed files with 42 additions and 8 deletions
--- a/package/nftables/Config.in
+++ b/package/nftables/Config.in
@ -13,5 +13,10 @@ config BR2_PACKAGE_NFTABLES

 	  http://www.netfilter.org/projects/nftables/index.html

+# Legacy: this used to be handled in nftables.mk
+if BR2_PACKAGE_NFTABLES
+source "package/nftables/nftables-python/Config.in"
+endif
+
 comment "nftables needs a toolchain w/ wchar, headers >= 3.12"
 	depends on !BR2_USE_WCHAR || !BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_12
--- a/package/nftables/nftables-python/Config.in
+++ b/package/nftables/nftables-python/Config.in
@ -0,0 +1,4 @@
+config BR2_PACKAGE_NFTABLES_PYTHON
+	bool "python bindings"
+	default y # legacy
+	depends on BR2_PACKAGE_PYTHON3
--- a/package/nftables/nftables-python/nftables-python.hash
+++ b/package/nftables/nftables-python/nftables-python.hash
@ -0,0 +1 @@
+../nftables.hash
--- a/package/nftables/nftables-python/nftables-python.mk
+++ b/package/nftables/nftables-python/nftables-python.mk
@ -0,0 +1,22 @@
+################################################################################
+#
+# nftables-python
+#
+################################################################################
+
+# The following assignments work only because nftables.mk is included before
+# this file is.
+NFTABLES_PYTHON_VERSION = $(NFTABLES_VERSION)
+NFTABLES_PYTHON_SOURCE = $(NFTABLES_SOURCE)
+NFTABLES_PYTHON_SITE = $(NFTABLES_SITE)
+NFTABLES_PYTHON_LICENSE = $(NFTABLES_LICENSE)
+NFTABLES_PYTHON_LICENSE_FILES = $(NFTABLES_LICENSE_FILES)
+
+# We share the same source code as nftables
+NFTABLES_PYTHON_DL_SUBDIR = nftables
+
+NFTABLES_PYTHON_SUBDIR = py
+
+NFTABLES_PYTHON_SETUP_TYPE = setuptools
+
+$(eval $(python-package))
--- a/package/nftables/nftables.mk
+++ b/package/nftables/nftables.mk
@ -10,9 +10,15 @@ NFTABLES_SITE = https://www.netfilter.org/projects/nftables/files
 NFTABLES_DEPENDENCIES = libmnl libnftnl host-pkgconf $(TARGET_NLS_DEPENDENCIES)
 NFTABLES_LICENSE = GPL-2.0
 NFTABLES_LICENSE_FILES = COPYING
-NFTABLES_CONF_OPTS = --disable-debug --disable-man-doc --disable-pdf-doc
 NFTABLES_SELINUX_MODULES = iptables

+# Python bindings are handled by package nftables-python
+NFTABLES_CONF_OPTS = \
+	--disable-debug \
+	--disable-man-doc \
+	--disable-pdf-doc \
+	--disable-python
+
 ifeq ($(BR2_PACKAGE_GMP),y)
 NFTABLES_DEPENDENCIES += gmp
 NFTABLES_CONF_OPTS += --without-mini-gmp
@ -42,13 +48,6 @@ else
 NFTABLES_CONF_OPTS += --without-json
 endif

-ifeq ($(BR2_PACKAGE_PYTHON3),y)
-NFTABLES_CONF_OPTS += --enable-python
-NFTABLES_DEPENDENCIES += python3
-else
-NFTABLES_CONF_OPTS += --disable-python
-endif
-
 NFTABLES_CONF_ENV = LIBS="$(NFTABLES_LIBS)"

 define NFTABLES_LINUX_CONFIG_FIXUPS
@ -58,3 +57,6 @@ define NFTABLES_LINUX_CONFIG_FIXUPS
 endef

 $(eval $(autotools-package))
+
+# Legacy: we used to handle it in this .mk
+include package/nftables/nftables-python/nftables-python.mk