gentoo resync : 15.12.2019

7 files changed, 185 insertions, 33 deletions

diff --git a/net-firewall/nftables/Manifest b/net-firewall/nftables/Manifest
index 4e29ada8236b..54925b9d4067 100644
--- a/net-firewall/nftables/Manifest
+++ b/net-firewall/nftables/Manifest
@@ -10,8 +10,10 @@ AUX systemd/nftables-restore.service 394 BLAKE2B 1c1f358eb2eff789e68c051098c971f
 DIST nftables-0.9.0.tar.gz 417981 BLAKE2B 4dfba4d71928f1694ffeb4871353fc373d88e23c5ba716e726e1e6aba0efb2703233528f7a408bfefe47bfe54aa3612cccab9742c2a2208ec8c7a4bcda0e1823 SHA512 78e383bad5440c9414202cf0e4b6749fc5c01071d2fa547208e61cea6e7e179933990e7e538a60696eb0a7cf510d2c4b273a91d50287bb51507d244cd2875aed
 DIST nftables-0.9.1.tar.bz2 764066 BLAKE2B 26b194d6b3b970c05348c32a3ab21e8c25fcdb0d09d3d6b467198ba23a5bb44e7b6450d3efb86c39a488df4a837885c4a1ab96c197d5449f7de49b7b18ff5f90 SHA512 e14b75197ba3fea2a46c090450bf8b45b39fdc20db67bab1d6919c90128dee8ea8bbe9508e070f86b22ec70bcad8ab584fb89630a2240f09683137471c77d242
 DIST nftables-0.9.2.tar.bz2 779850 BLAKE2B 40bf9ed956a126048f27b343afc7aa4f6e34f35dc91127402cb127903f8150d212c80491fef2b54c18a63ca065608521062b3f6a2dd78969bdbf4d7d8a5a751d SHA512 2d83b104af0d70f99a16c2e40afdb9bf89bd984323810e2895976c5e2e346bf09dd88850a391f295e335279adfdd39d34c13610cf8e6b801499dc0df2a5cecf6
-EBUILD nftables-0.9.0-r4.ebuild 2497 BLAKE2B 17916257a8fd7934348d4ceddcbead2c50a24954bff6b50e9f13ec5da2351935c3310be2c6749bfb94141523ca2157e6fe84d89bb7b56914f4f3a0553b7e58b8 SHA512 bf2036978cc0412b677c9117512db14c7344747e19f3fe1b2ef6a7d2b750cf64b33c41bdfaae55f8cfdda19c7f376faadd16a626816672a05b70b11d77231ffc
-EBUILD nftables-0.9.0-r5.ebuild 2871 BLAKE2B 043bd133d04a8d21f5b9444100e07b5b9331b40de3658477842b604d2caf6bed6b69aeb56dc1ff976174c5645801a46d4de95db7c7d050c1f0bb02e940733d05 SHA512 a109e15ddfc0f54684b568c4cd1c663ee1d801104553b8cfb2e6d1fb1071039e2ad95d0653d61d6e3b4a2fa6739cc101918bd1848698928f0589ca66112dc96b
-EBUILD nftables-0.9.1-r1.ebuild 3813 BLAKE2B 3f9a5e868ec743ad2fb702d8fe07b2bb4e0bb5da6a34a4daf2b3ae69ea2bcb799c0093b2ced4884e4904cd032cdd50738db8b8167fefa3e8d5cf27d8942c7d8d SHA512 b3cd2e1acb1cfb01b9ef74ff37230c5b4762453639c06ddeba889d6b832a5adcc7b587143f02e20388afd989811243d504a603c5dcc99d1a068e34a7ef5d9e60
-EBUILD nftables-0.9.2-r1.ebuild 3716 BLAKE2B 89a0ad3d4adfab23299b1908d80aee7469e73f90ab3360524e7636f4f2025afc3bceefdd21d56568f2b4e00b9ff36d5c68c62999495aab5bfc0ba1344fe5e8b3 SHA512 638f9b38806ccd4279ce9038ccbd45925d10adf7311b52d555c4ba70ec29d97eb4f3d76a0afac2f22529940efc21264e68005ecf7cc0fffc2923c8a1a6f2cc69
-MISC metadata.xml 918 BLAKE2B 16404ad621319f8a8e93e39d8586aaadb0f6fc6989ee928605a8e5e00f581c5f84b11b9718958667a2f76722950a893e5d6097ff2f242961998ac7b092901489 SHA512 27413ba6b81e930b13ae55292d1c308b54b173cf120430d5462313cd8052834bd01e272978b3ba1d4b9f1be99215a90446b2e93bd0a502d328182706be40f02d
+DIST nftables-0.9.3.tar.bz2 786759 BLAKE2B 578276d861fdb2b843223aca1276bbc1dda9627d0058259a966e324e30ee64d8c102d1e2cceb82d29143caa9dcd1a4492df168f1c87b136fc7b3a1a7dc8568a8 SHA512 d264f6fc75c95510e29fe7d5b82ae418d502f40437b098ba6117ffb1374d9989d70a7296e2e58c5fb25142145a987bb9c160902637899f892589809f9541db43
+EBUILD nftables-0.9.0-r5.ebuild 2886 BLAKE2B bea596aa70ac2317ad61e3ee2bd27e904c3004124e7a79fa91cd4177e0fc09fc82e9181e97766079c6005de2f0f5c04ccabdddd376865884b05f1660a049360f SHA512 44aa02207ec3db7ca91b9969847b82ed7d417b4ae7cdcd5a0fb54bb99d492be7ed3f56321d6d12757289912030016e0a1a2c6be8b4b93f40983d012c02f0e4f3
+EBUILD nftables-0.9.0-r6.ebuild 2869 BLAKE2B af739ee33b4666216d4bc049b3c5f274a90a3f906ef72a60ce433848cc4cf2801c5ccc9fe19945fd36f3da821ddbcfbccb7af510dbc4df2b0b35c38c39529ba7 SHA512 50bb9e432f6b4de5aaac7010799a915841b870ab49fe6b1636fe1e0ce8dc0bf60a1fb1bc412c24af9b66f886bc41d9a7f77ffa092db2b8d84d83213d79c896fd
+EBUILD nftables-0.9.1-r2.ebuild 3840 BLAKE2B b7b25df46be1b669c74f4d20fb66fb0d703c8961d4802c637b594e1480a2fe6acbeb54fbe6d0da762e969e80952b7b10f366997ea0e8e80947d6035ce82870d5 SHA512 adfaaf35014f398710fdfcb4c0f572a8f5a964d1d044d1b3f88d21de400d5789fde8bc7b7e0a51dd17fb8cd29d2b8852b7a1fd708f4187c1d236d44a874aa7bd
+EBUILD nftables-0.9.2-r2.ebuild 3743 BLAKE2B d8ec11d829b812dbd829b966d2578d207b0a9d21963bfc2764394abba6175157bf0980b51690731cbf0581558cd902aeb0797d5aa0bac60a9cdef6699f99ff6e SHA512 9751e9d562e677c3927ce3cc19d86b978b5dfd5502ee0a31e5d8d10031e994751f97bb53152ac1ccbc1fc030e57851edc14fa33e6bd0a0240fa540217e8b8840
+EBUILD nftables-0.9.3-r1.ebuild 3752 BLAKE2B f963feb1307a691b4735feefd0ea07f2beedb87663197e22c090918dab51c836760264cb5fc1df1244d362bc4c286a5c50b9eefa3e087a06c31b84a018f27ecf SHA512 5846aaa9cabde88d0b7bbacc3383c849eb666537796ba0a1dae1b0e42979c76d8a8050f55c351954d52815bdc93aaad58637213dccceb5d6bbe426f452907744
+MISC metadata.xml 918 BLAKE2B 8c2c39f04e2c5591ea06788788d244bddc1cdc25780810b2a19e131d43d0bdf964d2129c01605fc536451cb9a3354420a1c2f656dad45c56dec4f360a95fe473 SHA512 08de9d11f48dcb132eb5423de56b458dd4c4122329b84b56c252436c882b7670233f2217cc01755649f27e14ff9346cf99e3a742224567e712f5cb3678165dcf
diff --git a/net-firewall/nftables/metadata.xml b/net-firewall/nftables/metadata.xml
index 0984d13e0f03..0380331d5106 100644
--- a/net-firewall/nftables/metadata.xml
+++ b/net-firewall/nftables/metadata.xml
@@ -16,7 +16,7 @@
 	<use>
 		<flag name="doc">Create man pages for the package (requires <pkg>app-text/asciidoc</pkg>)</flag>
 		<flag name="json">Enable JSON support via <pkg>dev-libs/jansson</pkg></flag>
-		<flag name="modern_kernel">Install init scripts for 3.18 or higher kernels with atomic rule updates</flag>
+		<flag name="modern-kernel">Install init scripts for 3.18 or higher kernels with atomic rule updates</flag>
 		<flag name="xtables">Add libxtables support to try to automatically translate rules added by iptables-compat</flag>
 	</use>
 </pkgmetadata>
diff --git a/net-firewall/nftables/nftables-0.9.0-r5.ebuild b/net-firewall/nftables/nftables-0.9.0-r5.ebuild
index 24530d29291c..dc29d33b649e 100644
--- a/net-firewall/nftables/nftables-0.9.0-r5.ebuild
+++ b/net-firewall/nftables/nftables-0.9.0-r5.ebuild
@@ -12,7 +12,7 @@ SRC_URI="https://git.netfilter.org/nftables/snapshot/v${PV}.tar.gz -> ${P}.tar.g
 LICENSE="GPL-2"
 SLOT="0"
 KEYWORDS="amd64 arm ~arm64 ia64 x86"
-IUSE="debug doc +gmp json +modern_kernel +readline"
+IUSE="debug doc +gmp json +modern-kernel +readline"
 
 RDEPEND=">=net-libs/libmnl-1.0.3:0=
 	gmp? ( dev-libs/gmp:0= )
@@ -31,8 +31,8 @@ S="${WORKDIR}/v${PV}"
 
 pkg_setup() {
 	if kernel_is ge 3 13; then
-		if use modern_kernel && kernel_is lt 3 18; then
-			eerror "The modern_kernel USE flag requires kernel version 3.18 or newer to work properly."
+		if use modern-kernel && kernel_is lt 3 18; then
+			eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly."
 		fi
 		CONFIG_CHECK="~NF_TABLES"
 		linux-info_pkg_setup
@@ -62,7 +62,7 @@ src_install() {
 	default
 
 	local mksuffix=""
-	use modern_kernel && mksuffix="-mk"
+	use modern-kernel && mksuffix="-mk"
 
 	exeinto /usr/libexec/${PN}
 	newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh
@@ -84,7 +84,7 @@ pkg_postinst() {
 	# In order for the nftables-restore systemd service to start
 	# the save_file must exist.
 	if [[ ! -f "${save_file}" ]]; then
-		touch "${save_file}"
+		( umask 177; touch "${save_file}" )
 	elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then
 		ewarn "Your system has dangerous permissions for ${save_file}"
 		ewarn "It is probably affected by bug #691326."
diff --git a/net-firewall/nftables/nftables-0.9.0-r4.ebuild b/net-firewall/nftables/nftables-0.9.0-r6.ebuild
index e56ff112a6b7..90884e99c1c3 100644
--- a/net-firewall/nftables/nftables-0.9.0-r4.ebuild
+++ b/net-firewall/nftables/nftables-0.9.0-r6.ebuild
@@ -11,8 +11,8 @@ SRC_URI="https://git.netfilter.org/nftables/snapshot/v${PV}.tar.gz -> ${P}.tar.g
 
 LICENSE="GPL-2"
 SLOT="0"
-KEYWORDS="amd64 arm ~arm64 ia64 x86"
-IUSE="debug doc +gmp json +modern_kernel +readline"
+KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~x86"
+IUSE="debug doc +gmp json +modern-kernel +readline"
 
 RDEPEND=">=net-libs/libmnl-1.0.3:0=
 	gmp? ( dev-libs/gmp:0= )
@@ -31,8 +31,8 @@ S="${WORKDIR}/v${PV}"
 
 pkg_setup() {
 	if kernel_is ge 3 13; then
-		if use modern_kernel && kernel_is lt 3 18; then
-			eerror "The modern_kernel USE flag requires kernel version 3.18 or newer to work properly."
+		if use modern-kernel && kernel_is lt 3 18; then
+			eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly."
 		fi
 		CONFIG_CHECK="~NF_TABLES"
 		linux-info_pkg_setup
@@ -62,7 +62,7 @@ src_install() {
 	default
 
 	local mksuffix=""
-	use modern_kernel && mksuffix="-mk"
+	use modern-kernel && mksuffix="-mk"
 
 	exeinto /usr/libexec/${PN}
 	newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh
@@ -72,7 +72,7 @@ src_install() {
 
 	systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service
 
-	docinto /usr/share/doc/${PF}/skels
+	docinto skels
 	dodoc "${D}"/etc/nftables/*
 	rm -R "${D}"/etc/nftables
 }
@@ -83,8 +83,14 @@ pkg_postinst() {
 
 	# In order for the nftables-restore systemd service to start
 	# the save_file must exist.
-	if [[ ! -f ${save_file} ]]; then
-		touch ${save_file}
+	if [[ ! -f "${save_file}" ]]; then
+		( umask 177; touch "${save_file}" )
+	elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then
+		ewarn "Your system has dangerous permissions for ${save_file}"
+		ewarn "It is probably affected by bug #691326."
+		ewarn "You may need to fix the permissions of the file. To do so,"
+		ewarn "you can run the command in the line below as root."
+		ewarn "    'chmod 600 \"${save_file}\"'"
 	fi
 
 	elog "If you wish to enable the firewall rules on boot (on systemd) you"
diff --git a/net-firewall/nftables/nftables-0.9.1-r1.ebuild b/net-firewall/nftables/nftables-0.9.1-r2.ebuild
index 5752d73a1b96..fab18474325d 100644
--- a/net-firewall/nftables/nftables-0.9.1-r1.ebuild
+++ b/net-firewall/nftables/nftables-0.9.1-r2.ebuild
@@ -15,7 +15,7 @@ SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2"
 LICENSE="GPL-2"
 SLOT="0"
 KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~x86"
-IUSE="debug +doc +gmp json +modern_kernel python +readline static-libs xtables"
+IUSE="debug +doc +gmp json +modern-kernel python +readline static-libs xtables"
 
 RDEPEND="
 	>=net-libs/libmnl-1.0.3:0=
@@ -57,8 +57,8 @@ python_make() {
 
 pkg_setup() {
 	if kernel_is ge 3 13; then
-		if use modern_kernel && kernel_is lt 3 18; then
-			eerror "The modern_kernel USE flag requires kernel version 3.18 or newer to work properly."
+		if use modern-kernel && kernel_is lt 3 18; then
+			eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly."
 		fi
 		CONFIG_CHECK="~NF_TABLES"
 		linux-info_pkg_setup
@@ -71,9 +71,9 @@ src_prepare() {
 	default
 
 	# fix installation path for doc stuff
-	sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}@' \
+	sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \
 		-i files/nftables/Makefile.am || die
-	sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/osf@' \
+	sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \
 		-i files/osf/Makefile.am || die
 
 	eautoreconf
@@ -106,7 +106,7 @@ src_compile() {
 src_install() {
 	default
 
-	local mksuffix="$(usex modern_kernel '-mk' '')"
+	local mksuffix="$(usex modern-kernel '-mk' '')"
 
 	exeinto /usr/libexec/${PN}
 	newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh
@@ -130,7 +130,7 @@ pkg_postinst() {
 	# In order for the nftables-restore systemd service to start
 	# the save_file must exist.
 	if [[ ! -f "${save_file}" ]]; then
-		touch "${save_file}"
+		( umask 177; touch "${save_file}" )
 	elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then
 		ewarn "Your system has dangerous permissions for ${save_file}"
 		ewarn "It is probably affected by bug #691326."
diff --git a/net-firewall/nftables/nftables-0.9.2-r1.ebuild b/net-firewall/nftables/nftables-0.9.2-r2.ebuild
index d35797947814..a6478ad1215c 100644
--- a/net-firewall/nftables/nftables-0.9.2-r1.ebuild
+++ b/net-firewall/nftables/nftables-0.9.2-r2.ebuild
@@ -15,7 +15,7 @@ SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2"
 LICENSE="GPL-2"
 SLOT="0"
 KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~sparc ~x86"
-IUSE="debug +doc +gmp json +modern_kernel python +readline static-libs xtables"
+IUSE="debug +doc +gmp json +modern-kernel python +readline static-libs xtables"
 
 RDEPEND="
 	>=net-libs/libmnl-1.0.3:0=
@@ -52,8 +52,8 @@ python_make() {
 
 pkg_setup() {
 	if kernel_is ge 3 13; then
-		if use modern_kernel && kernel_is lt 3 18; then
-			eerror "The modern_kernel USE flag requires kernel version 3.18 or newer to work properly."
+		if use modern-kernel && kernel_is lt 3 18; then
+			eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly."
 		fi
 		CONFIG_CHECK="~NF_TABLES"
 		linux-info_pkg_setup
@@ -66,9 +66,9 @@ src_prepare() {
 	default
 
 	# fix installation path for doc stuff
-	sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}@' \
+	sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \
 		-i files/nftables/Makefile.am || die
-	sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/osf@' \
+	sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \
 		-i files/osf/Makefile.am || die
 
 	eautoreconf
@@ -101,7 +101,7 @@ src_compile() {
 src_install() {
 	default
 
-	local mksuffix="$(usex modern_kernel '-mk' '')"
+	local mksuffix="$(usex modern-kernel '-mk' '')"
 
 	exeinto /usr/libexec/${PN}
 	newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh
@@ -125,7 +125,7 @@ pkg_postinst() {
 	# In order for the nftables-restore systemd service to start
 	# the save_file must exist.
 	if [[ ! -f "${save_file}" ]]; then
-		touch "${save_file}"
+		( umask 177; touch "${save_file}" )
 	elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then
 		ewarn "Your system has dangerous permissions for ${save_file}"
 		ewarn "It is probably affected by bug #691326."
diff --git a/net-firewall/nftables/nftables-0.9.3-r1.ebuild b/net-firewall/nftables/nftables-0.9.3-r1.ebuild
new file mode 100644
index 000000000000..7f18d19e3468
--- /dev/null
+++ b/net-firewall/nftables/nftables-0.9.3-r1.ebuild
@@ -0,0 +1,144 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{5,6,7} )
+
+inherit autotools linux-info python-r1 systemd
+
+DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools"
+HOMEPAGE="https://netfilter.org/projects/nftables/"
+#SRC_URI="https://git.netfilter.org/nftables/snapshot/v${PV}.tar.gz -> ${P}.tar.gz"
+SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~sparc ~x86"
+IUSE="debug +doc +gmp json +modern-kernel python +readline static-libs xtables"
+
+RDEPEND="
+	>=net-libs/libmnl-1.0.3:0=
+	gmp? ( dev-libs/gmp:0= )
+	json? ( dev-libs/jansson )
+	python? ( ${PYTHON_DEPS} )
+	readline? ( sys-libs/readline:0= )
+	>=net-libs/libnftnl-1.1.5:0=
+	xtables? ( >=net-firewall/iptables-1.6.1 )
+"
+
+DEPEND="${RDEPEND}"
+
+BDEPEND="
+	doc? ( app-text/asciidoc )
+	>=app-text/docbook2X-0.8.8-r4
+	sys-devel/bison
+	sys-devel/flex
+	virtual/pkgconfig
+"
+
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
+
+#S="${WORKDIR}/v${PV}"
+
+python_make() {
+	emake \
+		-C py \
+		abs_builddir="${S}" \
+		DESTDIR="${D}" \
+		PYTHON_BIN="${PYTHON}" \
+		${@}
+}
+
+pkg_setup() {
+	if kernel_is ge 3 13; then
+		if use modern-kernel && kernel_is lt 3 18; then
+			eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly."
+		fi
+		CONFIG_CHECK="~NF_TABLES"
+		linux-info_pkg_setup
+	else
+		eerror "This package requires kernel version 3.13 or newer to work properly."
+	fi
+}
+
+src_prepare() {
+	default
+
+	# fix installation path for doc stuff
+	sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \
+		-i files/nftables/Makefile.am || die
+	sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \
+		-i files/osf/Makefile.am || die
+
+	eautoreconf
+}
+
+src_configure() {
+	local myeconfargs=(
+		# We handle python separately
+		--disable-python
+		--sbindir="${EPREFIX}"/sbin
+		$(use_enable debug)
+		$(use_enable doc man-doc)
+		$(use_with !gmp mini_gmp)
+		$(use_with json)
+		$(use_with readline cli readline)
+		$(use_enable static-libs static)
+		$(use_with xtables)
+	)
+	econf "${myeconfargs[@]}"
+}
+
+src_compile() {
+	default
+
+	if use python ; then
+		python_foreach_impl python_make
+	fi
+}
+
+src_install() {
+	default
+
+	local mksuffix="$(usex modern-kernel '-mk' '')"
+
+	exeinto /usr/libexec/${PN}
+	newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh
+	newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN}
+	newinitd "${FILESDIR}"/${PN}${mksuffix}.init ${PN}
+	keepdir /var/lib/nftables
+
+	systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service
+
+	if use python ; then
+		python_foreach_impl python_make install
+	fi
+
+	find "${ED}" -type f -name "*.la" -delete || die
+}
+
+pkg_postinst() {
+	local save_file
+	save_file="${EROOT}/var/lib/nftables/rules-save"
+
+	# In order for the nftables-restore systemd service to start
+	# the save_file must exist.
+	if [[ ! -f "${save_file}" ]]; then
+		( umask 177; touch "${save_file}" )
+	elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then
+		ewarn "Your system has dangerous permissions for ${save_file}"
+		ewarn "It is probably affected by bug #691326."
+		ewarn "You may need to fix the permissions of the file. To do so,"
+		ewarn "you can run the command in the line below as root."
+		ewarn "    'chmod 600 \"${save_file}\"'"
+	fi
+
+	elog "If you wish to enable the firewall rules on boot (on systemd) you"
+	elog "will need to enable the nftables-restore service."
+	elog "    'systemd_enable_service basic.target ${PN}-restore.service'"
+	elog
+	elog "If you are creating firewall rules before the next system restart "
+	elog "the nftables-restore service must be manually started in order to "
+	elog "save those rules on shutdown."
+}