forked from pool/keepalived
Accepting request 563827 from home:lrupp:branches:network
- update to 1.4.0 * Add Linux build and runtime versions to -v output. * Log kernel version and build kernel version to log at startup. * Don't sleep for 1 send when exiting vrrp process if no vrrp instances. * With large configurations the syslog can get flooded and drop output. This commit adds options to not log to syslog, and also to log all output to files. * Add option to only flush log files before forking. * Don't poll netlink for all interfaces each time add a VMAC. We can poll for the individual interface details which significantly reduces what we have to process. * Print interface details in keepalived.data output. * Add high performace child finder code. The code to find the relevant thread to execute afer a child process (either a vrrp track script or a misc_check healthchecker) was doing a linear search for the matching pid, which if there are a large number of child processes running could become time consuming. The code now will enable high performance child finding, based on using mlists hashed by the pid, if there are 32 or more vrrp track scripts or misc check healthcheckers. The size of the mlist is based on the number of scripts, with a limit of 256. * Improve high performance child termination timeout code. * Preserve filename in script path name resolution. Some executables change their behaviour depending on the name by which they are invoked (e.g. /usr/sbin/pidof when it is a link to /usr/sbin/killall5). Using realpath() changes the file name part if it is a symbolic link. This commit resolves all symbolic links to directories, but leaves the file name part unaltered. It then checks the security of both the path to the link and the path to the real file. OBS-URL: https://build.opensuse.org/request/show/563827 OBS-URL: https://build.opensuse.org/package/show/network/keepalived?expand=0&rev=38
This commit is contained in:
parent
c9e3f60abb
commit
7302425093
@ -1,10 +1,10 @@
|
||||
Index: keepalived/etc/init.d/keepalived.suse.init.in
|
||||
Index: keepalived-1.4.0/keepalived/etc/init.d/keepalived.suse.init.in
|
||||
===================================================================
|
||||
--- keepalived/etc/init.d/keepalived.suse.init.in
|
||||
+++ keepalived/etc/init.d/keepalived.suse.init.in
|
||||
--- keepalived-1.4.0.orig/keepalived/etc/init.d/keepalived.suse.init.in
|
||||
+++ keepalived-1.4.0/keepalived/etc/init.d/keepalived.suse.init.in
|
||||
@@ -1,23 +1,23 @@
|
||||
#! /bin/sh
|
||||
|
||||
|
||||
### BEGIN INIT INFO
|
||||
-# Provides: keepalived
|
||||
+# Provides: keepalived
|
||||
@ -20,8 +20,8 @@ Index: keepalived/etc/init.d/keepalived.suse.init.in
|
||||
+# Short-Description: Start keepalived to manage IPVS & LVS
|
||||
+# Description: Start keepalived to manage IPVS & LVS
|
||||
### END INIT INFO
|
||||
|
||||
|
||||
|
||||
|
||||
-DAEMON="Keepalived daemon"
|
||||
-DAEMON_BIN="@sbindir@/keepalived"
|
||||
-DAEMON_CONF="@sysconfdir@/keepalived/keepalived.conf"
|
||||
@ -37,10 +37,10 @@ Index: keepalived/etc/init.d/keepalived.suse.init.in
|
||||
+SUPPORTS_HUP='yes'
|
||||
# PidFile @localstatedir@/run/keepalived.pid
|
||||
# DatabaseOwner root
|
||||
|
||||
@@ -25,6 +25,18 @@ pid_par=${DAEMON_PIDFILE:+"-p $DAEMON_PIDFILE"}
|
||||
|
||||
@@ -25,6 +25,18 @@ pid_par=${DAEMON_PIDFILE:+"-p $DAEMON_PI
|
||||
usr_par=${DAEMON_USER:+"-u $DAEMON_USER"}
|
||||
|
||||
|
||||
test -x $DAEMON_BIN || exit 5
|
||||
+test -x $DAEMON_BIN || { echo "$DAEMON_BIN not installed or executable";
|
||||
+ if [ "$1" = "stop" ]; then exit 0;
|
||||
@ -54,12 +54,12 @@ Index: keepalived/etc/init.d/keepalived.suse.init.in
|
||||
+if [ -r "$DAEMON_SYSCONF" ]; then
|
||||
+ . "$DAEMON_SYSCONF"
|
||||
+fi
|
||||
|
||||
|
||||
# Shell functions sourced from /etc/rc.status:
|
||||
# rc_check check and set local and overall rc status
|
||||
@@ -60,71 +72,70 @@ rc_reset
|
||||
test -e $DAEMON_PIDFILE && ! test -s $DAEMON_PIDFILE && rm $DAEMON_PIDFILE
|
||||
|
||||
|
||||
case "$1" in
|
||||
- start)
|
||||
- echo -n "Starting $DAEMON "
|
||||
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:d5bdd25530acf60989222fd92fbfd596e06ecc356a820f4c1015708b76a8d4f3
|
||||
size 719886
|
3
keepalived-1.4.0.tar.gz
Normal file
3
keepalived-1.4.0.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:463b26c134101c57c05a65ac2853a757b922878876b2a9539118de1697c98a01
|
||||
size 731936
|
@ -1,3 +1,58 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Jan 12 08:53:51 UTC 2018 - lars@linux-schulserver.de
|
||||
|
||||
- update to 1.4.0
|
||||
* Add Linux build and runtime versions to -v output.
|
||||
* Log kernel version and build kernel version to log at startup.
|
||||
* Don't sleep for 1 send when exiting vrrp process if no vrrp instances.
|
||||
* With large configurations the syslog can get flooded and drop output.
|
||||
This commit adds options to not log to syslog, and also to log all
|
||||
output to files.
|
||||
* Add option to only flush log files before forking.
|
||||
* Don't poll netlink for all interfaces each time add a VMAC.
|
||||
We can poll for the individual interface details which significantly
|
||||
reduces what we have to process.
|
||||
* Print interface details in keepalived.data output.
|
||||
* Add high performace child finder code.
|
||||
The code to find the relevant thread to execute afer a child process
|
||||
(either a vrrp track script or a misc_check healthchecker) was doing
|
||||
a linear search for the matching pid, which if there are a large number
|
||||
of child processes running could become time consuming.
|
||||
The code now will enable high performance child finding, based on using
|
||||
mlists hashed by the pid, if there are 32 or more vrrp track scripts or
|
||||
misc check healthcheckers. The size of the mlist is based on the number
|
||||
of scripts, with a limit of 256.
|
||||
* Improve high performance child termination timeout code.
|
||||
* Preserve filename in script path name resolution.
|
||||
Some executables change their behaviour depending on the name by
|
||||
which they are invoked (e.g. /usr/sbin/pidof when it is a link to
|
||||
/usr/sbin/killall5). Using realpath() changes the file name part
|
||||
if it is a symbolic link. This commit resolves all symbolic links
|
||||
to directories, but leaves the file name part unaltered. It then
|
||||
checks the security of both the path to the link and the path to
|
||||
the real file.
|
||||
* Handle scripts names that are symbolic links properly.
|
||||
* Fix some RFC SNMP issues.
|
||||
* Fix removing left-over addresses if keepalived aborts.
|
||||
* Update openssl use to stop using deprecated functions
|
||||
openssl from version 1.1 deprecated certain functions that keepalived
|
||||
was using. This commit ceases using those functions if the version
|
||||
of openssl is >= 1.1.
|
||||
* Allow sync groups with only 1 member, but issue a warning.
|
||||
* Add replaceable parameters in configuration files.
|
||||
* Add multiline configuration definitions.
|
||||
* Fix keepalived.conf(5) man page.
|
||||
* Suppress error message when removing leftover addresses at startup.
|
||||
=> find more changes at /usr/share/doc/packages/keepalived/
|
||||
- rebase keepalive-init.patch
|
||||
- use upstream systemd service file instead providing an own one
|
||||
=> removed keepalived.service
|
||||
- remove executable bit from samples in docdir
|
||||
- check that LVS support is enabled
|
||||
- optionally enable dump configuration and stats as JSON (via bcond)
|
||||
=> BuildRequire libjson-c-devel
|
||||
- restrict /etc/keepalived permissions to root
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Nov 27 11:26:58 UTC 2017 - jengelh@inai.de
|
||||
|
||||
|
@ -1,13 +0,0 @@
|
||||
[Unit]
|
||||
Description=LVS and VRRP High Availability Monitor
|
||||
After=syslog.target network.target
|
||||
|
||||
[Service]
|
||||
Type=forking
|
||||
KillMode=process
|
||||
EnvironmentFile=-/etc/sysconfig/keepalived
|
||||
ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS
|
||||
ExecReload=/bin/kill -HUP $MAINPID
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package keepalived
|
||||
#
|
||||
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -27,19 +27,22 @@
|
||||
%bcond_with systemd
|
||||
%endif
|
||||
%bcond_with dbus
|
||||
%bcond_with json
|
||||
|
||||
Name: keepalived
|
||||
Version: 1.3.9
|
||||
Version: 1.4.0
|
||||
Release: 0
|
||||
Summary: A keepalive facility for Linux
|
||||
License: GPL-2.0+
|
||||
Group: Productivity/Networking/Routing
|
||||
Url: http://www.keepalived.org/
|
||||
Source: http://www.keepalived.org/software/keepalived-%{version}.tar.gz
|
||||
Source1: keepalived.service
|
||||
Source: %{name}-%{version}.tar.gz
|
||||
Source2: keepalive-rpmlintrc
|
||||
Patch1: keepalive-init.patch
|
||||
BuildRequires: libnfnetlink-devel
|
||||
%if %{with json}
|
||||
BuildRequires: libjson-c-devel
|
||||
%endif
|
||||
BuildRequires: net-snmp-devel
|
||||
BuildRequires: openssl-devel
|
||||
BuildRequires: pkgconfig
|
||||
@ -76,11 +79,11 @@ Requires: systemd
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
|
||||
%description
|
||||
This project provides facilities for load balancing and high-availability to Linux system and Linux-based
|
||||
infrastructures. The load-balancing framework relies on the
|
||||
Linux Virtual Server (IPVS) kernel module providing Layer4 load balancing.
|
||||
Keepalived implements a set of checkers to dynamically and adaptively maintain
|
||||
and manage loadbalanced server pool according their health.
|
||||
This project provides facilities for load balancing and high-availability to
|
||||
Linux system and Linux-based infrastructures. The load-balancing framework
|
||||
relies on the Linux Virtual Server (IPVS) kernel module providing Layer4 load
|
||||
balancing. Keepalived implements a set of checkers to dynamically and
|
||||
adaptively maintain and manage loadbalanced server pool according their health.
|
||||
High-availability is achieved by the VRRP protocol, a fundamental brick for
|
||||
router failover. In addition, Keepalived implements a set of hooks to the VRRP
|
||||
finite state machine, providing low-level and high-speed protocol interactions.
|
||||
@ -89,7 +92,8 @@ resilient infrastructures.
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch1 -p0
|
||||
%patch1 -p1
|
||||
chmod 644 doc/samples/*
|
||||
|
||||
%build
|
||||
export STRIP=true
|
||||
@ -97,12 +101,19 @@ export CPPFLAGS="$(pkg-config --cflags libnfnetlink libiptc libipset xtables)"
|
||||
export CFLAGS="%optflags -DOPENSSL_NO_SSL_INTERN"
|
||||
%configure \
|
||||
--disable-silent-rules \
|
||||
%if %{with json}
|
||||
--enable-json \
|
||||
%endif
|
||||
--enable-snmp \
|
||||
--enable-snmp-vrrp \
|
||||
%if %{with dbus}
|
||||
--enable-dbus \
|
||||
--enable-dbus-create-instance \
|
||||
%endif
|
||||
%if %{with systemd}
|
||||
--with-init=systemd \
|
||||
--with-systemdsystemunitdir="%{_unitdir}" \
|
||||
%endif
|
||||
--enable-snmp-checker \
|
||||
--enable-snmp-rfc \
|
||||
--enable-snmp-rfcv2 \
|
||||
@ -119,7 +130,6 @@ install -dD -m 0750 %{buildroot}%{_var}/lib/%{name}
|
||||
install -D -m 0644 %{buildroot}/etc/sysconfig/keepalived %{buildroot}%{_fillupdir}/sysconfig.%{name}
|
||||
|
||||
%if %{with systemd}
|
||||
install -D -m0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service
|
||||
ln -s /sbin/service %{buildroot}%{_sbindir}/rckeepalived
|
||||
%else
|
||||
install -D -m 0750 keepalived/etc/init.d/keepalived.suse.init %{buildroot}/etc/init.d/keepalived
|
||||
@ -129,6 +139,14 @@ ln -s /etc/init.d/keepalived %{buildroot}%{_sbindir}/rckeepalived
|
||||
chmod -R o= %{buildroot}/etc/keepalived
|
||||
rm -rv %{buildroot}/etc/keepalived/samples/ %{buildroot}/etc/sysconfig/keepalived
|
||||
|
||||
%check
|
||||
# A build could silently have LVS support disabled if the kernel includes can't
|
||||
# be properly found, we need to avoid that.
|
||||
if ! grep -q "#define _WITH_LVS_ *1" lib/config.h; then
|
||||
%{__echo} "ERROR: We do not want keepalived lacking LVS support." >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
%pre
|
||||
getent group %{name} >/dev/null || /usr/sbin/groupadd -r %{name}
|
||||
getent passwd %{name} >/dev/null || \
|
||||
@ -159,15 +177,20 @@ getent passwd %{name} >/dev/null || \
|
||||
|
||||
%files
|
||||
%defattr(-,root,root)
|
||||
%doc README COPYING ChangeLog
|
||||
%doc AUTHOR ChangeLog CONTRIBUTORS COPYING README
|
||||
%doc %{_datadir}/doc/keepalived/
|
||||
%config(noreplace) %attr(-,root,keepalived) /etc/keepalived/
|
||||
%doc doc/samples/
|
||||
%doc doc/keepalived.conf.SYNOPSIS doc/NOTE_vrrp_vmac.txt
|
||||
%dir %{_sysconfdir}/keepalived
|
||||
%dir %attr(-,keepalived,keepalived) %{_var}/lib/%{name}
|
||||
%{_fillupdir}/sysconfig.%{name}
|
||||
%config(noreplace) %{_sysconfdir}/keepalived/*conf
|
||||
%{_bindir}/genhash
|
||||
%{_sbindir}/rckeepalived
|
||||
%{_sbindir}/keepalived
|
||||
%{_mandir}/man1/genhash.1.gz
|
||||
%{_mandir}/man5/keepalived.conf.5.gz
|
||||
%{_mandir}/man8/keepalived.8.gz
|
||||
%{_mandir}/man1/genhash.1*
|
||||
%{_mandir}/man5/keepalived.conf.5*
|
||||
%{_mandir}/man8/keepalived.8*
|
||||
%{_datadir}/snmp/mibs/KEEPALIVED-MIB.txt
|
||||
%{_datadir}/snmp/mibs/VRRP-MIB.txt
|
||||
%{_datadir}/snmp/mibs/VRRPv3-MIB.txt
|
||||
@ -183,10 +206,5 @@ getent passwd %{name} >/dev/null || \
|
||||
%else
|
||||
/etc/init.d/keepalived
|
||||
%endif
|
||||
%dir %attr(-,keepalived,keepalived) %{_var}/lib/%{name}
|
||||
%{_fillupdir}/sysconfig.%{name}
|
||||
%doc AUTHOR ChangeLog CONTRIBUTORS COPYING README
|
||||
%doc doc/samples/
|
||||
%doc doc/keepalived.conf.SYNOPSIS doc/NOTE_vrrp_vmac.txt
|
||||
|
||||
%changelog
|
||||
|
Loading…
x
Reference in New Issue
Block a user