forked from pool/openvswitch
Accepting request 871475 from home:jaicaa:branches:network
Forgot to remove the patches *sigh* OBS-URL: https://build.opensuse.org/request/show/871475 OBS-URL: https://build.opensuse.org/package/show/network/openvswitch?expand=0&rev=211
This commit is contained in:
parent
6a20ec084e
commit
12d7ab0ed5
@ -1,56 +0,0 @@
|
||||
From 0723a7b85fa446bbe372567f9e06869041982e9b Mon Sep 17 00:00:00 2001
|
||||
From: Boleslaw Tokarski <boleslaw.tokarski@jollamobile.com>
|
||||
Date: Wed, 8 Apr 2020 11:47:20 +0100
|
||||
Subject: [PATCH 1/2] ipsec: Fix Strongswan configuration syntax.
|
||||
|
||||
Strongswan seems to have .opt files in the source tree with the dotted
|
||||
option syntax. It seems that up until version 5.6, the syntax was also
|
||||
accepted by Strongswan.
|
||||
|
||||
However, the .opt files are converted to .conf files during Strongswan
|
||||
build, and the dotted syntax is no longer accepted by Strongswan (tested
|
||||
on 5.8.2).
|
||||
|
||||
The effect was that the ovs ipsec monitor fails to start Strongswan,
|
||||
since that complains with:
|
||||
/etc/strongswan.d/ovs.conf:4: syntax error, unexpected ., expecting : or '{' or '=' [.]
|
||||
|
||||
This commit fixes the configuration file provided to Strongswan to .conf
|
||||
syntax.
|
||||
|
||||
Signed-off-by: Boleslaw Tokarski <boleslaw.tokarski@jollamobile.com>
|
||||
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
|
||||
---
|
||||
ipsec/ovs-monitor-ipsec.in | 16 ++++++++++++----
|
||||
1 file changed, 12 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/ipsec/ovs-monitor-ipsec.in b/ipsec/ovs-monitor-ipsec.in
|
||||
index 37e370324..da8b92b6c 100755
|
||||
--- a/ipsec/ovs-monitor-ipsec.in
|
||||
+++ b/ipsec/ovs-monitor-ipsec.in
|
||||
@@ -145,10 +145,18 @@ class StrongSwanHelper(object):
|
||||
"""This class does StrongSwan specific configurations."""
|
||||
|
||||
STRONGSWAN_CONF = """%s
|
||||
-charon.plugins.kernel-netlink.set_proto_port_transport_sa = yes
|
||||
-charon.plugins.kernel-netlink.xfrm_ack_expires = 10
|
||||
-charon.load_modular = yes
|
||||
-charon.plugins.gcm.load = yes
|
||||
+charon {
|
||||
+ plugins {
|
||||
+ kernel-netlink {
|
||||
+ set_proto_port_transport_sa = yes
|
||||
+ xfrm_ack_expires = 10
|
||||
+ }
|
||||
+ gcm {
|
||||
+ load = yes
|
||||
+ }
|
||||
+ }
|
||||
+ load_modular = yes
|
||||
+}
|
||||
""" % (FILE_HEADER)
|
||||
|
||||
CONF_HEADER = """%s
|
||||
--
|
||||
2.26.2
|
||||
|
@ -1,48 +0,0 @@
|
||||
From c349652c106b4c4e54e5a4a2f05546d35a801601 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Jaime=20Caama=C3=B1o=20Ruiz?= <jcaamano@suse.com>
|
||||
Date: Tue, 5 May 2020 18:41:30 +0200
|
||||
Subject: [PATCH] rhel: Fix reload of OVS_USER_ID on startup
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
OVS_USER_ID was being picked up from a previously existing
|
||||
openvswitch.useropts rendering innefective any configuration change
|
||||
through sysconfig.
|
||||
|
||||
There is no explicit ordering between Exec* and Environment* stanzas of
|
||||
systemd, full enviroment is always reloaded before each Exec. We make
|
||||
sure that openvswitch.useropts is removed first so that a fresh
|
||||
OVS_USER_ID can be picked up from config.
|
||||
|
||||
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@suse.com>
|
||||
---
|
||||
rhel/usr_lib_systemd_system_ovsdb-server.service | 10 ++++++++--
|
||||
1 file changed, 8 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/rhel/usr_lib_systemd_system_ovsdb-server.service b/rhel/usr_lib_systemd_system_ovsdb-server.service
|
||||
index 4c170c09b..98338b9df 100644
|
||||
--- a/rhel/usr_lib_systemd_system_ovsdb-server.service
|
||||
+++ b/rhel/usr_lib_systemd_system_ovsdb-server.service
|
||||
@@ -11,10 +11,16 @@ PIDFile=/var/run/openvswitch/ovsdb-server.pid
|
||||
Restart=on-failure
|
||||
EnvironmentFile=/etc/openvswitch/default.conf
|
||||
EnvironmentFile=-/etc/sysconfig/openvswitch
|
||||
+EnvironmentFile=-/run/openvswitch.useropts
|
||||
+
|
||||
+# Environment is reloaded for each Exec*, make sure to
|
||||
+# remove openvswitch.useropts first to reload a fresh
|
||||
+# OVS_USER_ID from default.conf or sysconfig.
|
||||
+ExecStartPre=/usr/bin/rm -f /run/openvswitch.useropts
|
||||
+
|
||||
ExecStartPre=-/usr/bin/chown ${OVS_USER_ID} /var/run/openvswitch /var/log/openvswitch
|
||||
-ExecStartPre=/bin/sh -c 'rm -f /run/openvswitch.useropts; /usr/bin/echo "OVS_USER_ID=${OVS_USER_ID}" > /run/openvswitch.useropts'
|
||||
+ExecStartPre=/bin/sh -c '/usr/bin/echo "OVS_USER_ID=${OVS_USER_ID}" > /run/openvswitch.useropts'
|
||||
ExecStartPre=/bin/sh -c 'if [ "$${OVS_USER_ID/:*/}" != "root" ]; then /usr/bin/echo "OVS_USER_OPT=--ovs-user=${OVS_USER_ID}" >> /run/openvswitch.useropts; fi'
|
||||
-EnvironmentFile=-/run/openvswitch.useropts
|
||||
ExecStart=/usr/share/openvswitch/scripts/ovs-ctl \
|
||||
--no-ovs-vswitchd --no-monitor --system-id=random \
|
||||
${OVS_USER_OPT} \
|
||||
--
|
||||
2.16.4
|
||||
|
Loading…
Reference in New Issue
Block a user