summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniil Baturin <daniil@vyos.io>2021-07-13 08:07:58 -0500
committerDaniil Baturin <daniil@vyos.io>2021-07-13 08:21:46 -0500
commitbc0c0bbf52a13855481e82a958cba833de45d310 (patch)
tree4559cda9dfd332a2f35562bb816394077c07ef36
parente9c427d9edf215bd348ad58e27d0e6e365dfb7f1 (diff)
downloadvyos-1x-bc0c0bbf52a13855481e82a958cba833de45d310.tar.gz
vyos-1x-bc0c0bbf52a13855481e82a958cba833de45d310.zip
T3663: use inotify-based watching for the IPsec process restart.
-rwxr-xr-xsrc/conf_mode/ipsec-settings.py23
1 files changed, 11 insertions, 12 deletions
diff --git a/src/conf_mode/ipsec-settings.py b/src/conf_mode/ipsec-settings.py
index a65e8b567..b59063fcd 100755
--- a/src/conf_mode/ipsec-settings.py
+++ b/src/conf_mode/ipsec-settings.py
@@ -22,7 +22,7 @@ from sys import exit
from vyos.config import Config
from vyos import ConfigError
-from vyos.util import call
+from vyos.util import call, wait_for_file_write_complete
from vyos.template import render
from vyos import airbag
@@ -203,17 +203,16 @@ def generate(data):
remove_confs(delim_ipsec_l2tp_begin, delim_ipsec_l2tp_end, ipsec_conf_file)
def restart_ipsec():
- call('ipsec restart >&/dev/null')
- # counter for apply swanctl config
- counter = 10
- while counter <= 10:
- if os.path.exists(charon_pidfile):
- call('swanctl -q >&/dev/null')
- break
- counter -=1
- sleep(1)
- if counter == 0:
- raise ConfigError('VPN configuration error: IPSec is not running.')
+ try:
+ wait_for_file_write_complete(charon_pidfile,
+ pre_hook=(lambda: call('ipsec restart >&/dev/null')),
+ timeout=10)
+
+ # Force configuration load
+ call('swanctl -q >&/dev/null')
+
+ except OSError:
+ raise ConfigError('VPN configuration error: IPSec process did not start.')
def apply(data):
# Restart IPSec daemon