diff options
author | Daniil Baturin <daniil@vyos.io> | 2021-07-13 08:07:58 -0500 |
---|---|---|
committer | Daniil Baturin <daniil@vyos.io> | 2021-07-13 08:21:46 -0500 |
commit | bc0c0bbf52a13855481e82a958cba833de45d310 (patch) | |
tree | 4559cda9dfd332a2f35562bb816394077c07ef36 | |
parent | e9c427d9edf215bd348ad58e27d0e6e365dfb7f1 (diff) | |
download | vyos-1x-bc0c0bbf52a13855481e82a958cba833de45d310.tar.gz vyos-1x-bc0c0bbf52a13855481e82a958cba833de45d310.zip |
T3663: use inotify-based watching for the IPsec process restart.
-rwxr-xr-x | src/conf_mode/ipsec-settings.py | 23 |
1 files changed, 11 insertions, 12 deletions
diff --git a/src/conf_mode/ipsec-settings.py b/src/conf_mode/ipsec-settings.py index a65e8b567..b59063fcd 100755 --- a/src/conf_mode/ipsec-settings.py +++ b/src/conf_mode/ipsec-settings.py @@ -22,7 +22,7 @@ from sys import exit from vyos.config import Config from vyos import ConfigError -from vyos.util import call +from vyos.util import call, wait_for_file_write_complete from vyos.template import render from vyos import airbag @@ -203,17 +203,16 @@ def generate(data): remove_confs(delim_ipsec_l2tp_begin, delim_ipsec_l2tp_end, ipsec_conf_file) def restart_ipsec(): - call('ipsec restart >&/dev/null') - # counter for apply swanctl config - counter = 10 - while counter <= 10: - if os.path.exists(charon_pidfile): - call('swanctl -q >&/dev/null') - break - counter -=1 - sleep(1) - if counter == 0: - raise ConfigError('VPN configuration error: IPSec is not running.') + try: + wait_for_file_write_complete(charon_pidfile, + pre_hook=(lambda: call('ipsec restart >&/dev/null')), + timeout=10) + + # Force configuration load + call('swanctl -q >&/dev/null') + + except OSError: + raise ConfigError('VPN configuration error: IPSec process did not start.') def apply(data): # Restart IPSec daemon |