From 33db81f8055fa471d3b0b6cdf78c2a057c11a0fc Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Fri, 19 Aug 2022 18:55:24 +0200
Subject: ethernet: T4538: fix wrong systemd unit used for EAPoL

When MACsec was bound to an ethernet interface and the underlaying
source-interface got changed (even description only) this terminated the
MACsec session running on top of it.

The root cause is when EAPoL was implemented in commit d59354e52a8a7f we
re-used the same systemd unit which is responsible for MACsec. That indeed lead
to the fact that wpa_supplicant was always stopped when anything happened on
the underlaying source-interface that was not related to EAPoL.

(cherry picked from commit f92a23ef9ab8be59681e5b7ba627e399d89bce53)
---
 src/conf_mode/interfaces-ethernet.py                          |  4 ++--
 .../system/wpa_supplicant-wired@.service.d/override.conf      | 11 +++++++++++
 2 files changed, 13 insertions(+), 2 deletions(-)
 create mode 100644 src/etc/systemd/system/wpa_supplicant-wired@.service.d/override.conf

(limited to 'src')

diff --git a/src/conf_mode/interfaces-ethernet.py b/src/conf_mode/interfaces-ethernet.py
index e8236bf89..75690dd81 100755
--- a/src/conf_mode/interfaces-ethernet.py
+++ b/src/conf_mode/interfaces-ethernet.py
@@ -153,9 +153,9 @@ def apply(ethernet):
     else:
         e.update(ethernet)
         if 'eapol' in ethernet:
-            eapol_action='restart'
+            eapol_action='reload-or-restart'
 
-    call(f'systemctl {eapol_action} wpa_supplicant-macsec@{ifname}')
+    call(f'systemctl {eapol_action} wpa_supplicant-wired@{ifname}')
 
 if __name__ == '__main__':
     try:
diff --git a/src/etc/systemd/system/wpa_supplicant-wired@.service.d/override.conf b/src/etc/systemd/system/wpa_supplicant-wired@.service.d/override.conf
new file mode 100644
index 000000000..030b89a2b
--- /dev/null
+++ b/src/etc/systemd/system/wpa_supplicant-wired@.service.d/override.conf
@@ -0,0 +1,11 @@
+[Unit]
+After=
+After=vyos-router.service
+
+[Service]
+WorkingDirectory=
+WorkingDirectory=/run/wpa_supplicant
+PIDFile=/run/wpa_supplicant/%I.pid
+ExecStart=
+ExecStart=/sbin/wpa_supplicant -c/run/wpa_supplicant/%I.conf -Dwired -P/run/wpa_supplicant/%I.pid -i%I
+ExecReload=/bin/kill -HUP $MAINPID
-- 
cgit v1.2.3