3 files changed, 178 insertions, 9 deletions

diff --git a/debian/changelog b/debian/changelog
index 1e41734f..bd9e876e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,31 @@
+vyatta-cfg-system (0.9) unstable; urgency=low
+
+  3.0.5
+
+
+ -- Mark O'Brien <mobrien@vyatta.com>  Tue, 06 May 2008 12:43:15 -0700
+
+vyatta-cfg-system (0.8) unstable; urgency=low
+
+  3.0.4
+  [ Mark O'Brien ]
+
+
+  [ An-Cheng Huang ]
+  * fix for bug 3225: only insert sudoers if not present.
+
+  [ Stig Thormodsrud ]
+  * Mimic the transaction mechanism to only restart the vrrp daemon
+    once/commit.
+
+  [ rbalocca ]
+  * config.boot.default is not moved to the top level repo (build-
+    iso.git)
+
+  [ Mark O'Brien ]
+
+ -- Mark O'Brien <mobrien@vyatta.com>  Mon, 05 May 2008 16:40:35 -0700
+
 vyatta-cfg-system (0.7) unstable; urgency=low
 
   3.0.3
diff --git a/debian/vyatta-cfg-system.postinst.in b/debian/vyatta-cfg-system.postinst.in
index 54931692..a627c4af 100644
--- a/debian/vyatta-cfg-system.postinst.in
+++ b/debian/vyatta-cfg-system.postinst.in
@@ -30,7 +30,9 @@ if [ "$sysconfdir" != "/etc" ]; then
     fi
 
     # Allow operator to do a limited number of commands without password
-    cat <<"EOF" >>/etc/sudoers
+    if ! grep -q '^%operator ALL=NOPASSWD:' /etc/sudoers; then
+        cat <<"EOF" >>/etc/sudoers
+### BEGIN VYATTA OPERATOR COMMANDS
 Cmnd_Alias IPTABLES = /sbin/iptables --list -n,\
 		      /sbin/iptables -L -vn,\
                       /sbin/iptables -L * -vn,\
@@ -46,7 +48,9 @@ Cmnd_Alias DATE    = /bin/date, /usr/sbin/ntpdate
 Cmnd_Alias PPPOE_CMDS = /sbin/pppd, /sbin/poff
 %operator ALL=NOPASSWD: /sbin/reboot, DATE, IPTABLES, ETHTOOLP, IPFLUSH, \
 			PPPOE_CMDS, /usr/bin/tshark
+### END VYATTA OPERATOR COMMANDS
 EOF
+    fi
 
     # for "users" level (FIXME)
     if ! grep -q "^%users ALL=NOPASSWD: ${bindir}/sudo-users/" /etc/sudoers; then
diff --git a/scripts/keepalived/vyatta-keepalived.pl b/scripts/keepalived/vyatta-keepalived.pl
index 55d53715..c10a1ca7 100755
--- a/scripts/keepalived/vyatta-keepalived.pl
+++ b/scripts/keepalived/vyatta-keepalived.pl
@@ -31,8 +31,12 @@ use Getopt::Long;
 use strict;
 use warnings;
 
+my $changes_file = '/var/log/vrrpd/changes';
+my $conf_file = VyattaKeepalived::get_conf_file();
+
 my %HoA_sync_groups;
 
+
 sub keepalived_get_values {
     my ($intf, $path) = @_;
 
@@ -151,9 +155,130 @@ sub vrrp_get_sync_groups {
     return $output;
 }
 
+sub vrrp_read_changes {
+    my @lines = ();
+    open(my $FILE, "<", $changes_file) or die "Error: read $!";
+    @lines = <$FILE>;
+    close($FILE);
+    chomp @lines;
+    return @lines;
+}
+
+sub vrrp_save_changes {
+    my @list = @_;
+
+    my $num_changes = scalar(@list);
+    VyattaKeepalived::vrrp_log("saving changes file $num_changes");
+    open(my $FILE, ">", $changes_file) or die "Error: write $!";
+    print $FILE join("\n", @list), "\n";
+    close($FILE);
+}
+
+sub vrrp_find_changes {
+
+    my @list = ();
+    my $config = new VyattaConfig;
+    my $vrrp_instances = 0;
+
+    $config->setLevel("interfaces ethernet");
+    my @eths = $config->listNodes();
+    foreach my $eth (@eths) {
+	my $path = "interfaces ethernet $eth";
+	$config->setLevel($path);
+	if ($config->exists("vrrp")) {
+	    my %vrrp_status_hash = $config->listNodeStatus("vrrp");
+	    my ($vrrp, $vrrp_status) = each(%vrrp_status_hash);
+	    if ($vrrp_status ne "static") {
+		push @list, $eth;
+		VyattaKeepalived::vrrp_log("$vrrp_status found $eth");
+	    }
+	}
+	if ($config->exists("vif")) {
+	    my $path = "interfaces ethernet $eth vif";
+	    $config->setLevel($path);
+	    my @vifs = $config->listNodes();
+	    foreach my $vif (@vifs) {	
+		my $vif_intf = $eth . "." . $vif;
+	    	my $vif_path = "$path $vif";
+		$config->setLevel($vif_path);
+		if ($config->exists("vrrp")) {
+		    my %vrrp_status_hash = $config->listNodeStatus("vrrp");
+		    my ($vrrp, $vrrp_status) = each(%vrrp_status_hash);
+		    if ($vrrp_status ne "static") {
+			push @list, "$eth.$vif";
+			VyattaKeepalived::vrrp_log("$vrrp_status found $eth.$vif");
+		    }
+		}
+	    }
+	}
+    }
+
+    #
+    # Now look for deleted from the origin tree
+    #
+    $config->setLevel("interfaces ethernet");
+    @eths = $config->listOrigNodes();
+    foreach my $eth (@eths) {
+	my $path = "interfaces ethernet $eth";
+	$config->setLevel($path);
+	if ($config->isDeleted("vrrp")) {
+		push @list, $eth;
+		VyattaKeepalived::vrrp_log("Delete found $eth");
+	}
+	$config->setLevel("$path vif");
+	my @vifs = $config->listOrigNodes();
+	foreach my $vif (@vifs) {	
+	    my $vif_intf = $eth . "." . $vif;
+	    my $vif_path = "$path vif $vif";
+	    $config->setLevel($vif_path);
+	    if ($config->isDeleted("vrrp")) {
+		push @list, "$eth.$vif";
+		VyattaKeepalived::vrrp_log("Delete found $eth.$vif");
+	    } 
+	}
+    }
+
+    my $num = scalar(@list);
+    VyattaKeepalived::vrrp_log("Start transation: $num changes");
+    if ($num) {
+	vrrp_save_changes(@list);
+    }
+    return $num;
+}
+
+sub remove_from_changes {
+    my $intf = shift;
+
+    my @lines = vrrp_read_changes();
+    if (scalar(@lines) < 1) {
+	#
+	# we shouldn't get to this point, but try to handle it if we do
+	#
+	system("rm -f $changes_file");
+	return 0;
+    }
+    my @new_lines = ();
+    foreach my $line (@lines) {
+	if ($line =~ /$intf$/) {
+	    VyattaKeepalived::vrrp_log("remove_from_changes [$line]");
+	} else {
+	    push @new_lines, $line;
+	}
+    }
+
+    my $num_changes = scalar(@new_lines);
+    if ($num_changes > 0) {
+	vrrp_save_changes(@new_lines);
+    } else {
+	system("rm -f $changes_file");
+    }
+    return $num_changes;
+}
+
 sub vrrp_update_config {
-    my $output;
+    my ($intf) = @_;
 
+    my $output = '';
     my $config = new VyattaConfig;
 
     $config->setLevel("interfaces ethernet");
@@ -190,16 +315,14 @@ sub vrrp_update_config {
 	    }
 	}
     }
-
+      
     if ($vrrp_instances > 0) {
 	my $sync_groups = vrrp_get_sync_groups();
 	if (defined $sync_groups && $sync_groups ne "") {
 	    $output = $sync_groups . $output;
 	}
-	my $conf_file = VyattaKeepalived::get_conf_file();
 	keepalived_write_file($conf_file, $output);
-	VyattaKeepalived::restart_daemon($conf_file);
-    }
+    } 
     return $vrrp_instances;
 }
 
@@ -227,8 +350,22 @@ if (! defined $action) {
 }
 
 if ($action eq "update") {
-    my $vrrp_instances = vrrp_update_config();
-    VyattaKeepalived::vrrp_log("vrrp update $vrrp_intf $vrrp_instances");
+    VyattaKeepalived::vrrp_log("vrrp update $vrrp_intf");
+    if ( ! -e $changes_file) {
+	my $num_changes = vrrp_find_changes();
+	if ($num_changes == 0) {
+	    #
+	    # Shouldn't happen, but ...
+	    #
+	    VyattaKeepalived::vrrp_log("unexpected 0 changes");	    
+	}
+    }
+    my $vrrp_instances = vrrp_update_config($vrrp_intf);
+    my $more_changes = remove_from_changes($vrrp_intf);
+    VyattaKeepalived::vrrp_log(" instances $vrrp_instances, $more_changes");
+    if ($vrrp_instances > 0 and $more_changes == 0) {
+	VyattaKeepalived::restart_daemon($conf_file);
+    } 
     if ($vrrp_instances == 0) {
 	VyattaKeepalived::stop_daemon();
     }
@@ -239,9 +376,9 @@ if ($action eq "delete") {
 	print "must include interface & group";
 	exit 1;
     }
+    VyattaKeepalived::vrrp_log("vrrp delete $vrrp_intf $vrrp_group");
     my $state_file = VyattaKeepalived::get_state_file($vrrp_intf, $vrrp_group);
     system("rm -f $state_file");
-    VyattaKeepalived::vrrp_log("vrrp delete $vrrp_intf $vrrp_group");
     exit 0;
 }