Merge branch 'glendale'glendale

author: rbalocca <rbalocca@vyatta.com> 2008-05-21 16:06:11 -0700
committer: rbalocca <rbalocca@vyatta.com> 2008-05-21 16:06:11 -0700
commit: eafedd1e4106562073de4d20d567496903a9a443 (patch)
tree: 5319c720b6752c1f5d58b97e8ca923f8901ce816
parent: 24802bd1a1ec56812001e92ad158bc2f08bb1ee6 (diff)
parent: a3aa2f7e17e1cccfc9334a61547e48e156d5453b (diff)
download: vyatta-cfg-system-glendale.tar.gz
vyatta-cfg-system-glendale.zip
7 files changed, 194 insertions, 50 deletions
diff --git a/Makefile.am b/Makefile.am
index 949aba4a..9e35f778 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -38,7 +38,6 @@ sysconf_DATA += sysconf/logrotate_messages
 sysconf_DATA += sysconf/motd.tail
 sysconf_DATA += sysconf/syslog.conf
 sysconf_DATA += sysconf/default_ssh
-sysconf_DATA += sysconf/config.boot.default
 
 libudev_SCRIPTS	 = scripts/vyatta_net_name
 etcudev_DATA	 = sysconf/vyatta-net.rules
diff --git a/debian/changelog b/debian/changelog
index 263a6f69..bd9e876e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,47 @@
+vyatta-cfg-system (0.9) unstable; urgency=low
+
+  3.0.5
+
+
+ -- Mark O'Brien <mobrien@vyatta.com>  Tue, 06 May 2008 12:43:15 -0700
+
+vyatta-cfg-system (0.8) unstable; urgency=low
+
+  3.0.4
+  [ Mark O'Brien ]
+
+
+  [ An-Cheng Huang ]
+  * fix for bug 3225: only insert sudoers if not present.
+
+  [ Stig Thormodsrud ]
+  * Mimic the transaction mechanism to only restart the vrrp daemon
+    once/commit.
+
+  [ rbalocca ]
+  * config.boot.default is not moved to the top level repo (build-
+    iso.git)
+
+  [ Mark O'Brien ]
+
+ -- Mark O'Brien <mobrien@vyatta.com>  Mon, 05 May 2008 16:40:35 -0700
+
+vyatta-cfg-system (0.7) unstable; urgency=low
+
+  3.0.3
+  [ Mark O'Brien ]
+
+
+  [ Stephen Hemminger ]
+  * watchlink is no longer used
+
+  [ rbalocca ]
+  * Indicate the VC4.0.2 release candidate in the changelog
+
+  [ Mark O'Brien ]
+
+ -- Mark O'Brien <mobrien@vyatta.com>  Tue, 29 Apr 2008 16:42:17 -0700
+
 vyatta-cfg-system (0.6) unstable; urgency=low
 
   VC4.0.2
diff --git a/debian/vyatta-cfg-system.postinst.in b/debian/vyatta-cfg-system.postinst.in
index 30cbfd5a..17d1264d 100644
--- a/debian/vyatta-cfg-system.postinst.in
+++ b/debian/vyatta-cfg-system.postinst.in
@@ -30,7 +30,9 @@ if [ "$sysconfdir" != "/etc" ]; then
     fi
 
     # Allow operator to do a limited number of commands without password
-    cat <<"EOF" >>/etc/sudoers
+    if ! grep -q '^%operator ALL=NOPASSWD:' /etc/sudoers; then
+        cat <<"EOF" >>/etc/sudoers
+### BEGIN VYATTA OPERATOR COMMANDS
 Cmnd_Alias IPTABLES = /sbin/iptables --list -n,\
 		      /sbin/iptables -L -vn,\
                       /sbin/iptables -L * -vn,\
@@ -46,7 +48,9 @@ Cmnd_Alias DATE    = /bin/date, /usr/sbin/ntpdate
 Cmnd_Alias PPPOE_CMDS = /sbin/pppd, /sbin/poff
 %operator ALL=NOPASSWD: /sbin/reboot, DATE, IPTABLES, ETHTOOLP, IPFLUSH, \
 			PPPOE_CMDS
+### END VYATTA OPERATOR COMMANDS
 EOF
+    fi
 
     # for "users" level (FIXME)
     if ! grep -q "^%users ALL=NOPASSWD: ${bindir}/sudo-users/" /etc/sudoers; then
diff --git a/scripts/keepalived/vyatta-keepalived.pl b/scripts/keepalived/vyatta-keepalived.pl
index fff1acf1..c4b7909f 100755
--- a/scripts/keepalived/vyatta-keepalived.pl
+++ b/scripts/keepalived/vyatta-keepalived.pl
@@ -31,8 +31,12 @@ use Getopt::Long;
 use strict;
 use warnings;
 
+my $changes_file = '/var/log/vrrpd/changes';
+my $conf_file = VyattaKeepalived::get_conf_file();
+
 my %HoA_sync_groups;
 
+
 sub keepalived_get_values {
     my ($intf, $path) = @_;
 
@@ -136,9 +140,130 @@ sub vrrp_get_sync_groups {
     return $output;
 }
 
+sub vrrp_read_changes {
+    my @lines = ();
+    open(my $FILE, "<", $changes_file) or die "Error: read $!";
+    @lines = <$FILE>;
+    close($FILE);
+    chomp @lines;
+    return @lines;
+}
+
+sub vrrp_save_changes {
+    my @list = @_;
+
+    my $num_changes = scalar(@list);
+    VyattaKeepalived::vrrp_log("saving changes file $num_changes");
+    open(my $FILE, ">", $changes_file) or die "Error: write $!";
+    print $FILE join("\n", @list), "\n";
+    close($FILE);
+}
+
+sub vrrp_find_changes {
+
+    my @list = ();
+    my $config = new VyattaConfig;
+    my $vrrp_instances = 0;
+
+    $config->setLevel("interfaces ethernet");
+    my @eths = $config->listNodes();
+    foreach my $eth (@eths) {
+	my $path = "interfaces ethernet $eth";
+	$config->setLevel($path);
+	if ($config->exists("vrrp")) {
+	    my %vrrp_status_hash = $config->listNodeStatus("vrrp");
+	    my ($vrrp, $vrrp_status) = each(%vrrp_status_hash);
+	    if ($vrrp_status ne "static") {
+		push @list, $eth;
+		VyattaKeepalived::vrrp_log("$vrrp_status found $eth");
+	    }
+	}
+	if ($config->exists("vif")) {
+	    my $path = "interfaces ethernet $eth vif";
+	    $config->setLevel($path);
+	    my @vifs = $config->listNodes();
+	    foreach my $vif (@vifs) {	
+		my $vif_intf = $eth . "." . $vif;
+	    	my $vif_path = "$path $vif";
+		$config->setLevel($vif_path);
+		if ($config->exists("vrrp")) {
+		    my %vrrp_status_hash = $config->listNodeStatus("vrrp");
+		    my ($vrrp, $vrrp_status) = each(%vrrp_status_hash);
+		    if ($vrrp_status ne "static") {
+			push @list, "$eth.$vif";
+			VyattaKeepalived::vrrp_log("$vrrp_status found $eth.$vif");
+		    }
+		}
+	    }
+	}
+    }
+
+    #
+    # Now look for deleted from the origin tree
+    #
+    $config->setLevel("interfaces ethernet");
+    @eths = $config->listOrigNodes();
+    foreach my $eth (@eths) {
+	my $path = "interfaces ethernet $eth";
+	$config->setLevel($path);
+	if ($config->isDeleted("vrrp")) {
+		push @list, $eth;
+		VyattaKeepalived::vrrp_log("Delete found $eth");
+	}
+	$config->setLevel("$path vif");
+	my @vifs = $config->listOrigNodes();
+	foreach my $vif (@vifs) {	
+	    my $vif_intf = $eth . "." . $vif;
+	    my $vif_path = "$path vif $vif";
+	    $config->setLevel($vif_path);
+	    if ($config->isDeleted("vrrp")) {
+		push @list, "$eth.$vif";
+		VyattaKeepalived::vrrp_log("Delete found $eth.$vif");
+	    } 
+	}
+    }
+
+    my $num = scalar(@list);
+    VyattaKeepalived::vrrp_log("Start transation: $num changes");
+    if ($num) {
+	vrrp_save_changes(@list);
+    }
+    return $num;
+}
+
+sub remove_from_changes {
+    my $intf = shift;
+
+    my @lines = vrrp_read_changes();
+    if (scalar(@lines) < 1) {
+	#
+	# we shouldn't get to this point, but try to handle it if we do
+	#
+	system("rm -f $changes_file");
+	return 0;
+    }
+    my @new_lines = ();
+    foreach my $line (@lines) {
+	if ($line =~ /$intf$/) {
+	    VyattaKeepalived::vrrp_log("remove_from_changes [$line]");
+	} else {
+	    push @new_lines, $line;
+	}
+    }
+
+    my $num_changes = scalar(@new_lines);
+    if ($num_changes > 0) {
+	vrrp_save_changes(@new_lines);
+    } else {
+	system("rm -f $changes_file");
+    }
+    return $num_changes;
+}
+
 sub vrrp_update_config {
-    my $output;
+    my ($intf) = @_;
 
+    my $output = '';
     my $config = new VyattaConfig;
 
     $config->setLevel("interfaces ethernet");
@@ -175,16 +300,14 @@ sub vrrp_update_config {
 	    }
 	}
     }
-
+      
     if ($vrrp_instances > 0) {
 	my $sync_groups = vrrp_get_sync_groups();
 	if (defined $sync_groups && $sync_groups ne "") {
 	    $output = $sync_groups . $output;
 	}
-	my $conf_file = VyattaKeepalived::get_conf_file();
 	keepalived_write_file($conf_file, $output);
-	VyattaKeepalived::restart_daemon($conf_file);
-    }
+    } 
     return $vrrp_instances;
 }
 
@@ -212,8 +335,22 @@ if (! defined $action) {
 }
 
 if ($action eq "update") {
-    my $vrrp_instances = vrrp_update_config();
-    VyattaKeepalived::vrrp_log("vrrp update $vrrp_intf $vrrp_instances");
+    VyattaKeepalived::vrrp_log("vrrp update $vrrp_intf");
+    if ( ! -e $changes_file) {
+	my $num_changes = vrrp_find_changes();
+	if ($num_changes == 0) {
+	    #
+	    # Shouldn't happen, but ...
+	    #
+	    VyattaKeepalived::vrrp_log("unexpected 0 changes");	    
+	}
+    }
+    my $vrrp_instances = vrrp_update_config($vrrp_intf);
+    my $more_changes = remove_from_changes($vrrp_intf);
+    VyattaKeepalived::vrrp_log(" instances $vrrp_instances, $more_changes");
+    if ($vrrp_instances > 0 and $more_changes == 0) {
+	VyattaKeepalived::restart_daemon($conf_file);
+    } 
     if ($vrrp_instances == 0) {
 	VyattaKeepalived::stop_daemon();
     }
@@ -224,9 +361,9 @@ if ($action eq "delete") {
 	print "must include interface & group";
 	exit 1;
     }
+    VyattaKeepalived::vrrp_log("vrrp delete $vrrp_intf $vrrp_group");
     my $state_file = VyattaKeepalived::get_state_file($vrrp_intf, $vrrp_group);
     system("rm -f $state_file");
-    VyattaKeepalived::vrrp_log("vrrp delete $vrrp_intf $vrrp_group");
     exit 0;
 }
 
diff --git a/sysconf/config.boot.default b/sysconf/config.boot.default
deleted file mode 100644
index fdde1c74..00000000
--- a/sysconf/config.boot.default
+++ /dev/null
@@ -1,30 +0,0 @@
-system {
-    ntp-server "69.59.150.135"
-    login {
-        user root {
-            authentication {
-                encrypted-password: "$1$$Ht7gBYnxI1xCdO/JOnodh."
-            }
-        }
-        user vyatta {
-            authentication {
-                encrypted-password: "$1$$Ht7gBYnxI1xCdO/JOnodh."
-            }
-        }
-    }
-    package {
-        repository community {
-	    distribution: "stable"
-            components: "main"
-            url: "http://packages.vyatta.com/vyatta"
-        }
-    }
-}
-
-interfaces {
-    loopback lo {
-    }
-}
-
-/* Warning: Do not remove the following line. */
-/* === vyatta-config-version: "cluster@1:dhcp-relay@1:dhcp-server@1:firewall@1:nat@2:serial@1:webgui@1" === */
diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def
index c40c5f47..7d61f98e 100644
--- a/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def
+++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def
@@ -1,10 +1,5 @@
 multi:
 type: ipv4
 help: Configure virtual address
-
-create: sudo /opt/vyatta/sbin/vyatta-watchlink-exclude.pl --id=vrrp --action=add --intf="$VAR(../../../../@).$VAR(../../../@)" --ipadd=$VAR(@) --signal
-
-delete: sudo /opt/vyatta/sbin/vyatta-watchlink-exclude.pl --id=vrrp --action=remove --intf="$VAR(../../../../@).$VAR(../../../@)" --ipadd=$VAR(@) --signal
-
 comp_help: possible completions:
  <x.x.x.x>          Virtual IP address (up to 20 per group)
diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def
index af8b4624..7d61f98e 100644
--- a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def
+++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def
@@ -1,10 +1,5 @@
 multi:
 type: ipv4
 help: Configure virtual address
-
-create: sudo /opt/vyatta/sbin/vyatta-watchlink-exclude.pl --id=vrrp --action=add --intf=$VAR(../../../@) --ipadd=$VAR(@) --signal
-
-delete: sudo /opt/vyatta/sbin/vyatta-watchlink-exclude.pl --id=vrrp --action=remove --intf=$VAR(../../../@) --ipadd=$VAR(@) --signal
-
 comp_help: possible completions:
  <x.x.x.x>          Virtual IP address (up to 20 per group)
author	rbalocca <rbalocca@vyatta.com>	2008-05-21 16:06:11 -0700
committer	rbalocca <rbalocca@vyatta.com>	2008-05-21 16:06:11 -0700
commit	eafedd1e4106562073de4d20d567496903a9a443 (patch)
tree	5319c720b6752c1f5d58b97e8ca923f8901ce816
parent	24802bd1a1ec56812001e92ad158bc2f08bb1ee6 (diff)
parent	a3aa2f7e17e1cccfc9334a61547e48e156d5453b (diff)
download	vyatta-cfg-system-glendale.tar.gz vyatta-cfg-system-glendale.zip