From e9638edf48bbb4f2dba5fa8795c2abd711975b8f Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Fri, 25 Apr 2008 15:02:46 -0700 Subject: watchlink is no longer used The watchlink exclude is no longer used. --- .../vif/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def | 5 ----- .../node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def | 5 ----- 2 files changed, 10 deletions(-) diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def index c40c5f47..7d61f98e 100644 --- a/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def @@ -1,10 +1,5 @@ multi: type: ipv4 help: Configure virtual address - -create: sudo /opt/vyatta/sbin/vyatta-watchlink-exclude.pl --id=vrrp --action=add --intf="$VAR(../../../../@).$VAR(../../../@)" --ipadd=$VAR(@) --signal - -delete: sudo /opt/vyatta/sbin/vyatta-watchlink-exclude.pl --id=vrrp --action=remove --intf="$VAR(../../../../@).$VAR(../../../@)" --ipadd=$VAR(@) --signal - comp_help: possible completions: Virtual IP address (up to 20 per group) diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def index af8b4624..7d61f98e 100644 --- a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def +++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def @@ -1,10 +1,5 @@ multi: type: ipv4 help: Configure virtual address - -create: sudo /opt/vyatta/sbin/vyatta-watchlink-exclude.pl --id=vrrp --action=add --intf=$VAR(../../../@) --ipadd=$VAR(@) --signal - -delete: sudo /opt/vyatta/sbin/vyatta-watchlink-exclude.pl --id=vrrp --action=remove --intf=$VAR(../../../@) --ipadd=$VAR(@) --signal - comp_help: possible completions: Virtual IP address (up to 20 per group) -- cgit v1.2.3 From b84c899600b4480ef63c3d153bfa2e3357fb4908 Mon Sep 17 00:00:00 2001 From: Mark O'Brien Date: Tue, 29 Apr 2008 16:42:17 -0700 Subject: 3.0.3 --- debian/changelog | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/debian/changelog b/debian/changelog index 263a6f69..1e41734f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,19 @@ +vyatta-cfg-system (0.7) unstable; urgency=low + + 3.0.3 + [ Mark O'Brien ] + + + [ Stephen Hemminger ] + * watchlink is no longer used + + [ rbalocca ] + * Indicate the VC4.0.2 release candidate in the changelog + + [ Mark O'Brien ] + + -- Mark O'Brien Tue, 29 Apr 2008 16:42:17 -0700 + vyatta-cfg-system (0.6) unstable; urgency=low VC4.0.2 -- cgit v1.2.3 From 4dada2ec3af679c4f2492d297738d7e1e0d0fe4f Mon Sep 17 00:00:00 2001 From: rbalocca Date: Tue, 22 Apr 2008 18:49:18 -0700 Subject: config.boot.default is not moved to the top level repo (build-iso.git) --- Makefile.am | 1 - sysconf/config.boot.default | 30 ------------------------------ 2 files changed, 31 deletions(-) delete mode 100644 sysconf/config.boot.default diff --git a/Makefile.am b/Makefile.am index 949aba4a..9e35f778 100644 --- a/Makefile.am +++ b/Makefile.am @@ -38,7 +38,6 @@ sysconf_DATA += sysconf/logrotate_messages sysconf_DATA += sysconf/motd.tail sysconf_DATA += sysconf/syslog.conf sysconf_DATA += sysconf/default_ssh -sysconf_DATA += sysconf/config.boot.default libudev_SCRIPTS = scripts/vyatta_net_name etcudev_DATA = sysconf/vyatta-net.rules diff --git a/sysconf/config.boot.default b/sysconf/config.boot.default deleted file mode 100644 index fdde1c74..00000000 --- a/sysconf/config.boot.default +++ /dev/null @@ -1,30 +0,0 @@ -system { - ntp-server "69.59.150.135" - login { - user root { - authentication { - encrypted-password: "$1$$Ht7gBYnxI1xCdO/JOnodh." - } - } - user vyatta { - authentication { - encrypted-password: "$1$$Ht7gBYnxI1xCdO/JOnodh." - } - } - } - package { - repository community { - distribution: "stable" - components: "main" - url: "http://packages.vyatta.com/vyatta" - } - } -} - -interfaces { - loopback lo { - } -} - -/* Warning: Do not remove the following line. */ -/* === vyatta-config-version: "cluster@1:dhcp-relay@1:dhcp-server@1:firewall@1:nat@2:serial@1:webgui@1" === */ -- cgit v1.2.3 From 854422e8ee96b30427a60f6c7678c283adddf182 Mon Sep 17 00:00:00 2001 From: Stig Thormodsrud Date: Sat, 3 May 2008 18:49:34 -0700 Subject: Mimic the transaction mechanism to only restart the vrrp daemon once/commit. --- scripts/keepalived/vyatta-keepalived.pl | 153 ++++++++++++++++++++++++++++++-- 1 file changed, 145 insertions(+), 8 deletions(-) diff --git a/scripts/keepalived/vyatta-keepalived.pl b/scripts/keepalived/vyatta-keepalived.pl index fff1acf1..c4b7909f 100755 --- a/scripts/keepalived/vyatta-keepalived.pl +++ b/scripts/keepalived/vyatta-keepalived.pl @@ -31,8 +31,12 @@ use Getopt::Long; use strict; use warnings; +my $changes_file = '/var/log/vrrpd/changes'; +my $conf_file = VyattaKeepalived::get_conf_file(); + my %HoA_sync_groups; + sub keepalived_get_values { my ($intf, $path) = @_; @@ -136,9 +140,130 @@ sub vrrp_get_sync_groups { return $output; } +sub vrrp_read_changes { + my @lines = (); + open(my $FILE, "<", $changes_file) or die "Error: read $!"; + @lines = <$FILE>; + close($FILE); + chomp @lines; + return @lines; +} + +sub vrrp_save_changes { + my @list = @_; + + my $num_changes = scalar(@list); + VyattaKeepalived::vrrp_log("saving changes file $num_changes"); + open(my $FILE, ">", $changes_file) or die "Error: write $!"; + print $FILE join("\n", @list), "\n"; + close($FILE); +} + +sub vrrp_find_changes { + + my @list = (); + my $config = new VyattaConfig; + my $vrrp_instances = 0; + + $config->setLevel("interfaces ethernet"); + my @eths = $config->listNodes(); + foreach my $eth (@eths) { + my $path = "interfaces ethernet $eth"; + $config->setLevel($path); + if ($config->exists("vrrp")) { + my %vrrp_status_hash = $config->listNodeStatus("vrrp"); + my ($vrrp, $vrrp_status) = each(%vrrp_status_hash); + if ($vrrp_status ne "static") { + push @list, $eth; + VyattaKeepalived::vrrp_log("$vrrp_status found $eth"); + } + } + if ($config->exists("vif")) { + my $path = "interfaces ethernet $eth vif"; + $config->setLevel($path); + my @vifs = $config->listNodes(); + foreach my $vif (@vifs) { + my $vif_intf = $eth . "." . $vif; + my $vif_path = "$path $vif"; + $config->setLevel($vif_path); + if ($config->exists("vrrp")) { + my %vrrp_status_hash = $config->listNodeStatus("vrrp"); + my ($vrrp, $vrrp_status) = each(%vrrp_status_hash); + if ($vrrp_status ne "static") { + push @list, "$eth.$vif"; + VyattaKeepalived::vrrp_log("$vrrp_status found $eth.$vif"); + } + } + } + } + } + + # + # Now look for deleted from the origin tree + # + $config->setLevel("interfaces ethernet"); + @eths = $config->listOrigNodes(); + foreach my $eth (@eths) { + my $path = "interfaces ethernet $eth"; + $config->setLevel($path); + if ($config->isDeleted("vrrp")) { + push @list, $eth; + VyattaKeepalived::vrrp_log("Delete found $eth"); + } + $config->setLevel("$path vif"); + my @vifs = $config->listOrigNodes(); + foreach my $vif (@vifs) { + my $vif_intf = $eth . "." . $vif; + my $vif_path = "$path vif $vif"; + $config->setLevel($vif_path); + if ($config->isDeleted("vrrp")) { + push @list, "$eth.$vif"; + VyattaKeepalived::vrrp_log("Delete found $eth.$vif"); + } + } + } + + my $num = scalar(@list); + VyattaKeepalived::vrrp_log("Start transation: $num changes"); + if ($num) { + vrrp_save_changes(@list); + } + return $num; +} + +sub remove_from_changes { + my $intf = shift; + + my @lines = vrrp_read_changes(); + if (scalar(@lines) < 1) { + # + # we shouldn't get to this point, but try to handle it if we do + # + system("rm -f $changes_file"); + return 0; + } + my @new_lines = (); + foreach my $line (@lines) { + if ($line =~ /$intf$/) { + VyattaKeepalived::vrrp_log("remove_from_changes [$line]"); + } else { + push @new_lines, $line; + } + } + + my $num_changes = scalar(@new_lines); + if ($num_changes > 0) { + vrrp_save_changes(@new_lines); + } else { + system("rm -f $changes_file"); + } + return $num_changes; +} + sub vrrp_update_config { - my $output; + my ($intf) = @_; + my $output = ''; my $config = new VyattaConfig; $config->setLevel("interfaces ethernet"); @@ -175,16 +300,14 @@ sub vrrp_update_config { } } } - + if ($vrrp_instances > 0) { my $sync_groups = vrrp_get_sync_groups(); if (defined $sync_groups && $sync_groups ne "") { $output = $sync_groups . $output; } - my $conf_file = VyattaKeepalived::get_conf_file(); keepalived_write_file($conf_file, $output); - VyattaKeepalived::restart_daemon($conf_file); - } + } return $vrrp_instances; } @@ -212,8 +335,22 @@ if (! defined $action) { } if ($action eq "update") { - my $vrrp_instances = vrrp_update_config(); - VyattaKeepalived::vrrp_log("vrrp update $vrrp_intf $vrrp_instances"); + VyattaKeepalived::vrrp_log("vrrp update $vrrp_intf"); + if ( ! -e $changes_file) { + my $num_changes = vrrp_find_changes(); + if ($num_changes == 0) { + # + # Shouldn't happen, but ... + # + VyattaKeepalived::vrrp_log("unexpected 0 changes"); + } + } + my $vrrp_instances = vrrp_update_config($vrrp_intf); + my $more_changes = remove_from_changes($vrrp_intf); + VyattaKeepalived::vrrp_log(" instances $vrrp_instances, $more_changes"); + if ($vrrp_instances > 0 and $more_changes == 0) { + VyattaKeepalived::restart_daemon($conf_file); + } if ($vrrp_instances == 0) { VyattaKeepalived::stop_daemon(); } @@ -224,9 +361,9 @@ if ($action eq "delete") { print "must include interface & group"; exit 1; } + VyattaKeepalived::vrrp_log("vrrp delete $vrrp_intf $vrrp_group"); my $state_file = VyattaKeepalived::get_state_file($vrrp_intf, $vrrp_group); system("rm -f $state_file"); - VyattaKeepalived::vrrp_log("vrrp delete $vrrp_intf $vrrp_group"); exit 0; } -- cgit v1.2.3 From cbb590de1de9c3efc03130547236b8e37a3ba1dc Mon Sep 17 00:00:00 2001 From: An-Cheng Huang Date: Mon, 5 May 2008 16:09:10 -0700 Subject: fix for bug 3225: only insert sudoers if not present. --- debian/vyatta-cfg-system.postinst.in | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/debian/vyatta-cfg-system.postinst.in b/debian/vyatta-cfg-system.postinst.in index 30cbfd5a..17d1264d 100644 --- a/debian/vyatta-cfg-system.postinst.in +++ b/debian/vyatta-cfg-system.postinst.in @@ -30,7 +30,9 @@ if [ "$sysconfdir" != "/etc" ]; then fi # Allow operator to do a limited number of commands without password - cat <<"EOF" >>/etc/sudoers + if ! grep -q '^%operator ALL=NOPASSWD:' /etc/sudoers; then + cat <<"EOF" >>/etc/sudoers +### BEGIN VYATTA OPERATOR COMMANDS Cmnd_Alias IPTABLES = /sbin/iptables --list -n,\ /sbin/iptables -L -vn,\ /sbin/iptables -L * -vn,\ @@ -46,7 +48,9 @@ Cmnd_Alias DATE = /bin/date, /usr/sbin/ntpdate Cmnd_Alias PPPOE_CMDS = /sbin/pppd, /sbin/poff %operator ALL=NOPASSWD: /sbin/reboot, DATE, IPTABLES, ETHTOOLP, IPFLUSH, \ PPPOE_CMDS +### END VYATTA OPERATOR COMMANDS EOF + fi # for "users" level (FIXME) if ! grep -q "^%users ALL=NOPASSWD: ${bindir}/sudo-users/" /etc/sudoers; then -- cgit v1.2.3 From 2ee12b4b36e5026d1ba48ed38a71fe06a606809b Mon Sep 17 00:00:00 2001 From: Mark O'Brien Date: Mon, 5 May 2008 16:40:35 -0700 Subject: 3.0.4 --- debian/changelog | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/debian/changelog b/debian/changelog index 1e41734f..e2b290b6 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,24 @@ +vyatta-cfg-system (0.8) unstable; urgency=low + + 3.0.4 + [ Mark O'Brien ] + + + [ An-Cheng Huang ] + * fix for bug 3225: only insert sudoers if not present. + + [ Stig Thormodsrud ] + * Mimic the transaction mechanism to only restart the vrrp daemon + once/commit. + + [ rbalocca ] + * config.boot.default is not moved to the top level repo (build- + iso.git) + + [ Mark O'Brien ] + + -- Mark O'Brien Mon, 05 May 2008 16:40:35 -0700 + vyatta-cfg-system (0.7) unstable; urgency=low 3.0.3 -- cgit v1.2.3 From a3aa2f7e17e1cccfc9334a61547e48e156d5453b Mon Sep 17 00:00:00 2001 From: Mark O'Brien Date: Tue, 6 May 2008 12:43:16 -0700 Subject: 3.0.5 --- debian/changelog | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/debian/changelog b/debian/changelog index e2b290b6..bd9e876e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +vyatta-cfg-system (0.9) unstable; urgency=low + + 3.0.5 + + + -- Mark O'Brien Tue, 06 May 2008 12:43:15 -0700 + vyatta-cfg-system (0.8) unstable; urgency=low 3.0.4 -- cgit v1.2.3 From 9bc06ac99e68468f05ecd5aa2be8579f4d5112a1 Mon Sep 17 00:00:00 2001 From: rbalocca Date: Wed, 7 May 2008 14:48:05 -0700 Subject: Convert to our method of changelog creation --- .gitignore | 1 - ChangeLog | 1 + debian/autogen.sh | 26 -------------------------- 3 files changed, 1 insertion(+), 27 deletions(-) create mode 120000 ChangeLog diff --git a/.gitignore b/.gitignore index 98544e9c..f3feda07 100644 --- a/.gitignore +++ b/.gitignore @@ -3,7 +3,6 @@ /aclocal.m4 /autom4te.cache /build-stamp -/ChangeLog /config /config.log /config.guess diff --git a/ChangeLog b/ChangeLog new file mode 120000 index 00000000..d526672c --- /dev/null +++ b/ChangeLog @@ -0,0 +1 @@ +debian/changelog \ No newline at end of file diff --git a/debian/autogen.sh b/debian/autogen.sh index ff125d1d..e8c94af8 100755 --- a/debian/autogen.sh +++ b/debian/autogen.sh @@ -1,32 +1,6 @@ #!/bin/sh -if [ -d .git ] ; then -# generate GNU/Debian format ChangeLog from git log - - rm -f ChangeLog - - if which git2cl >/dev/null ; then - git-log --pretty --numstat --summary | git2cl >> ChangeLog - else - git-log --pretty=short >> ChangeLog - fi - -# append repository reference - - url=` git repo-config --get remote.origin.url` - test "x$url" = "x" && url=`pwd` - - branch=`git-branch --no-color | sed '/^\* /!d; s/^\* //'` - test "x$branch" = "x" && branch=master - - sha=`git log --pretty=oneline --no-color -n 1 | cut -c-8` - test "x$sha" = "x" && sha=00000000 - - echo "$url#$branch-$sha" >> ChangeLog - -fi - rm -rf config rm -f aclocal.m4 config.guess config.statusconfig.sub configure INSTALL -- cgit v1.2.3 From 6c47fa4846c453964709c02891adb4e582e4cf93 Mon Sep 17 00:00:00 2001 From: Stig Thormodsrud Date: Fri, 9 May 2008 18:39:56 -0700 Subject: Set initial vrrp state based on existing state if available. --- scripts/keepalived/vyatta-keepalived.pl | 37 ++++++++++++++++++++++++++------- 1 file changed, 30 insertions(+), 7 deletions(-) diff --git a/scripts/keepalived/vyatta-keepalived.pl b/scripts/keepalived/vyatta-keepalived.pl index c10a1ca7..7389534b 100755 --- a/scripts/keepalived/vyatta-keepalived.pl +++ b/scripts/keepalived/vyatta-keepalived.pl @@ -36,6 +36,33 @@ my $conf_file = VyattaKeepalived::get_conf_file(); my %HoA_sync_groups; +sub vrrp_get_init_state { + my ($intf, $group, $vips, $preempt) = @_; + + my $init_state; + if (VyattaKeepalived::is_running()) { + my @state_files = VyattaKeepalived::get_state_files($intf, $group); + if (scalar(@state_files) > 0) { + my ($start_time, $f_intf, $f_group, $state, $ltime) = + VyattaKeepalived::vrrp_state_parse($state_files[0]); + if ($state eq "master") { + $init_state = 'MASTER'; + } else { + $init_state = 'BACKUP'; + } + return $init_state; + } + # fall through to logic below + } + + if ($preempt eq "false") { + $init_state = 'BACKUP'; + } else { + $init_state = 'MASTER'; + } + + return $init_state; +} sub keepalived_get_values { my ($intf, $path) = @_; @@ -90,7 +117,7 @@ sub keepalived_get_values { } } - $config->setLevel("$path vrrp vrrp-group $group run-transition-scripts"); + $config->setLevel("$path vrrp vrrp-group $group run-transition-scripts"); my $run_backup_script = $config->returnValue("backup"); if(!defined $run_backup_script){ $run_backup_script = "null"; @@ -104,13 +131,9 @@ sub keepalived_get_values { $run_master_script = "null"; } - $output .= "vrrp_instance $vrrp_instance \{\n"; - if ($preempt eq "false") { - $output .= "\tstate BACKUP\n"; - } else { - $output .= "\tstate MASTER\n"; - } + my $init_state = vrrp_get_init_state($intf, $group, $vips[0], $preempt); + $output .= "\tstate $init_state\n"; $output .= "\tinterface $intf\n"; $output .= "\tvirtual_router_id $group\n"; $output .= "\tpriority $priority\n"; -- cgit v1.2.3