summaryrefslogtreecommitdiff
path: root/src/op_mode/vpn_ipsec.py
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-06-24 19:40:36 +0200
committerChristian Poessinger <christian@poessinger.com>2021-06-24 19:40:36 +0200
commit95bbbb8bed92a60a320ff255c8b8656145f3c540 (patch)
treea5ad2a98d854d40138736950523062a202e94296 /src/op_mode/vpn_ipsec.py
parentf8f867adeb9893756e8ce89f9c8bf9a70b7a1c67 (diff)
downloadvyos-1x-95bbbb8bed92a60a320ff255c8b8656145f3c540.tar.gz
vyos-1x-95bbbb8bed92a60a320ff255c8b8656145f3c540.zip
ipsec: T3643: move swanctl.conf to /run
This is the completion of commit 50a742b5 ("IPSec: T3643: Fix path for swanctl.conf file") that moves the generated swanctl file from non-volatile to a volatile (tmpfs backed) storage like we do for all out configuration files. Thus it is ensured after a reboot or service deprecation there are no accidential leftovers from previous configurations stored on the system.
Diffstat (limited to 'src/op_mode/vpn_ipsec.py')
-rwxr-xr-xsrc/op_mode/vpn_ipsec.py4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/op_mode/vpn_ipsec.py b/src/op_mode/vpn_ipsec.py
index dd5a85ed3..68eb5e473 100755
--- a/src/op_mode/vpn_ipsec.py
+++ b/src/op_mode/vpn_ipsec.py
@@ -33,7 +33,7 @@ X509_CONFIG_PATH = '/etc/ipsec.d/key-pair.template'
X509_PATH = '/config/auth/'
IPSEC_CONF = '/etc/ipsec.conf'
-SWANCTL_CONF = '/etc/swanctl/swanctl.conf'
+SWANCTL_CONF = '/run/swanctl/swanctl.conf'
def migrate_to_vyatta_key(path):
with open(path, 'r') as f:
@@ -90,7 +90,7 @@ def generate_x509_pair(name):
return
result = os.system(f'openssl req -new -nodes -keyout {X509_PATH}{name}.key -out {X509_PATH}{name}.csr -config {X509_CONFIG_PATH}')
-
+
if result != 0:
print(f'Could not generate x509 key-pair: {result}')
return