diff options
| author | Christian Poessinger <christian@poessinger.com> | 2021-06-24 19:40:36 +0200 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2021-06-24 19:40:36 +0200 |
| commit | 95bbbb8bed92a60a320ff255c8b8656145f3c540 (patch) | |
| tree | a5ad2a98d854d40138736950523062a202e94296 /src/op_mode | |
| parent | f8f867adeb9893756e8ce89f9c8bf9a70b7a1c67 (diff) | |
| download | vyos-1x-95bbbb8bed92a60a320ff255c8b8656145f3c540.tar.gz vyos-1x-95bbbb8bed92a60a320ff255c8b8656145f3c540.zip | |
ipsec: T3643: move swanctl.conf to /run
This is the completion of commit 50a742b5 ("IPSec: T3643: Fix path for
swanctl.conf file") that moves the generated swanctl file from non-volatile to
a volatile (tmpfs backed) storage like we do for all out configuration files.
Thus it is ensured after a reboot or service deprecation there are no accidential
leftovers from previous configurations stored on the system.
Diffstat (limited to 'src/op_mode')
| -rwxr-xr-x | src/op_mode/vpn_ipsec.py | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/op_mode/vpn_ipsec.py b/src/op_mode/vpn_ipsec.py index dd5a85ed3..68eb5e473 100755 --- a/src/op_mode/vpn_ipsec.py +++ b/src/op_mode/vpn_ipsec.py @@ -33,7 +33,7 @@ X509_CONFIG_PATH = '/etc/ipsec.d/key-pair.template' X509_PATH = '/config/auth/' IPSEC_CONF = '/etc/ipsec.conf' -SWANCTL_CONF = '/etc/swanctl/swanctl.conf' +SWANCTL_CONF = '/run/swanctl/swanctl.conf' def migrate_to_vyatta_key(path): with open(path, 'r') as f: @@ -90,7 +90,7 @@ def generate_x509_pair(name): return result = os.system(f'openssl req -new -nodes -keyout {X509_PATH}{name}.key -out {X509_PATH}{name}.csr -config {X509_CONFIG_PATH}') - + if result != 0: print(f'Could not generate x509 key-pair: {result}') return |