From 95bbbb8bed92a60a320ff255c8b8656145f3c540 Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Thu, 24 Jun 2021 19:40:36 +0200
Subject: ipsec: T3643: move swanctl.conf to /run

This is the completion of commit 50a742b5 ("IPSec: T3643: Fix path for
swanctl.conf file") that moves the generated swanctl file from non-volatile to
a volatile (tmpfs backed) storage like we do for all out configuration files.

Thus it is ensured after a reboot or service deprecation there are no accidential
leftovers from previous configurations stored on the system.
---
 src/op_mode/vpn_ipsec.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/op_mode/vpn_ipsec.py')

diff --git a/src/op_mode/vpn_ipsec.py b/src/op_mode/vpn_ipsec.py
index dd5a85ed3..68eb5e473 100755
--- a/src/op_mode/vpn_ipsec.py
+++ b/src/op_mode/vpn_ipsec.py
@@ -33,7 +33,7 @@ X509_CONFIG_PATH = '/etc/ipsec.d/key-pair.template'
 X509_PATH = '/config/auth/'
 
 IPSEC_CONF = '/etc/ipsec.conf'
-SWANCTL_CONF = '/etc/swanctl/swanctl.conf'
+SWANCTL_CONF = '/run/swanctl/swanctl.conf'
 
 def migrate_to_vyatta_key(path):
     with open(path, 'r') as f:
@@ -90,7 +90,7 @@ def generate_x509_pair(name):
             return
 
     result = os.system(f'openssl req -new -nodes -keyout {X509_PATH}{name}.key -out {X509_PATH}{name}.csr -config {X509_CONFIG_PATH}')
-    
+
     if result != 0:
         print(f'Could not generate x509 key-pair: {result}')
         return
-- 
cgit v1.2.3