/[smecontribs]/rpms/smeserver-libreswan/contribs10/smeserver-libreswan-update-createlinks-update-reauth.patch
ViewVC logotype

Annotation of /rpms/smeserver-libreswan/contribs10/smeserver-libreswan-update-createlinks-update-reauth.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (hide annotations) (download)
Wed May 24 15:41:53 2023 UTC (17 months, 2 weeks ago) by jcrisp
Branch: MAIN
CVS Tags: smeserver-libreswan-0_5-36_el7_sme, HEAD
* Wed May 24 2023 John Crisp <jcrisp@safeandsoundit.co.uk> 0.5-36.sme
- Change ipsec.conf log setting
- Create /var/log/pluto/pluto.log
- Add reauth 'yes' as an added option
- Update createlinks

1 jcrisp 1.1 diff -ruN smeserver-libreswan-0.5.old/createlinks smeserver-libreswan-0.5/createlinks
2     --- smeserver-libreswan-0.5.old/createlinks 2022-07-20 12:14:45.024142349 +0100
3     +++ smeserver-libreswan-0.5/createlinks 2023-05-24 16:38:18.199353592 +0100
4     @@ -6,14 +6,27 @@
5    
6     # our event specific for updating with yum without reboot
7     $event = "smeserver-libreswan-update";
8     +
9     #add here the path to your templates needed to expand
10     #see the /etc/systemd/system-preset/49-koozali.preset should be present for systemd integration on all you yum update event
11    
12     foreach my $file (qw(
13     - /etc/systemd/system-preset/49-koozali.preset
14     + /etc/systemd/system-preset/49-koozali.preset
15     + /etc/ipsec.conf
16     + /etc/ipsec.secrets
17     + /etc/ipsec.d/ipsec.conf
18     + /etc/ipsec.d/ipsec.secrets
19     + /etc/rc.d/init.d/masq
20     + /etc/sysctl.conf
21     ))
22     {
23     - templates2events( $file, $event );
24     + templates2events($file, qw(
25     + smeserver-libreswan-update
26     + post-upgrade
27     + console-save
28     + bootstrap-console-save
29     + remoteaccess-update
30     + ));
31     }
32    
33     #action needed in case we have a systemd unit
34     @@ -21,43 +34,17 @@
35     event_link("systemd-reload", $event, "50");
36    
37     #action specific to this package
38     -event_link("ipsec-update", $event, "60");
39     -
40     -#services we need to restart
41     -safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/ipsec");
42     -
43     -# ipsec-update
44     -my $event = "ipsec-update";
45     -foreach (qw(
46     - /etc/ipsec.conf
47     - /etc/ipsec.secrets
48     - /etc/ipsec.d/ipsec.conf
49     - /etc/ipsec.d/ipsec.secrets
50     - /etc/rc.d/init.d/masq
51     - /etc/sysctl.conf
52     - ))
53     +foreach my $event_link (qw (
54     + smeserver-libreswan-update
55     + remoteaccess-update
56     + console-save
57     +))
58     {
59     - templates2events("$_", qw(
60     - post-upgrade
61     - console-save
62     - bootstrap-console-save
63     - remoteaccess-update
64     - ipsec-update
65     - ));
66     + event_link("ipsec-update", $event_link, "60");
67     }
68    
69     -#--------------------------------------------------
70     -# actions for ipsec-update event
71     -#--------------------------------------------------
72     -
73     -event_link("ipsec-update", $event, "10");
74     -
75     -# Runlevel init links.
76     -#service_link_enhanced("ipsec", "S95", "7");
77     -#service_link_enhanced("ipsec", "K21", "6");
78     -#service_link_enhanced("ipsec", "K21", "0");
79     -#service_link_enhanced("ipsec", "K21", "1");
80     -
81     +#services we need to restart
82     +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/ipsec");
83     safe_symlink("adjust", "root/etc/e-smith/events/$event/services2adjust/masq");
84    
85     # Set up generic logfile timestamp renaming/symlinking
86     @@ -76,3 +63,6 @@
87     $event = "logrotate";
88    
89     safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/ipsec");
90     +
91     +
92     +
93     diff -ruN smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.conf/10Setup smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.conf/10Setup
94     --- smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.conf/10Setup 2022-07-20 12:14:45.024142349 +0100
95     +++ smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.conf/10Setup 2023-05-24 16:28:44.595406873 +0100
96     @@ -32,7 +32,7 @@
97     $OUT .= " protostack=netkey\n";
98     $OUT .= " plutodebug=$debugstatus\n";
99     $OUT .= " #klipsdebug=none\n";
100     - $OUT .= " plutostderrlog=/var/log/pluto/pluto.log\n";
101     + $OUT .= " log=/var/log/pluto/pluto.log\n";
102     $OUT .= " dumpdir=/var/run/pluto/\n";
103    
104     if ( $keepalive ne '' ) {
105     diff -ruN smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection
106     --- smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection 2022-07-20 12:14:45.024142349 +0100
107     +++ smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection 2023-05-24 16:28:44.595406873 +0100
108     @@ -256,7 +256,7 @@
109     }
110    
111     my $reauth = $ipsecDB->get_prop( $ipsecprop, 'reauth' ) || '';
112     - if ( $reauth eq 'y' || $reauth eq '1' ) {
113     + if ( $reauth eq 'y' || $reauth eq 'yes' || $reauth eq '1' ) {
114     $OUT .= " reauth=yes\n";
115     }
116     } # End if ( $ipsecstatus eq 'enabled' )

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed