diff options
| -rw-r--r-- | initscripts.spec | 14 | ||||
| -rwxr-xr-x[-rw-r--r--] | rc.d/init.d/functions | 95 | ||||
| -rw-r--r-- | rwtab | 2 | ||||
| -rwxr-xr-x | sysconfig/network-scripts/ifup | 2 | ||||
| -rwxr-xr-x | sysconfig/network-scripts/ifup-eth | 3 | ||||
| -rw-r--r-- | sysconfig/network-scripts/ifup-ipv6 | 2 | ||||
| -rwxr-xr-x[-rw-r--r--] | sysconfig/network-scripts/network-functions | 0 | ||||
| -rw-r--r-- | sysconfig/network-scripts/network-functions-ipv6 | 21 | ||||
| -rwxr-xr-x | systemd/fedora-import-state | 2 |
9 files changed, 114 insertions, 27 deletions
diff --git a/initscripts.spec b/initscripts.spec index d7680a9c..55130165 100644 --- a/initscripts.spec +++ b/initscripts.spec @@ -1,6 +1,6 @@ Summary: Scripts to bring up network interfaces and legacy utilities Name: initscripts -Version: 9.66 +Version: 9.67 License: GPLv2 Group: System Environment/Base Release: 1%{?dist} @@ -177,6 +177,18 @@ fi %{_sysconfdir}/profile.d/debug* %changelog +* Tue Jul 19 2016 Lukáš Nykrýn <lnykryn@redhat.com> - 9.67-1 +- import-state: restore also sensitivity part of SELinux context +- network: run after network-pre.target +- ifup-eth: fix setting preferred_lft and valid_lft +- ifup: don't call nmcli on any lo device +- source_config: tell NetworkManger to load ifcfg file even for NM_CONTROLLED=no +- ipv6: wait for all global IPv6 addresses to leave the "tentative" state +- rwtab: /var/lib/nfs needs to copy the files +- functions: improve killing loops +- ifup: set valid_lft and preferred_lft to forever for static ip +- service: use systemd mangle for given service + * Mon Apr 25 2016 Lukáš Nykrýn <lnykryn@redhat.com> - 9.66-1 - remove autorelabel stuff - autorelabel: turn quota off before relabeling diff --git a/rc.d/init.d/functions b/rc.d/init.d/functions index ddb89cd5..70fe5cc3 100644..100755 --- a/rc.d/init.d/functions +++ b/rc.d/init.d/functions @@ -197,6 +197,72 @@ checkpid() { return 1 } +__kill_pids_term_kill_checkpids() { + local base_stime=$1 + shift 1 + local pid= + local pids=$* + local remaining= + local stat= + local stime= + + for pid in $pids ; do + [ ! -e "/proc/$pid" ] && continue + read -r line < "/proc/$pid/stat" 2> /dev/null + + stat=($line) + stime=${stat[21]} + + [ -n "$stime" ] && [ "$base_stime" -lt "$stime" ] && continue + remaining+="$pid " + done + + echo "$remaining" + [ -n "$remaining" ] && return 1 + + return 0 +} + +__kill_pids_term_kill() { + local try=0 + local delay=3; + local pid= + local stat=($(< /proc/self/stat)) + local base_stime=${stat[21]} + + if [ "$1" = "-d" ]; then + delay=$2 + shift 2 + fi + + local kill_list=$* + + kill_list=$(__kill_pids_term_kill_checkpids $base_stime $kill_list) + + [ -z "$kill_list" ] && return 0 + + kill -TERM $kill_list >/dev/null 2>&1 + usleep 100000 + + kill_list=$(__kill_pids_term_kill_checkpids $base_stime $kill_list) + if [ -n "$kill_list" ] ; then + while [ $try -lt $delay ] ; do + sleep 1 + kill_list=$(__kill_pids_term_kill_checkpids $base_stime $kill_list) + [ -z "$kill_list" ] && break + let try+=1 + done + if [ -n "$kill_list" ] ; then + kill -KILL $kill_list >/dev/null 2>&1 + usleep 100000 + kill_list=$(__kill_pids_term_kill_checkpids $base_stime $kill_list) + fi + fi + + [ -n "$kill_list" ] && return 1 + return 0 +} + # __proc_pids {program} [pidfile] # Set $pid to pids from /var/run* for {program}. $pid should be declared # local in the caller. @@ -296,10 +362,10 @@ daemon() { # make sure it doesn't core dump anywhere unless requested corelimit="ulimit -S -c ${DAEMON_COREFILE_LIMIT:-0}" - + # if they set NICELEVEL in /etc/sysconfig/foo, honor it [ -n "${NICELEVEL:-}" ] && nice="nice -n $NICELEVEL" - + # if they set CGROUP_DAEMON in /etc/sysconfig/foo, honor it if [ -n "${CGROUP_DAEMON}" ]; then if [ ! -x /bin/cgexec ]; then @@ -349,7 +415,7 @@ killproc() { fi shift 2 fi - + # check for second arg to be kill level [ -n "${2:-}" ] && killlevel=$2 @@ -375,24 +441,7 @@ killproc() { if [ -n "$pid" ] ; then [ "$BOOTUP" = "verbose" -a -z "${LSB:-}" ] && echo -n "$base " if [ -z "$killlevel" ] ; then - if checkpid $pid 2>&1; then - # TERM first, then KILL if not dead - kill -TERM $pid >/dev/null 2>&1 - usleep 50000 - if checkpid $pid ; then - try=0 - while [ $try -lt $delay ] ; do - checkpid $pid || break - sleep 1 - let try+=1 - done - if checkpid $pid ; then - kill -KILL $pid >/dev/null 2>&1 - usleep 50000 - fi - fi - fi - checkpid $pid + __kill_pids_term_kill -d $delay $pid RC=$? [ "$RC" -eq 0 ] && failure "%s shutdown" $base || success "%s shutdown" $base RC=$((! $RC)) @@ -610,7 +659,7 @@ passed() { #fi [ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_passed return $rc -} +} # Log a warning warning() { @@ -621,7 +670,7 @@ warning() { #fi [ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_warning return $rc -} +} # Run some action. Log its output. action() { @@ -4,7 +4,6 @@ dirs /var/lib/xkb dirs /var/log dirs /var/lib/puppet dirs /var/lib/dbus -dirs /var/lib/nfs empty /tmp empty /var/cache/foomatic @@ -42,3 +41,4 @@ files /var/lib/systemd/random-seed files /var/spool files /var/lib/samba files /var/log/audit/audit.log +files /var/lib/nfs diff --git a/sysconfig/network-scripts/ifup b/sysconfig/network-scripts/ifup index 2b826e2d..f1678eb3 100755 --- a/sysconfig/network-scripts/ifup +++ b/sysconfig/network-scripts/ifup @@ -65,7 +65,7 @@ then exit 0 fi -if [ "$_use_nm" = "true" -a -n "$UUID" -a "$DEVICE" != "lo" ]; then +if [ "$_use_nm" = "true" -a -n "$UUID" -a "$REALDEVICE" != "lo" ]; then if [ "foo$2" = "fooboot" ] && [ "${TYPE}" = "Wireless" ]; then exit 0 fi diff --git a/sysconfig/network-scripts/ifup-eth b/sysconfig/network-scripts/ifup-eth index 1ecedcf4..0ff31eb3 100755 --- a/sysconfig/network-scripts/ifup-eth +++ b/sysconfig/network-scripts/ifup-eth @@ -468,6 +468,9 @@ else ( sleep 2; /sbin/arping -q -U -c 1 -I ${REALDEVICE} ${ipaddr[$idx]} ) > /dev/null 2>&1 < /dev/null & fi + + # set lifetime of address to forever + ip addr change ${ipaddr[$idx]}/${prefix[$idx]} dev ${REALDEVICE} valid_lft forever preferred_lft forever done fi diff --git a/sysconfig/network-scripts/ifup-ipv6 b/sysconfig/network-scripts/ifup-ipv6 index aeb6145d..21b8c9ef 100644 --- a/sysconfig/network-scripts/ifup-ipv6 +++ b/sysconfig/network-scripts/ifup-ipv6 @@ -308,3 +308,5 @@ if [ "$IPV6TO4INIT" = "yes" ]; then fi fi +#wait for all global IPv6 addresses to leave the "tentative" state +ipv6_wait_tentative $DEVICE diff --git a/sysconfig/network-scripts/network-functions b/sysconfig/network-scripts/network-functions index 3c0205f0..3c0205f0 100644..100755 --- a/sysconfig/network-scripts/network-functions +++ b/sysconfig/network-scripts/network-functions diff --git a/sysconfig/network-scripts/network-functions-ipv6 b/sysconfig/network-scripts/network-functions-ipv6 index 394367bb..079a055f 100644 --- a/sysconfig/network-scripts/network-functions-ipv6 +++ b/sysconfig/network-scripts/network-functions-ipv6 @@ -1042,3 +1042,24 @@ ipv6_trigger_radvd() { return 0 } + +#https://www.vaspects.com/2013/12/11/services-dont-bind-to-ipv6-address/ +ipv6_wait_tentative() { + local fn="ipv6_wait_tentative" + local device=$1 + local countdown=30 + + if [ -z "$device" ]; then + net_log $"Missing parameter 'device' (arg 1)" err $fn + return 1 + fi + + [ "$device" = lo ] && return 0 + + while [ ${countdown} -gt 0 -a -n "$(ip -6 addr show dev ${device} scope global tentative)" ]; do + net_log $"Waiting for interface ${device} IPv6 address(es) to leave the \"tentative\" state" info $fn + countdown=$(($countdown - 1)) + sleep 1 + done + return 0 +} diff --git a/systemd/fedora-import-state b/systemd/fedora-import-state index 07fd5cad..5ad29d41 100755 --- a/systemd/fedora-import-state +++ b/systemd/fedora-import-state @@ -7,5 +7,5 @@ find . -mindepth 1 -maxdepth 1 -exec cp -av -t / {} \; # run restorecon on the copied files if [ -e /sys/fs/selinux/enforce -a -x /usr/sbin/restorecon ]; then - find . -mindepth 1 -print0 | { cd / && xargs --null restorecon -i; } + find . -mindepth 1 -print0 | { cd / && xargs --null restorecon -iF; } fi |