On Sun, 2007-15-04 at 14:08 -0700, Tom Eastep wrote:
>
> The only 'local lockf' in the code reads:
>
> local lockf=${VARDIR}/lock
Oh damn. I'm being foiled by vendor patches. Ubuntu (my administrative
box) do this:
diff -urNad shorewall-3.2.1~/functions shorewall-3.2.1/functions
--- shorewall-3.2.1~/functions 2006-07-13 16:28:22.000000000 +0200
+++ shorewall-3.2.1/functions 2006-07-29 11:17:14.000000000 +0200
@@ -463,7 +463,7 @@
mutex_on()
{
local try=0
- local lockf=${VARDIR}/lock
+ local lockf=/var/lock/shorewall
MUTEX_TIMEOUT=${MUTEX_TIMEOUT:-60}
@@ -494,7 +494,7 @@
#
mutex_off()
{
- rm -f ${VARDIR}/lock
+ rm -f /var/lock/shorewall
}
#
to their shorewall package.
> There is this entry in /etc/shorewall/shorewall.conf:
>
> SUBSYSLOCK=/var/lock/subsys/shorewall
Yeah, already set that to empty for my OpenWRT configuration. It don't
have /var/lock (or /subsys for that matter).
> But clearly, you can change that any way that you want. There are two
> different locks:
>
> ${VARDIR}/lock - used to ensure that two shorewall operations
> aren't going on at the same time.
Yeah, this is the one they changed for the reason:
* Patched the source in order to put the lockfile under /var/lock so
that it can be removed automatically during system startup (Closes:
#333590)
I guess I am going to have to apply a patch to shorewall-lite as I
described earlier. But now this becomes
shorewall-lite-for-OpenWRT-when-your-admin-box-is-Ubuntu. ~sigh~
But this is clearly a Ubuntu problem, not shorewall. The only thing
that could be remotely related to shorewall would be an RFE that pulled
that lockfile location up into a variable that a distro could easily
override and that a shorewall-lite installation could override for it's
own location as well (i.e. don't assume it's the same on every
shorewall-lite and shorewall installation).
Because really, even if Ubuntu handn't decided to move that lock file
somewhere else, shorewall-lite for OpenWRT would still have to
create /var/lock (same flavour as the last hack we discussed). But
indeed, it would know what dir it had to create and would not be
dependent on the shorewall administrative system not having changed
that.
I will bug Ubuntu about that little change.
b.
--
My other computer is your Microsoft Windows server.
Brian J. Murrell
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
