Openwrt is a single user system. So keepalived is runnig as root.
If we add the config options `script_user root` and
`enabled_script_security' the following warnings are gone.
> local1.info Keepalived_vrrp[5382]: SECURITY VIOLATION - scripts are
being executed but script_security not enabled.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Backport of upstream staging commit to fix compilation issue with x86_64 as
ppc64le build hosts.
42c020aab6
This fixes#10642.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
This fixes a runtime startup error on system which does not have a
toplevel runtime directory for the pid file. On openwrt the pid is
located at /var/run and not on /run. To fix that add a configure option to
move the pid location to /var/run.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
This fixes a runtime startup error for system, which does not have enabled the
kernel config option CONFIG_PROC_EVENTS.
This workaround was published on github under the following URL.
https://github.com/acassen/keepalived/issues/1119
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
The CONTRIBUTING.md requests an (or multiple) SPDX identifier for GPL
licenses. But a lot of packages did use a different, non-SPDX style with a
"+" at the end instead of "-or-later".
Signed-off-by: Sven Eckelmann <sven@narfation.org>
When libnl is enabled and libnl-genl is disabled, libnl-genl-3.so.200 is
installed by InstallDev, and keepalived picks it up anyway.
This causes build to fail with the following error:
Package keepalived is missing dependencies for the following libraries:
libnl-genl-3.so.200
Instead of having a conditional dependency it is better to have a
consistent build. Disable libnl to enforce this.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Remove unsupported "notify" script during uci config generation.
This change will remove keepalived warnings on startup.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Append use_vmac with no_val_ so that the uci generation will treat this
as an boolean option. If the option is set then a interface with
vrrp.{virtual_router_id} is added to the system.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
If ip is referenced in the instance section it is not necessary to add a
device option on every "ip_address". In most sitution it es enough to
add only an ip. Allow empty device option will solve this issue.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
If the option 'use_vmac' is selected in a keepalived config and
kmod-macvlan is not installed then keepalived raise an error.
Netlink: error: Not supported, type=(16), seq=1510647577, pid=0
vmac: Error creating VMAC interface vrrp.42 for vrrp_instance xxx!!!
Add 'kmod-macvlan' to the package dependency list fixes this error.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
During keepalived config generation for the vrrp_instance and vrrp_sync_group
the notify_* sections are automatic added to the runtime keepalived.conf.
This could be used for service which want to react on keepalived notifications.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
In a vrrp_instance the track_interface could not be referenced similar
to a track_script. The uci track_interface section must be always set
into every vrrp_instance.
During config generation use the already prepared function
"print_track_elem_indent" to write the track_interface section into every
vrrp_instance which references this.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
If you add a notify_* script which is not only a path to a script or
to a bin file, it is necessary to quote to whole string. If you do not
quote this the config will not get accepted by keepalived and so will
not start. This will fix this issue.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
fix Makefile chmod (644)
replace MD5SUM with HASH
add PKG_MIRROR_HASH when PKG_SOURCE_PROTO:=git
(PKG_SOURCE_PROTO:=svn tarballs are not reproducible for now)
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
Talked it over with Ben (@scrpi).
He said he'd be fine with taking over maintainership of this.
@scrpi: please confirm this on PR.
Signed-off-by: Ben Kelly <ben@benjii.net>
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Commit e73964fa8f incorrectly dropped the
patch 101-update-struct-msghdr.patch. Add it again, and while add it
also add the follow-up patch that was added upstream.
Fixes#3757.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Dropped patches, unrequired.
There is a newer version released, but I cannot vouch for it yet.
We've been using this one for about a year now.
Since, I only recently became maintainer of `keepalived`, I will
push this as the current stable one, and start using a newer
version internally, before releasing it to the public.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
keepalived seems to be rather particular about which config parameters
come before others.
When defining a virtual IP address, keepalived will check to see if the
vrrp instance is associated with a valid interface. Previously, the
interface parameter was declared after the virtual IP address which
caused an error when keepalived tried to run this check. Keepalived
tries to fall back to checking if 'eth0' exists.
The fix is to re-order the config stanzas so that the interface
parameter comes before the virtual IP address definitions.
Signed-off-by: Ben Kelly <ben@benjii.net>
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Florian Eckert
Sven Eckelmann
Jan Pavlinec
Eneas U de Queiroz
Stijn Tintel
Etienne Champetier
Alexandru Ardelean
Ben Kelly