From: Michael Tremer Date: Sun, 16 Jun 2013 09:48:36 +0000 (+0200) Subject: keepalived: Update to 1.2.7. X-Git-Url: http://git.ipfire.org/?p=people%2Fms%2Fipfire-3.x.git;a=commitdiff_plain;h=78522c1003b3ea3ab03c277ac80fe8e55fead87a keepalived: Update to 1.2.7. --- diff --git a/keepalived/keepalived.nm b/keepalived/keepalived.nm index 8c825a3ad..1220727dd 100644 --- a/keepalived/keepalived.nm +++ b/keepalived/keepalived.nm @@ -4,8 +4,8 @@ ############################################################################### name = keepalived -version = 1.2.2 -release = 2 +version = 1.2.7 +release = 1 groups = Applications/System url = http://www.keepalived.org/ @@ -29,15 +29,16 @@ source_dl = http://www.keepalived.org/software/ build requires + kernel-devel + net-snmp-devel >= 5.7.2-2 libnl-devel openssl-devel popt-devel end configure_options += \ - --sysconfdir=/etc - -# --with-kernel-dir=$(ls -1d --sort t /lib/modules/*/build | head 1) + --enable-snmp \ + --enable-vrrp make_targets += STRIP=/bin/true diff --git a/keepalived/patches/keepalived-1.1.14-installmodules.patch b/keepalived/patches/keepalived-1.1.14-installmodules.patch deleted file mode 100644 index a5fc93c50..000000000 --- a/keepalived/patches/keepalived-1.1.14-installmodules.patch +++ /dev/null @@ -1,20 +0,0 @@ -diff -Naupr keepalived-1.1.14.orig/keepalived/Makefile.in keepalived-1.1.14/keepalived/Makefile.in ---- keepalived-1.1.14.orig/keepalived/Makefile.in 2007-09-13 15:44:39.000000000 +0200 -+++ keepalived-1.1.14/keepalived/Makefile.in 2007-09-14 12:38:43.000000000 +0200 -@@ -99,13 +99,13 @@ uninstall: - - install: - install -d $(DESTDIR)$(sbindir) -- install -m 700 $(BIN)/$(EXEC) $(DESTDIR)$(sbindir)/ -+ install -m 755 $(BIN)/$(EXEC) $(DESTDIR)$(sbindir)/ - install -d $(DESTDIR)$(init_dir) - install -m 755 etc/init.d/keepalived.init $(DESTDIR)$(init_dir)/keepalived - install -d $(DESTDIR)$(sysconf_dir) -- install -m 755 etc/init.d/keepalived.sysconfig $(DESTDIR)$(sysconf_dir)/keepalived -+ install -m 644 etc/init.d/keepalived.sysconfig $(DESTDIR)$(sysconf_dir)/keepalived - install -d $(DESTDIR)$(sysconfdir)/keepalived/samples -- install -m 644 etc/keepalived/keepalived.conf $(DESTDIR)$(sysconfdir)/keepalived/ -+ install -m 640 etc/keepalived/keepalived.conf $(DESTDIR)$(sysconfdir)/keepalived/ - install -m 644 ../doc/samples/* $(DESTDIR)$(sysconfdir)/keepalived/samples/ - install -d $(DESTDIR)$(mandir)/man5 - install -d $(DESTDIR)$(mandir)/man8 diff --git a/keepalived/patches/keepalived-1.1.19-fix-ipvs-loading.patch b/keepalived/patches/keepalived-1.1.19-fix-ipvs-loading.patch deleted file mode 100644 index 912914bce..000000000 --- a/keepalived/patches/keepalived-1.1.19-fix-ipvs-loading.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -Naupr keepalived-1.1.19.orig/keepalived/check/ipvswrapper.c keepalived-1.1.19/keepalived/check/ipvswrapper.c ---- keepalived-1.1.19.orig/keepalived/check/ipvswrapper.c 2009-09-28 13:03:40.000000000 +0200 -+++ keepalived-1.1.19/keepalived/check/ipvswrapper.c 2009-11-24 22:41:56.220195007 +0100 -@@ -789,7 +789,7 @@ string_to_number(const char *s, int min, - static int - modprobe_ipvs(void) - { -- char *argv[] = { "/sbin/modprobe", "-s", "-k", "--", "ip_vs", NULL }; -+ char *argv[] = { "/sbin/modprobe", "-s", "--", "ip_vs", NULL }; - int child; - int status; - int rc; diff --git a/keepalived/patches/keepalived-1.2.2-ip_vs.h-pathfix.patch b/keepalived/patches/keepalived-1.2.2-ip_vs.h-pathfix.patch deleted file mode 100644 index 468fc0eed..000000000 --- a/keepalived/patches/keepalived-1.2.2-ip_vs.h-pathfix.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up keepalived-1.2.2/configure.pathfix keepalived-1.2.2/configure ---- keepalived-1.2.2/configure.pathfix 2011-09-19 12:31:19.615258629 -0400 -+++ keepalived-1.2.2/configure 2011-09-19 12:31:38.872000057 -0400 -@@ -3973,7 +3973,7 @@ $as_echo "$as_me: WARNING: Cannot determ - - IPVS_SUPPORT="_WITHOUT_LVS_" - if test "$enable_lvs" != "no"; then -- ac_fn_c_check_header_mongrel "$LINENO" "net/ip_vs.h" "ac_cv_header_net_ip_vs_h" "$ac_includes_default" -+ ac_fn_c_check_header_mongrel "$LINENO" "linux/ip_vs.h" "ac_cv_header_net_ip_vs_h" "$ac_includes_default" - if test "x$ac_cv_header_net_ip_vs_h" = x""yes; then : - IPVS_SUPPORT="_WITH_LVS_" - else diff --git a/keepalived/patches/keepalived-1.2.7-dont-respawn-children.patch b/keepalived/patches/keepalived-1.2.7-dont-respawn-children.patch new file mode 100644 index 000000000..f03df932b --- /dev/null +++ b/keepalived/patches/keepalived-1.2.7-dont-respawn-children.patch @@ -0,0 +1,109 @@ +From 12e58a6c40b3bfa18f0db5db9e36ed09f68d7a0c Mon Sep 17 00:00:00 2001 +From: Ryan O'Hara +Date: Mon, 29 Oct 2012 14:10:57 -0500 +Subject: [PATCH 01/10] Add option to prevent respawn of child processes. + +This patch adds a command-line option (--dont-respawn, -R) that will +prevent the child processes from respawning. When this option is +specified, if either the checker or vrrp child processes exit the +parent process will raise the SIGTERM signal and exit. + +Signed-off-by: Ryan O'Hara +--- + keepalived/check/check_daemon.c | 9 +++++++-- + keepalived/core/main.c | 10 +++++++++- + keepalived/vrrp/vrrp_daemon.c | 9 +++++++-- + 3 files changed, 23 insertions(+), 5 deletions(-) + +diff --git a/keepalived/check/check_daemon.c b/keepalived/check/check_daemon.c +index 1119075..68759f4 100644 +--- a/keepalived/check/check_daemon.c ++++ b/keepalived/check/check_daemon.c +@@ -227,8 +227,13 @@ check_respawn_thread(thread_t * thread) + } + + /* We catch a SIGCHLD, handle it */ +- log_message(LOG_ALERT, "Healthcheck child process(%d) died: Respawning", pid); +- start_check_child(); ++ if (!(debug & 64)) { ++ log_message(LOG_ALERT, "Healthcheck child process(%d) died: Respawning", pid); ++ start_check_child(); ++ } else { ++ log_message(LOG_ALERT, "Healthcheck child process(%d) died: Exiting", pid); ++ raise(SIGTERM); ++ } + return 0; + } + +diff --git a/keepalived/core/main.c b/keepalived/core/main.c +index 57fa134..9445a4c 100644 +--- a/keepalived/core/main.c ++++ b/keepalived/core/main.c +@@ -146,6 +146,7 @@ usage(const char *prog) + " %s --check -C Only run with Health-checker subsystem.\n" + " %s --dont-release-vrrp -V Dont remove VRRP VIPs & VROUTEs on daemon stop.\n" + " %s --dont-release-ipvs -I Dont remove IPVS topology on daemon stop.\n" ++ " %s --dont-respawn -R Dont respawn child processes.\n" + " %s --dont-fork -n Dont fork the daemon process.\n" + " %s --use-file -f Use the specified configuration file.\n" + " Default is /etc/keepalived/keepalived.conf.\n" +@@ -165,7 +166,7 @@ usage(const char *prog) + #ifdef _WITH_SNMP_ + prog, + #endif +- prog, prog, prog, prog, prog, prog, prog); ++ prog, prog, prog, prog, prog, prog, prog, prog); + } + + /* Command line parser */ +@@ -184,6 +185,7 @@ parse_cmdline(int argc, char **argv) + {"log-facility", 'S', POPT_ARG_STRING, &option_arg, 'S'}, + {"dont-release-vrrp", 'V', POPT_ARG_NONE, NULL, 'V'}, + {"dont-release-ipvs", 'I', POPT_ARG_NONE, NULL, 'I'}, ++ {"dont-respawn", 'R', POPT_ARG_NONE, NULL, 'R'}, + {"dont-fork", 'n', POPT_ARG_NONE, NULL, 'n'}, + {"dump-conf", 'd', POPT_ARG_NONE, NULL, 'd'}, + {"use-file", 'f', POPT_ARG_STRING, &option_arg, 'f'}, +@@ -232,6 +234,9 @@ parse_cmdline(int argc, char **argv) + case 'D': + debug |= 32; + break; ++ case 'R': ++ debug |= 64; ++ break; + case 'S': + log_facility = LOG_FACILITY[atoi(option_arg)].facility; + break; +@@ -282,6 +287,9 @@ parse_cmdline(int argc, char **argv) + case 'D': + debug |= 32; + break; ++ case 'R': ++ debug |= 64; ++ break; + case 'S': + log_facility = LOG_FACILITY[atoi(option_arg)].facility; + break; +diff --git a/keepalived/vrrp/vrrp_daemon.c b/keepalived/vrrp/vrrp_daemon.c +index 23ff09f..cee6c80 100644 +--- a/keepalived/vrrp/vrrp_daemon.c ++++ b/keepalived/vrrp/vrrp_daemon.c +@@ -249,8 +249,13 @@ vrrp_respawn_thread(thread_t * thread) + } + + /* We catch a SIGCHLD, handle it */ +- log_message(LOG_ALERT, "VRRP child process(%d) died: Respawning", pid); +- start_vrrp_child(); ++ if (!(debug & 64)) { ++ log_message(LOG_ALERT, "VRRP child process(%d) died: Respawning", pid); ++ start_vrrp_child(); ++ } else { ++ log_message(LOG_ALERT, "VRRP child process(%d) died: Exiting", pid); ++ raise(SIGTERM); ++ } + return 0; + } + +-- +1.7.1 + diff --git a/keepalived/patches/keepalived-1.2.7-fix-error-message.patch b/keepalived/patches/keepalived-1.2.7-fix-error-message.patch new file mode 100644 index 000000000..b6f19beef --- /dev/null +++ b/keepalived/patches/keepalived-1.2.7-fix-error-message.patch @@ -0,0 +1,40 @@ +From c04dfcae58d6449980e38ed5a555d1a86f363f71 Mon Sep 17 00:00:00 2001 +From: Ryan O'Hara +Date: Mon, 19 Nov 2012 10:09:11 -0600 +Subject: [PATCH 07/10] Fix typo in error messages. + +Signed-off-by: Ryan O'Hara +--- + keepalived/vrrp/vrrp_ipaddress.c | 2 +- + keepalived/vrrp/vrrp_iproute.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/keepalived/vrrp/vrrp_ipaddress.c b/keepalived/vrrp/vrrp_ipaddress.c +index c003b1a..51cd488 100644 +--- a/keepalived/vrrp/vrrp_ipaddress.c ++++ b/keepalived/vrrp/vrrp_ipaddress.c +@@ -165,7 +165,7 @@ alloc_ipaddress(list ip_list, vector_t *strvec, interface *ifp) + ifp_local = if_get_by_ifname(vector_slot(strvec, ++i)); + if (!ifp_local) { + log_message(LOG_INFO, "VRRP is trying to assign VIP to unknown %s" +- " interface !!! go out and fixe your conf !!!", ++ " interface !!! go out and fix your conf !!!", + (char *)vector_slot(strvec, i)); + FREE(new); + return; +diff --git a/keepalived/vrrp/vrrp_iproute.c b/keepalived/vrrp/vrrp_iproute.c +index a8feec4..464259c 100644 +--- a/keepalived/vrrp/vrrp_iproute.c ++++ b/keepalived/vrrp/vrrp_iproute.c +@@ -203,7 +203,7 @@ alloc_route(list rt_list, vector_t *strvec) + ifp = if_get_by_ifname(vector_slot(strvec, ++i)); + if (!ifp) { + log_message(LOG_INFO, "VRRP is trying to assign VROUTE to unknown " +- "%s interface !!! go out and fixe your conf !!!", ++ "%s interface !!! go out and fix your conf !!!", + (char *)vector_slot(strvec, i)); + FREE(new); + return; +-- +1.7.1 + diff --git a/keepalived/patches/keepalived-1.2.7-fix-pointer-arithmetic-vrrp-packet.patch b/keepalived/patches/keepalived-1.2.7-fix-pointer-arithmetic-vrrp-packet.patch new file mode 100644 index 000000000..c4f942e1a --- /dev/null +++ b/keepalived/patches/keepalived-1.2.7-fix-pointer-arithmetic-vrrp-packet.patch @@ -0,0 +1,32 @@ +From f9264a16d6a651a15731ba43d917f0b311257d47 Mon Sep 17 00:00:00 2001 +From: Ryan O'Hara +Date: Fri, 16 Nov 2012 14:54:37 -0600 +Subject: [PATCH 05/10] Fix pointer arithmetic for VRRP packet + +When using IPSEC AH authentication, the pointer arithmetic used to get +the location of the VRRP packet is incorrect. The address of the IPSEC +header must be cast as (char *) in order to get correct address of the +VRRP packet. Without this patch, vrrp_in_chk() will fail to verify +incoming VRRP packets when IPSEC AH is enabled. + +Signed-off-by: Ryan O'Hara +--- + keepalived/vrrp/vrrp.c | 2 +- + 1 files changed, 1 insertions(+), 1 deletions(-) + +diff --git a/keepalived/vrrp/vrrp.c b/keepalived/vrrp/vrrp.c +index 1248fb8..0a8bc3f 100644 +--- a/keepalived/vrrp/vrrp.c ++++ b/keepalived/vrrp/vrrp.c +@@ -238,7 +238,7 @@ vrrp_in_chk(vrrp_rt * vrrp, char *buffer) + + if (vrrp->auth_type == VRRP_AUTH_AH) { + ah = (ipsec_ah *) (buffer + ihl); +- hd = (vrrp_pkt *) (ah + vrrp_ipsecah_len()); ++ hd = (vrrp_pkt *) ((char *) ah + vrrp_ipsecah_len()); + } else { + hd = (vrrp_pkt *) (buffer + ihl); + } +-- +1.7.1 + diff --git a/keepalived/patches/keepalived-1.2.7-fix-primary-ip-address-comparison.patch b/keepalived/patches/keepalived-1.2.7-fix-primary-ip-address-comparison.patch new file mode 100644 index 000000000..f2743ec9f --- /dev/null +++ b/keepalived/patches/keepalived-1.2.7-fix-primary-ip-address-comparison.patch @@ -0,0 +1,34 @@ +From 6e52cb884e3cab75ca5597b59027a11d982593ab Mon Sep 17 00:00:00 2001 +From: Boon Ang +Date: Thu, 6 Dec 2012 11:01:55 -0600 +Subject: [PATCH 09/10] Fix comparison of primary IP addresses. + +If a router in the master state receives an advertisement with +priority equal to the local priority, it must also compare the primary +IP addresses (RFC 3768, section 6.4.3). The code to handle this was +comparing two IP addresses with different byte-ordering, resulting in +multiple routers in the master state. This patches resolves the +problem by coverting the local primary IP address to network byte +order for the comparison. + +Signed-off-by: Ryan O'Hara +--- + keepalived/vrrp/vrrp.c | 2 +- + 1 files changed, 1 insertions(+), 1 deletions(-) + +diff --git a/keepalived/vrrp/vrrp.c b/keepalived/vrrp/vrrp.c +index 0a8bc3f..a88deb3 100644 +--- a/keepalived/vrrp/vrrp.c ++++ b/keepalived/vrrp/vrrp.c +@@ -923,7 +923,7 @@ vrrp_state_master_rx(vrrp_rt * vrrp, char *buf, int buflen) + } else if (vrrp->family == AF_INET) { + if (hd->priority > vrrp->effective_priority || + (hd->priority == vrrp->effective_priority && +- ntohl(saddr) > VRRP_PKT_SADDR(vrrp))) { ++ ntohl(saddr) > ntohl(VRRP_PKT_SADDR(vrrp)))) { + log_message(LOG_INFO, "VRRP_Instance(%s) Received higher prio advert" + , vrrp->iname); + if (proto == IPPROTO_IPSEC_AH) { +-- +1.7.1 + diff --git a/keepalived/patches/keepalived-1.2.7-fix-ssl-certificate-load.patch b/keepalived/patches/keepalived-1.2.7-fix-ssl-certificate-load.patch new file mode 100644 index 000000000..8251d8931 --- /dev/null +++ b/keepalived/patches/keepalived-1.2.7-fix-ssl-certificate-load.patch @@ -0,0 +1,34 @@ +From 3cc70656961f0384b1db030e0697a00af0b30e65 Mon Sep 17 00:00:00 2001 +From: Ryan O'Hara +Date: Mon, 19 Nov 2012 09:51:50 -0600 +Subject: [PATCH 06/10] Load SSL certificate correctly. + +This patch fixes a problem where keepalived will attempt to load an +SSL keyfile as a certificate, resulting in failure to initialize SSL +context. + +Signed-off-by: Ryan O'Hara +--- + keepalived/check/check_ssl.c | 4 ++-- + 1 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/keepalived/check/check_ssl.c b/keepalived/check/check_ssl.c +index 618d9a4..574ba30 100644 +--- a/keepalived/check/check_ssl.c ++++ b/keepalived/check/check_ssl.c +@@ -86,10 +86,10 @@ build_ssl_ctx(void) + } + + /* Load our keys and certificates */ +- if (check_data->ssl->keyfile) ++ if (check_data->ssl->certfile) + if (! + (SSL_CTX_use_certificate_chain_file +- (ssl->ctx, check_data->ssl->keyfile))) { ++ (ssl->ctx, check_data->ssl->certfile))) { + log_message(LOG_INFO, + "SSL error : Cant load certificate file..."); + return 0; +-- +1.7.1 + diff --git a/keepalived/patches/keepalived-1.2.7-remove-debug-messages.patch b/keepalived/patches/keepalived-1.2.7-remove-debug-messages.patch new file mode 100644 index 000000000..87cc85a45 --- /dev/null +++ b/keepalived/patches/keepalived-1.2.7-remove-debug-messages.patch @@ -0,0 +1,46 @@ +From fd8665b424457accfa37703d4c9456be22ab8b53 Mon Sep 17 00:00:00 2001 +From: Ryan O'Hara +Date: Mon, 10 Dec 2012 13:25:01 -0600 +Subject: [PATCH 10/10] Remove log_message calls from if_get_by_ifname. + +The if_get_by_ifname function would log a message if either the +if_queue list was empty or if the interface name was not present in +the list. Since if_get_by_ifname is called to check for the existence +of an interface before adding it to the list, the "No such interface" +message is logged whenever adding a new interface to this list. This +is normal but can be confusing. Since if_get_by_ifname returns NULL +when the interface does not exist, the caller should be responsible +for logging any error messages. + +Signed-off-by: Ryan O'Hara +--- + keepalived/vrrp/vrrp_if.c | 6 +----- + 1 files changed, 1 insertions(+), 5 deletions(-) + +diff --git a/keepalived/vrrp/vrrp_if.c b/keepalived/vrrp/vrrp_if.c +index df38d9d..6d5735e 100644 +--- a/keepalived/vrrp/vrrp_if.c ++++ b/keepalived/vrrp/vrrp_if.c +@@ -85,18 +85,14 @@ if_get_by_ifname(const char *ifname) + interface *ifp; + element e; + +- if (LIST_ISEMPTY(if_queue)) { +- log_message(LOG_ERR, "Interface queue is empty"); ++ if (LIST_ISEMPTY(if_queue)) + return NULL; +- } + + for (e = LIST_HEAD(if_queue); e; ELEMENT_NEXT(e)) { + ifp = ELEMENT_DATA(e); + if (!strcmp(ifp->ifname, ifname)) + return ifp; + } +- +- log_message(LOG_ERR, "No such interface, %s", ifname); + return NULL; + } + +-- +1.7.1 + diff --git a/keepalived/patches/keepalived-1.2.7-update-gpl-license.patch b/keepalived/patches/keepalived-1.2.7-update-gpl-license.patch new file mode 100644 index 000000000..a4eae911c --- /dev/null +++ b/keepalived/patches/keepalived-1.2.7-update-gpl-license.patch @@ -0,0 +1,146 @@ +From a6630f9e2e9d05261a5a6b880c5d452bc49e9808 Mon Sep 17 00:00:00 2001 +From: Ryan O'Hara +Date: Mon, 19 Nov 2012 10:28:40 -0600 +Subject: [PATCH 08/10] Update GPLv2 license. + +This GPLv2 license found in COPYING had a couple errors, including an +incorrect address for the Free Software Foundation. This patch updates +the GPLv2 license to match the license that can be found at: +http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt + +Signed-off-by: Ryan O'Hara +--- + COPYING | 42 +++++++++++++++++++++--------------------- + 1 files changed, 21 insertions(+), 21 deletions(-) + +diff --git a/COPYING b/COPYING +index a43ea21..d159169 100644 +--- a/COPYING ++++ b/COPYING +@@ -1,12 +1,12 @@ +- GNU GENERAL PUBLIC LICENSE +- Version 2, June 1991 ++ GNU GENERAL PUBLIC LICENSE ++ Version 2, June 1991 + +- Copyright (C) 1989, 1991 Free Software Foundation, Inc. +- 675 Mass Ave, Cambridge, MA 02139, USA ++ Copyright (C) 1989, 1991 Free Software Foundation, Inc., ++ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + +- Preamble ++ Preamble + + The licenses for most software are designed to take away your + freedom to share and change it. By contrast, the GNU General Public +@@ -15,7 +15,7 @@ software--to make sure the software is free for all its users. This + General Public License applies to most of the Free Software + Foundation's software and to any other program whose authors commit to + using it. (Some other Free Software Foundation software is covered by +-the GNU Library General Public License instead.) You can apply it to ++the GNU Lesser General Public License instead.) You can apply it to + your programs, too. + + When we speak of free software, we are referring to freedom, not +@@ -55,8 +55,8 @@ patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and + modification follow. +- +- GNU GENERAL PUBLIC LICENSE ++ ++ GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +@@ -110,7 +110,7 @@ above, provided that you also meet all of these conditions: + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) +- ++ + These requirements apply to the modified work as a whole. If + identifiable sections of that work are not derived from the Program, + and can be reasonably considered independent and separate works in +@@ -168,7 +168,7 @@ access to copy from a designated place, then offering equivalent + access to copy the source code from the same place counts as + distribution of the source code, even though third parties are not + compelled to copy the source along with the object code. +- ++ + 4. You may not copy, modify, sublicense, or distribute the Program + except as expressly provided under this License. Any attempt + otherwise to copy, modify, sublicense or distribute the Program is +@@ -225,7 +225,7 @@ impose that choice. + + This section is intended to make thoroughly clear what is believed to + be a consequence of the rest of this License. +- ++ + 8. If the distribution and/or use of the Program is restricted in + certain countries either by patents or by copyrighted interfaces, the + original copyright holder who places the Program under this License +@@ -255,7 +255,7 @@ make exceptions for this. Our decision will be guided by the two goals + of preserving the free status of all derivatives of our free software and + of promoting the sharing and reuse of software generally. + +- NO WARRANTY ++ NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY + FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +@@ -277,9 +277,9 @@ YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER + PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE + POSSIBILITY OF SUCH DAMAGES. + +- END OF TERMS AND CONDITIONS +- +- Appendix: How to Apply These Terms to Your New Programs ++ END OF TERMS AND CONDITIONS ++ ++ How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest + possible use to the public, the best way to achieve this is to make it +@@ -291,7 +291,7 @@ convey the exclusion of warranty; and each file should have at least + the "copyright" line and a pointer to where the full notice is found. + + +- Copyright (C) 19yy ++ Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by +@@ -303,16 +303,16 @@ the "copyright" line and a pointer to where the full notice is found. + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + +- You should have received a copy of the GNU General Public License +- along with this program; if not, write to the Free Software +- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. ++ You should have received a copy of the GNU General Public License along ++ with this program; if not, write to the Free Software Foundation, Inc., ++ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Also add information on how to contact you by electronic and paper mail. + + If the program is interactive, make it output a short notice like this + when it starts in an interactive mode: + +- Gnomovision version 69, Copyright (C) 19yy name of author ++ Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. +@@ -335,5 +335,5 @@ necessary. Here is a sample; alter the names: + This General Public License does not permit incorporating your program into + proprietary programs. If your program is a subroutine library, you may + consider it more useful to permit linking proprietary applications with the +-library. If this is what you want to do, use the GNU Library General ++library. If this is what you want to do, use the GNU Lesser General + Public License instead of this License. +-- +1.7.1 + diff --git a/keepalived/patches/keepalived-1.2.7-update-keepalived-man-page.patch b/keepalived/patches/keepalived-1.2.7-update-keepalived-man-page.patch new file mode 100644 index 000000000..a69e07861 --- /dev/null +++ b/keepalived/patches/keepalived-1.2.7-update-keepalived-man-page.patch @@ -0,0 +1,201 @@ +From 3a0a8643450bf9be6920ae857c03377102fdfd40 Mon Sep 17 00:00:00 2001 +From: Ryan O'Hara +Date: Mon, 5 Nov 2012 11:28:21 -0600 +Subject: [PATCH 04/10] Update keepalived man page + +The keepalived(8) was out-of-date and, in some cases, inaccurate. This +patch provides a complete rewrite of the keepalived(8) man page. This +includes updated synopsis, description, and options. + +Signed-off-by: Ryan O'Hara +--- + doc/man/man8/keepalived.8 | 179 ++++++++++++++++++++++++++------------------- + 1 files changed, 104 insertions(+), 75 deletions(-) + +diff --git a/doc/man/man8/keepalived.8 b/doc/man/man8/keepalived.8 +index 861045a..94c366a 100644 +--- a/doc/man/man8/keepalived.8 ++++ b/doc/man/man8/keepalived.8 +@@ -1,75 +1,104 @@ +-.\" +-.\" keepalived(8) +-.\" +-.\" Copyright (C) 2004 Joseph Mack +-.TH keepalived 8 "Jan 2004" +-.SH NAME +-keepalived. \- keepalive demon +-.SH SYNOPSIS +-.B "/usr/sbin/keepalived [-n] [-f keepalived.conf] [-d] [-h] [-v]" +-.SH DESCRIPTION +-The +-.B keepalived +-The keepalived server implements the vrrpd routing demon +-which enables routing failover for a pair (or set) of routers +-(or LVS directors) +-and the keepalived demon which sets up and does the health checking +-of virtual services in a Linux Virtual Servier. +-.SH OPTIONS +-.TP +-.B --vrrp, -P +-Only run the VRRP subsystem. +-.TP +-.B --check, -C +-Only run the healthchecker subsystem. +-.TP +-.B --dont-release-vrrp, -V +-leave (don't remove) VRRP VIPs & VROUTEs on daemon stop. +-.TP +---dont-release-ipvs, -I +-Dont remove IPVS topology on daemon stop. +-.TP +---dont-fork, -n +-Dont fork the daemon process. +-.TP +---use-file, -f keepalived.conf_file +-Use the specified configuration file. +-.TP +---wdog-vrrp, -R +-Define VRRP watchdog polling delay (default=5s) +-.TP +---wdog-check, -H +-Define healthchecker's watchdog polling delay (default=5s) +-.TP +---dump-conf, -d +-Dump the configuration data. +-.TP +---log-console, -l +-Log messages to local console. +-.TP +---log-detail, -D +-Detailed log messages (the default with the rc script provided). +-.TP +---log-facility, -S +-0-7 Set syslog facility to LOG_LOCAL[0-7] (default=LOG_DAEMON) +-.TP +---snmp, -x +-Enable SNMP support +-.TP +---help, -h +-Display a short inlined help screen. +-.TP +---version, -v +-Display the version number. +- +-.SH FILES +-.BR /etc/keepalived/keepalived.conf +-.SH SEE ALSO +-.BR keepalived.conf(5) +-.SH AUTHORS +-.br +-Joseph Mack +-.br +-from inspection of the output of +-.I keepalived --help +-from keepalived-1.1.4 ++.TH KEEPALIVED "8" "November 2012" ++ ++.na ++.nh ++ ++.SH "NAME" ++keepalived \- load\-balancing and high\-availability service ++ ++.SH "SYNOPSIS" ++\fBkeepalived\fP ++[\fB\-f\fP|\fB\-\-use\-file\fP=FILE] ++[\fB\-P\fP|\fB\-\-vrrp\fP] ++[\fB\-C\fP|\fB\-\-check\fP] ++[\fB\-l\fP|\fB\-\-log\-console\fP] ++[\fB\-D\fP|\fB\-\-log\-detail\fP] ++[\fB\-S\fP|\fB\-\-log\-facility\fP={0-7}] ++[\fB\-V\fP|\fB\-\-dont\-release\-vrrp\fP] ++[\fB\-I\fP|\fB\-\-dont\-release\-ipvs\fP] ++[\fB\-R\fP|\fB\-\-dont\-respawn\fP] ++[\fB\-n\fP|\fB\-\-dont\-fork\fP] ++[\fB\-d\fP|\fB\-\-dump\-conf\fP] ++[\fB\-p\fP|\fB\-\-pid\fP=FILE] ++[\fB\-r\fP|\fB\-\-vrrp_pid\fP=FILE] ++[\fB\-c\fP|\fB\-\-checkers_pid\fP=FILE] ++[\fB\-v\fP|\fB\-\-version\fP] ++[\fB\-h\fP|\fB\-\-help\fP] ++ ++.SH "DESCRIPTION" ++Keepalived provides simple and robust facilities for load\-balancing ++and high\-availability. The load\-balancing framework relies on ++well\-known and widely used Linux Virtual Server (IPVS) kernel module ++providing Layer4 load\-balancing. Keepalived implements a set of ++checkers to dynamically and adaptively maintain and manage ++load\-balanced server pool according their health. Keepalived also ++implements the VRRPv2 protocol to achieve high\-availability with ++director failover. ++ ++.SH "OPTIONS" ++.TP ++\fB -f, --use-file\fP=FILE ++Use the specified configuration file. The default configuration file ++is "/etc/keepalived/keepalived.conf". ++.TP ++\fB -P, --vrrp\fP ++Only run the VRRP subsystem. This is useful for configurations that do ++not use IPVS load balancer. ++.TP ++\fB -C, --check\fP ++Only run the healthcheck subsystem. This is useful for configurations ++that use the IPVS load balancer with a single director with no failover. ++.TP ++\fB -l, --log-console\fP ++Log messages to the local console. The default behavior is to log ++messages to syslog. ++.TP ++\fB -D, --log-detail\fP ++Detailed log messages. ++.TP ++\fB -S, --log-facility\fP=[0-7] ++Set syslog facility to LOG_LOCAL[0-7]. The default syslog facility is LOG_DAEMON. ++.TP ++\fB -V, --dont-release-vrrp\fP ++Don't remove VRRP VIPs and VROUTEs on daemon stop. The default ++behavior is to remove all VIPs and VROUTEs when keepalived exits ++.TP ++\fB -I, --dont-release-ipvs\fP ++Don't remove IPVS topology on daemon stop. The default behavior it to ++remove all entries from the IPVS virtual server table on when ++keepalived exits. ++.TP ++\fB -R, --dont-respawn\fP ++Don't respawn child processes. The default behavior is to restart the ++VRRP and checker processes if either process exits. ++.TP ++\fB -n, --dont-fork\fP ++Don't fork the daemon process. This option will cause keepalived to ++run in the foreground. ++.TP ++\fB -d, --dump-conf\fP ++Dump the configuration data. ++.TP ++\fB -p, --pid\fP=FILE ++Use specified pidfile for parent keepalived process. The default ++pidfile for keepalived is "/var/run/keepalived.pid". ++.TP ++\fB -r, --vrrp_pid\fP=FILE ++Use specified pidfile for VRRP child process. The default pidfile for ++the VRRP child process is "/var/run/keepalived_vrrp.pid". ++.TP ++\fB -c, --checkers_pid\fP=FILE ++Use specified pidfile for checkers child process. The default pidfile ++for the checker child process is "/var/run/keepalived_checkers.pid". ++.TP ++\fB -v, --version\fP ++Display the version and exit. ++.TP ++\fB -h, --help\fP ++Display this help message and exit. ++ ++.SH "SEE ALSO" ++\fBkeepalived.conf\fP(5), \fBipvsadm\fP(8) ++ ++.SH "AUTHOR" ++This man page was written by Ryan O'Hara +-- +1.7.1 + diff --git a/keepalived/systemd/keepalived.service b/keepalived/systemd/keepalived.service index 438ed78ae..0ab6efe6e 100644 --- a/keepalived/systemd/keepalived.service +++ b/keepalived/systemd/keepalived.service @@ -4,7 +4,9 @@ After=syslog.target network.target [Service] Type=forking +KillMode=process ExecStart=/usr/sbin/keepalived +ExecReload=/bin/kill -HUP $MAINPID [Install] WantedBy=multi-user.target