[Swan-dev] Strongswan version in test systems
Andrew Cagney
andrew.cagney at gmail.com
Thu Jul 14 14:46:01 UTC 2016
On 13 July 2016 at 12:52, Paul Wouters <paul at nohats.ca> wrote:
>
>
>> On Jul 13, 2016, at 6:15 PM, D. Hugh Redelmeier <hugh at mimosa.com> wrote:
>>
>> Paul has said that we need to use a newer version of Strongswan. Newer
>> than is built by the kvm-building makefiles. Newer than is in the Fedora
>> 22 repos.
> No, strongswan 5.4.0 is in f22, but you need to use dnf distro-update and not yum update
"distro-update" isn/t in the dnf man page? I see bleve corrected this
with "dnf distro-sync".
Something like?
- delete absolutely everything cloned from the base using:
$ make uninstall-kvm-clones
- boot and log into the base domain and then run the above using:
$ ./testing/utils/kvmsh.py --shutdown swanfedorabase dnf -y
distro-sync strongswan
- and finally get back to something testable:
$ make kvm-install
It sounds like fedora22base.ks, which currently does this at the end:
# Need pyOpenSSL with ability to dump all certificates
yum upgrade -y 2>&1 \
https://nohats.ca/ftp/pyOpenSSL/pyOpenSSL-0.14-4.fc21.noarch.rpm \
| tee /var/tmp/pyOpenSSL.log
# Need strongswan with CTR, GCM, and other fixes
yum upgrade -y 2>&1 \
https://nohats.ca/ftp/ssw/strongswan-5.3.2-1.0.lsw.fc22.x86_64.rpm \
https://nohats.ca/ftp/ssw/strongswan-debuginfo-5.3.2-1.0.lsw.fc22.x86_64.rpm
\
| tee /var/tmp/strongswan.log
needs updating?
I've been sitting on some unrelated changes that are going to trigger
a a base domain rebuild:
- set KVM_OS=fedora22 instead of fedora so it is easier to move
between OS releases
- have a per-prefix group disk so I can have *(@&$)*(@ kerberos stuff
installed in one place
Perhaps this (well post 3.18) is an opportune time to push all of them.
More information about the Swan-dev
mailing list