[Swan-dev] testing shutdowns of pluto?
andrew.cagney at gmail.com
Wed Jul 27 15:51:55 UTC 2016
On 27 July 2016 at 05:49, Paul Wouters <paul at nohats.ca> wrote:
> I think we are seeing a few false positives if during final.sh (or just
> after it when one end is still executing final.sh) one end shut down and
> sends a delete/notify to the other. It can be processed before in
> final.sh it runs ipsec look, which then shows up as a missing IPsec SA.
kvmrunner ran the scripts in the order:
INFO t1.runner nflog-01-global 1:30:36.794/1:58.900: running
scripts: east:eastinit.sh west:westinit.sh west:westrun.sh
i.e., the below was first run on east:
: ==== cut ====
ipsec auto --status
: ==== tuc ====
# show no nflog left behind
iptables -L -n
if [ -n "`ls /tmp/core* 2>/dev/null`" ]; then echo CORE FOUND; mv
/tmp/core* OUTPUT/; fi
if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi
: ==== end ====
and then, once it finished, it was then run on west.
Since the final.sh scripts are no longer being run in parallel, the
output may actually be stable - assuming "ipsec stop" blocks until
things shut down.
> For example:
> This was probably one reason to not call shutdown in final.sh mostly,
> although some testcases need to do some specific test and do that,
> such as the nflog ones.
> Swan-dev mailing list
> Swan-dev at lists.libreswan.org
More information about the Swan-dev