[Swan-dev] path oddness in ../../pluto/bin/ipsec-look.sh
Andrew Cagney
andrew.cagney at gmail.com
Tue Apr 2 15:06:14 UTC 2019
In part at least, it was me ...
On Tue, 2 Apr 2019 at 10:08, Paul Wouters <paul at nohats.ca> wrote:
>
>
> Is there any reasin the final.sl uses ../../pluto/bin/ipsec-look.sh
> instead of the more intuitive ../bin/ipsec-look.sh ?
... and your observation ...
> I mean, I do think testing/pluto/bin has seen mis-use. Orginally,
> anything running on the vm would be in /testing/guestbin/ but somehow
> it now also runs things in /testing/pluto/bin/ ? It's unclear to me
> why we wouldn't merge these two into one?
... is why. Having .../pluto/bin/... provides a big hint as to where
to look for the script.
The impression I've been given (from asking on on IRC) is that
pluto/bin is for test scripts (and git history shows it is very old)
while guestbin/, which arrived later (~2012), contains the scripts
specific to setting up KVMs vis:
* testing: updates to installer
create iptables from files not kickstart file
- remove old systemd attempts to re-network the system
- added swanpath.sh and testing/guestbin
- merged the mount-bind into testing/guestbin/swan-transmogrify
that is called in rc.local.
- also copies in sysctl.conf files and iptables files
looking in guestbin:
fipsoff: called when generating certificates
fipson: called by swan-prep, so also used by docker?
swan-prep:
shared with docker?
swan-transmogrify:
set up the KVM instances (seems to be shared with Docker?)
swan-transmogrify.sh:
a far simpler version of swan-transmogrify that sets up kerberos
friendly domains
written in SH, doesn't contain docker code, see ikev2-gssapi-01/gssapi.sh)
nic-internet:
script to put nic on the internet (why not just given all domains a
natted interface)
swan-build:
not used by the KVM build system
swan-install:
still used by the KVM build system but I'm really not sure why
swan-run, swan-test:
I suspect these are broken
swan-update:
kvm-install made this redundant
so the redundant directory might well be guestbin.
More information about the Swan-dev
mailing list