[Swan-dev] nsrun --ns overwriting host's /etc/ipsec.* files :(
Andrew Cagney
andrew.cagney at gmail.com
Thu Sep 24 17:08:00 UTC 2020
Some of the old code used lsw_cp_file() some did not. Do you have a
mysterious /etc/strongswan directory?
On Thu, 24 Sep 2020 at 12:19, Paul Wouters <paul at nohats.ca> wrote:
>
> I ended up a few times with test configs on my laptop's /etc/ipsec.* files.
>
> I did some testing and found out that kvmrunner.py does not do this, but
> nsrun --ns does. I made the host files immutable after restoring them and I
> see this in the test when using nsrun:
>
> /testing/guestbin/swan-prep
> Traceback (most recent call last):
> File "/testing/guestbin/swan-prep", line 380, in <module>
> copy_config_file(hostname, testpath, "/etc/ipsec.conf")
> File "/testing/guestbin/swan-prep", line 162, in copy_config_file
> shutil.copy(src, config_path)
> File "PATH/lib64/python3.9/shutil.py", line 415, in copy
> copyfile(src, dst, follow_symlinks=follow_symlinks)
> File "PATH/lib64/python3.9/shutil.py", line 261, in copyfile
> with open(src, 'rb') as fsrc, open(dst, 'wb') as fdst:
> PermissionError: [Errno 1] Operation not permitted: '/etc/ipsec.conf'
> east #
>
>
> bisecting this lead to this commit breaking it:
>
> commit 1e0b14ec0b20c3ba93d41071c1bd2aee05bdcfbc (HEAD)
> Author: Andrew Cagney <cagney at gnu.org>
> Date: Wed Sep 16 20:19:37 2020 -0400
>
> testing: cleanup swan-prep's code looking for config files in ./,
> baseconfigs/, ...
>
>
> Paul
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20200924/90189c04/attachment-0001.html>
More information about the Swan-dev
mailing list