[Swan-dev] nsrun --ns overwriting host's /etc/ipsec.* files :(
Paul Wouters
paul at nohats.ca
Thu Sep 24 17:21:58 UTC 2020
strongswan is installed on my host but it happens too on ikev2-05-basic-psk
Sent from my iPhone
> On Sep 24, 2020, at 13:08, Andrew Cagney <andrew.cagney at gmail.com> wrote:
>
>
> Some of the old code used lsw_cp_file() some did not. Do you have a mysterious /etc/strongswan directory?
>
>> On Thu, 24 Sep 2020 at 12:19, Paul Wouters <paul at nohats.ca> wrote:
>>
>> I ended up a few times with test configs on my laptop's /etc/ipsec.* files.
>>
>> I did some testing and found out that kvmrunner.py does not do this, but
>> nsrun --ns does. I made the host files immutable after restoring them and I
>> see this in the test when using nsrun:
>>
>> /testing/guestbin/swan-prep
>> Traceback (most recent call last):
>> File "/testing/guestbin/swan-prep", line 380, in <module>
>> copy_config_file(hostname, testpath, "/etc/ipsec.conf")
>> File "/testing/guestbin/swan-prep", line 162, in copy_config_file
>> shutil.copy(src, config_path)
>> File "PATH/lib64/python3.9/shutil.py", line 415, in copy
>> copyfile(src, dst, follow_symlinks=follow_symlinks)
>> File "PATH/lib64/python3.9/shutil.py", line 261, in copyfile
>> with open(src, 'rb') as fsrc, open(dst, 'wb') as fdst:
>> PermissionError: [Errno 1] Operation not permitted: '/etc/ipsec.conf'
>> east #
>>
>>
>> bisecting this lead to this commit breaking it:
>>
>> commit 1e0b14ec0b20c3ba93d41071c1bd2aee05bdcfbc (HEAD)
>> Author: Andrew Cagney <cagney at gnu.org>
>> Date: Wed Sep 16 20:19:37 2020 -0400
>>
>> testing: cleanup swan-prep's code looking for config files in ./, baseconfigs/, ...
>>
>>
>> Paul
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20200924/dda72eac/attachment.html>
More information about the Swan-dev
mailing list