Hello community, here is the log from the commit of package keepalived.11715 for openSUSE:Leap:15.1:Update checked in at 2020-04-17 00:12:42 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.1:Update/keepalived.11715 (Old) and /work/SRC/openSUSE:Leap:15.1:Update/.keepalived.11715.new.2738 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "keepalived.11715" Fri Apr 17 00:12:42 2020 rev:1 rq:793681 version:2.0.19 Changes: -------- New Changes file: --- /dev/null 2020-04-14 14:47:33.391806949 +0200 +++ /work/SRC/openSUSE:Leap:15.1:Update/.keepalived.11715.new.2738/keepalived.changes 2020-04-17 00:12:43.464054374 +0200 @@ -0,0 +1,1743 @@ +------------------------------------------------------------------- +Thu Nov 7 02:20:31 UTC 2019 - Marcus Rueckert <mrueck...@suse.de> + +- new BR pkgconfig(libnftnl) to fix nftables support + +------------------------------------------------------------------- +Thu Nov 7 02:03:15 UTC 2019 - Marcus Rueckert <mrueck...@suse.de> + +- update to 2.0.19 + Fix minor IPVS features support. Extend BFD to support more than + one BFD instance with a neighnour. Extend nftable support. Script + timeout extension. Properly filter IGMP/MLD packets on VMAC + interface. Refer to ChangeLog for more infos. + + https://keepalived.org/changelog.html +- changes from 2.0.18 + Add support to IPVS new GUE tunnel type. New feature 'weight + reverse' available in all trackers. Resolve all outstanding + coverity issues. Some fixes and performance extensions. Refer to + ChangeLog for more infos. + + https://keepalived.org/changelog.html + +------------------------------------------------------------------- +Tue Jul 23 17:30:04 UTC 2019 - ch...@computersalat.de + +- Update to 2.0.17 (2019-06-25) + * https://www.keepalived.org/changelog.html +- remove obsolete patch + * systemd-after-snmp.patch +- rebase patch + * linux-4.15.patch + +------------------------------------------------------------------- +Tue Apr 16 19:04:13 UTC 2019 - Marcus Rueckert <mrueck...@suse.de> + +- added systemd-after-snmp.patch: + If you want to use the snmp support the masterx socket needs be + available otherwise the snmp support is broken + strictly speaking we would need to use BindsTo= here but that + would require that add a Requires for net-snmp to the keepalived + package. to be discussed. + +------------------------------------------------------------------- +Tue Apr 16 19:01:38 UTC 2019 - Marcus Rueckert <mrueck...@suse.de> + +- update to 2.0.15 + - Fix uninitialised variable. + - Fix rpmbuild on CentOS7, and rely on auto-requires. + - Add option to flush lvs on shutdown. Currently all known + virtual servers and their real servers are removed one at a + time at shutdown. With large configurations on a busy system, + this can take some time. Add an option just like the existing + 'lvs_flush' which operates on shutdown. Typical environments + with a single keepalived instance can take advantage of this + option to achieve a faster shutdown or restart cycle. + - Make alpha mode checkers on new real servers start down on + reload. Patch #1180 identified that new real servers with + alpha mode checkers were being added online immediately, and if + the checker then failed were being removed. This commit makes + real servers that didn't exist before the reload start in down + state if they have alpha mode checkers. + - Remove duplicate config dump entry. + - Make new real servers at reload start down if have alpha mode + checkers. + - Close checker and smtp_alert sockets on reload. Issue #1177 + identified that sockets were being left open (lost) after a + reload. It transpired that these were sockets opened by + TCP_CHECK, HTTP_GET, SSL_GET, DNS_CHECK and SMTP_CHECK + checkers, and by smtp_alerts in the process of being sent. + This commit adds an extra parameter to thread_add_read() and + thread_add_write() to allow indicating that the scheduler + should close the socket when destroying threads. + - Send vrrp group backup notifies at startup. + - Make inhibit_on_failure be inherited by real server from + virtual server. + - Allow real and sorry servers to be configured with port 0 This + is to maintain backwards compatibility with keepalived prior to + commit d87f07c - "Ensure always check return from + inet_stosockaddr when parsing config". The proper way to + configure this is to omit the port, which requires the next + commit. + - Don't setup IPVS config with real and virtual servers ports + different. If the real server is using DR or TUN, the port of + the real server must be the same as the port of the virtual + server. This commit uses the virtual server port for the real + server when configuring IPVS. + - Log warnings if real server and virtual server ports don't + match This commit adds logging warnings if virtual and real + server ports, when using TUN or DR, don't match. It also sets + the real server ports to be the same as the virtual server + ports. Although listing the IPVS configuration with ipvsadm + will look different, the kernel ignored the port of a real + server when using DR or TUN, so the behaviour isn't changed, + but when looking at the configuration it now shows what is + actually happening. + - Fix warning when protocol specified for virtual server with + fwmark. + - Add log message that nb_get_retry is deprecated. + - Fix whitespace in configure.ac. + - Fix configure error when systemd not installed configure was + trying to execute pkg-config --variable=systemdsystemunitdir + systemd even if systemd was not available. This commit makes + configure only execute the above if it has determined that + systemd is the correct init package to use. + - Correct references to RFC6527 (VRRPv3 SNMP RFC). + - nsure checker->has_run is always set once a checker has run. + - Fix some indentation in configure.ac. + - Update fopen_safe() to open temporary file in destination + directory rename() in fopen_safe() was failing if the file + being created was not on the same filesystem as /tmp. + - Add ${_RANDOM} configuration keyword. It might seem strange to + introduce random elements to configuration files, but it can be + useful for testing. + - Fix using ~SEQ() in multiline configuration definitions. + - Make blank lines terminate a multiline definition. + - Minor updates for lvs_flush_on_stop. + - Add option to skip deleting real servers on shutdown or reload + If a virtual server is removed, the kernel will remove its real + servers, so keepalived doesn't explicitly need to do so. The + lvs_flush_onstop option removes all LVS configuration, whereas + this new option will only remove the virtual servers managed by + keepalived. + - Correct error message re checker_log_all_failures. + - Fix syntax error in configure.ac. + - Fix track_process initialisation for processes with PIDs + starting 9. + - Remove debugging log message. + - Remove inappropriate function const attributes They were + causing iptables/ipsets not to be initialised. + - Stop warning: function might be candidate for attribute + ‘const’ Depending on what configure options are selected, + gcc can output the above warning for + initialise_debug_options(). This commit ensures that the + warning is not produced. + - Enable strict-config-checks option in keepalived.spec RPM file. + - vrrp: relax attribute 'const' warning at iptables helpers. + - Propagate libm to KA_LIBS. + - Fix building on Alpine Linux. Alpine (musl) doesn't have a + definition of __GNU_PREREQ, so create a dummy definition. + +------------------------------------------------------------------- +Wed Apr 3 13:52:51 UTC 2019 - Marcus Rueckert <mrueck...@suse.de> + +- add buildrequires for file-devel + - used in the checker to verify scripts + +------------------------------------------------------------------- +Wed Apr 3 13:46:22 UTC 2019 - Marcus Rueckert <mrueck...@suse.de> + +- update to 2.0.14 + - Add compiler warning -Wfloat-conversion and fix new warnings. + It was discovered that passing 0.000001 as a parameter + specified as uint32_t to a function did not generate any + warning of type mismatch, or loss of precision. This commit + adds -Wfloat-conversion and fixes 3 instances of new warnings + that were generated. + - For non systemd enviroment, it occurs syntax error 'fi'. To + avoid syntax error, modify keepalived.spec.in. + - When uninstall keepalived with init upstart, stop keepalived + process. + - Fix type re LOG_INGO should be LOG_INFO - 6git stash --cached. + The code was actualy in a #ifdef INCLUDE_UNUSED_CODE block, and + so isn't currently compiled. + - Register missing thread function for thread debugging. + - Fix reutrn value of notify_script_compare misusing issue. + - Fix typo in keepalived.conf man page re BFD min_rx. + - Fix segfault when bfd process reloads config. Issue #1145 + reported the bdf process was segfaulting when reloading. The + bfd process was freeing and allocating a new thread_master_t + when reloading, which doesn't work. This commit changes the bfd + process to clean and reinitialise the thread_master_t. + - Fix segfault in handle_proc_ev(). On Linux 3.10 the ack bit + can be set in a connector message, and the CPU number is set to + UINT32_MAX. This commit skips acks, and also checks that CPU + number is within range of the number of CPUs on the system. + - Fix OpenSSL init failure with OpenSSL v1.1.1. OpenSSL v1.1.1, + but not v1.1.0h or v1.1.1b failed in SSL_CTX_new() if + OPENSSL_init_crypto(OPENSSL_INIT_NO_LOAD_CONFIG) had previously + been called. This commit doesn't call OPENSSL_init_crypto() if + doing so causes SSL_CTX_new() to fail. + - Remove all references to libnfnetlink. Commit 2899da6 (Stop + using linbl for mcast group membership and setting rx buf + sizes) stopped using libnfnetlink, but INSTALL and + keepalived.spec.in were not updated accordingly. + - Fix genhash re OPENSSL_init_crypto bug and improve + configure.ac. Commit fe6d6ac (Fix OpenSSL init failure with + OpenSSL v1.1.1) didn't update the identical code in + genhash/ssl.c. Also, an improvement for the test in + configure.ac was suggested. + - Fix log output when real server removed. FMT_VS() and FMT_RS() + both call inet_sockaddrtotrio which uses a static buffer to + return the formatted string, but since FMT_VS(), wheich simply + calls format_vs() copies the returned string to its own static + buffer, if FMT_VS() was called before FMT_RS() then the + returned strings from both could be used. The problem occurs + when both FMT_VS() and FMT_RS() are used as parameters to ++++ 1546 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:Leap:15.1:Update/.keepalived.11715.new.2738/keepalived.changes New: ---- keepalive-init.patch keepalive-rpmlintrc keepalived-2.0.19.tar.gz keepalived.changes keepalived.spec linux-4.15.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ keepalived.spec ++++++ # # spec file for package keepalived # # Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via https://bugs.opensuse.org/ # #Compat macro for new _fillupdir macro introduced in Nov 2017 %if ! %{defined _fillupdir} %define _fillupdir /var/adm/fillup-templates %endif %if 0%{?suse_version} > 1210 %bcond_without systemd %else %bcond_with systemd %endif %if 0%{?suse_version} > 1500 %bcond_without dbus %bcond_without keepalived_nftables %else %bcond_with dbus %bcond_with keepalived_nftables %endif %if 0%{?suse_version} >= 1500 %bcond_without keepalived_regex %else %bcond_with keepalived_regex %endif %bcond_without json Name: keepalived Version: 2.0.19 Release: 0 Summary: A keepalive facility for Linux License: GPL-2.0-or-later Group: Productivity/Networking/Routing Url: http://www.keepalived.org/ Source: http://www.keepalived.org/software/%{name}-%{version}.tar.gz Source2: keepalive-rpmlintrc Patch1: keepalive-init.patch # PATCH-FIX-UPSTREAM: https://github.com/acassen/keepalived/commit/947248af144bcab6376ccddab8dc40f313b14281.patch Patch2: linux-4.15.patch BuildRequires: file-devel BuildRequires: net-snmp-devel BuildRequires: pkgconfig BuildRequires: snmp-mibs BuildRequires: pkgconfig(dbus-1) BuildRequires: pkgconfig(gio-2.0) BuildRequires: pkgconfig(openssl) %if %{with json} BuildRequires: pkgconfig(json-c) %endif BuildRequires: pkgconfig(libipset) BuildRequires: pkgconfig(libiptc) BuildRequires: pkgconfig(libnl-3.0) %if %{with keepalived_regex} BuildRequires: pkgconfig(libpcre2-8) %endif BuildRequires: pkgconfig(libnfnetlink) %if %{with keepalived_nftables} BuildRequires: pkgconfig(libnftables) BuildRequires: pkgconfig(libnftnl) %endif BuildRequires: pkgconfig(popt) BuildRequires: pkgconfig(xtables) Requires(pre): pwdutils Requires(pre): %fillup_prereq %if %{with systemd} BuildRequires: systemd-rpm-macros %{?systemd_requires} %else Requires(pre): %insserv_prereq %endif %description This project provides facilities for load balancing and high-availability to Linux system and Linux-based infrastructures. The load-balancing framework relies on the Linux Virtual Server (IPVS) kernel module providing Layer4 load balancing. Keepalived implements a set of checkers to dynamically and adaptively maintain and manage loadbalanced server pool according their health. High-availability is achieved by the VRRP protocol, a fundamental brick for router failover. In addition, Keepalived implements a set of hooks to the VRRP finite state machine, providing low-level and high-speed protocol interactions. Keepalived frameworks can be used independently or all together to provide resilient infrastructures. %prep %setup -q %patch1 -p1 %patch2 -p0 chmod 644 doc/samples/* %build export STRIP=true export CPPFLAGS="$(pkg-config --cflags libnfnetlink libiptc libipset xtables)" export CFLAGS="%optflags -DOPENSSL_NO_SSL_INTERN" # --enable-dbus-create-instance \ %configure \ --disable-silent-rules \ --enable-bfd \ %if %{with json} --enable-json \ %endif --enable-snmp \ --enable-snmp-checker \ --enable-snmp-vrrp \ --enable-snmp-rfc \ --enable-snmp-rfcv2 \ --enable-snmp-rfcv3 \ %if %{with dbus} --enable-dbus \ %endif %if %{with keepalived_regex} --enable-regex \ --enable-regex-timers \ %endif %if %{with keepalived_nftables} --enable-nftables \ %endif %if %{with systemd} --with-init=systemd \ --with-systemdsystemunitdir="%{_unitdir}" \ %endif --enable-sha1 \ --enable-routes \ --enable-iptables \ --enable-dynamic-linking \ --enable-libiptc \ --enable-libiptc-dynamic \ --enable-libipset \ --enable-libipset-dynamic \ --enable-libnl \ --enable-libnl-dynamic \ --enable-stacktrace \ --enable-json make %{?_smp_mflags} %install %make_install install -dD -m 0750 %{buildroot}%{_var}/lib/%{name} install -D -m 0644 %{buildroot}/etc/sysconfig/keepalived %{buildroot}%{_fillupdir}/sysconfig.%{name} %if %{with systemd} ln -s /sbin/service %{buildroot}%{_sbindir}/rckeepalived %else install -D -m 0750 keepalived/etc/init.d/keepalived.suse.init %{buildroot}/etc/init.d/keepalived ln -s /etc/init.d/keepalived %{buildroot}%{_sbindir}/rckeepalived %endif chmod -R o= %{buildroot}/etc/keepalived rm -rv %{buildroot}/etc/keepalived/samples/ %{buildroot}/etc/sysconfig/keepalived %check # A build could silently have LVS support disabled if the kernel includes can't # be properly found, we need to avoid that. if ! grep -q "#define _WITH_LVS_ *1" lib/config.h; then %{__echo} "ERROR: We do not want keepalived lacking LVS support." >&2 exit 1 fi %pre getent group %{name} >/dev/null || /usr/sbin/groupadd -r %{name} getent passwd %{name} >/dev/null || \ /usr/sbin/useradd -g %{name} -s /bin/false -r -c "Keepalived" \ -d %{_var}/lib/%{name} %{name} %if %{with systemd} %service_add_pre %{name}.service %endif %preun %if %{with systemd} %service_del_preun %{name}.service %else %stop_on_removal %{name} %endif %post %fillup_only %{name} %if %{with systemd} %service_add_post %{name}.service %endif %postun %if %{with systemd} %service_del_postun %{name}.service %else %insserv_cleanup %restart_on_update %{name} %endif %files %defattr(-,root,root) %license COPYING %doc AUTHOR ChangeLog CONTRIBUTORS README %doc %{_datadir}/doc/keepalived/ %doc doc/samples/ %doc doc/keepalived.conf.SYNOPSIS doc/NOTE_vrrp_vmac.txt %dir %{_sysconfdir}/keepalived %dir %attr(-,keepalived,keepalived) %{_var}/lib/%{name} %{_fillupdir}/sysconfig.%{name} %config(noreplace) %{_sysconfdir}/keepalived/*conf %{_bindir}/genhash %{_sbindir}/rckeepalived %{_sbindir}/keepalived %{_mandir}/man1/genhash.1* %{_mandir}/man5/keepalived.conf.5* %{_mandir}/man8/keepalived.8* %{_datadir}/snmp/mibs/KEEPALIVED-MIB.txt %{_datadir}/snmp/mibs/VRRP-MIB.txt %{_datadir}/snmp/mibs/VRRPv3-MIB.txt # %if %{with dbus} %config /etc/dbus-1/system.d/org.keepalived.Vrrp1.conf %{_datadir}/dbus-1/interfaces/org.keepalived.Vrrp1.Instance.xml %{_datadir}/dbus-1/interfaces/org.keepalived.Vrrp1.Vrrp.xml %endif # %if %{with systemd} %{_unitdir}/%name.service %else /etc/init.d/keepalived %endif %changelog ++++++ keepalive-init.patch ++++++ Index: keepalived-2.0.7/keepalived/etc/init.d/keepalived.suse.init.in =================================================================== --- keepalived-2.0.7.orig/keepalived/etc/init.d/keepalived.suse.init.in +++ keepalived-2.0.7/keepalived/etc/init.d/keepalived.suse.init.in @@ -1,23 +1,24 @@ #! /bin/sh ### BEGIN INIT INFO -# Provides: keepalived +# Provides: keepalived # Required-Start: $remote_fs $syslog -# Required-Stop : $remote_fs $syslog -# Default-Start : 3 5 -# Default-Stop : 0 1 2 6 -# Description : Start keepalived to allow XY and provide YZ -# continued on second line by '#<TAB>' +# Required-Stop: $remote_fs $syslog +# Default-Start: 3 5 +# Default-Stop: 0 1 2 6 +# Short-Description: Start keepalived to manage IPVS & LVS +# Description: Start keepalived to manage IPVS & LVS ### END INIT INFO -DAEMON="Keepalived daemon" -DAEMON_BIN="@sbindir@/keepalived" -DAEMON_CONF="@sysconfdir@/keepalived/keepalived.conf" -DAEMON_PIDFILE="@localstatedir@/run/keepalived.pid" -DAEMON_OPT="-d" +DAEMON='Keepalived daemon' +DAEMON_BIN='@sbindir@/keepalived' +DAEMON_CONF='@sysconfdir@/keepalived/keepalived.conf' +DAEMON_PIDFILE='@localstatedir@/run/keepalived.pid' +DAEMON_SYSCONF='/etc/sysconfig/keepalived' +DAEMON_OPT='-d' #DAEMON_USER="root" -SUPPORTS_HUP="yes" +SUPPORTS_HUP='yes' # PidFile @localstatedir@/run/keepalived.pid # DatabaseOwner root @@ -25,6 +26,18 @@ pid_par=${DAEMON_PIDFILE:+"-p $DAEMON_PI usr_par=${DAEMON_USER:+"-u $DAEMON_USER"} test -x $DAEMON_BIN || exit 5 +test -x $DAEMON_BIN || { echo "$DAEMON_BIN not installed or executable"; + if [ "$1" = "stop" ]; then exit 0; + else exit 5; fi; } + +test -r $DAEMON_CONF || { echo "$DAEMON_CONF not existing or readable"; + if [ "$1" = "stop" ]; then exit 0; + else exit 6; fi; } + +# read sysconfig variables that might overwrite the daemon options +if [ -r "$DAEMON_SYSCONF" ]; then + . "$DAEMON_SYSCONF" +fi # Shell functions sourced from /etc/rc.status: # rc_check check and set local and overall rc status @@ -72,8 +85,8 @@ case "$1" in 0) echo -n "- Warning: daemon already running. " ;; 1) echo -n "- Warning: ${DAEMON_PIDFILE} exists. " ;; esac -# echo "startproc $usr_par $pid_par ${DAEMON_BIN} ${DAEMON_OPT}" - startproc $usr_par $pid_par ${DAEMON_BIN} ${DAEMON_OPT} +# echo "startproc $usr_par $pid_par ${DAEMON_BIN} ${DAEMON_OPT} ${KEEPALIVED_OPTIONS}" + startproc $usr_par $pid_par ${DAEMON_BIN} ${DAEMON_OPT} ${KEEPALIVED_OPTIONS} rc_status -v ;; stop) ++++++ keepalive-rpmlintrc ++++++ # Those PEM files are only examples: addFilter("pem-certificate /usr/share/doc/packages/keepalived/samples/.*.pem") ++++++ linux-4.15.patch ++++++ >From 947248af144bcab6376ccddab8dc40f313b14281 Mon Sep 17 00:00:00 2001 From: Baruch Siach <bar...@tkos.co.il> Date: Fri, 9 Feb 2018 11:55:19 +0200 Subject: [PATCH] Fix build with Linux kernel headers v4.15 Linux kernel version 4.15 changed the libc/kernel headers suppression logic in a way that introduces collisions: In file included from ./../include/vrrp_ipaddress.h:32:0, from ./../include/vrrp_arp.h:31, from vrrp.c:29: /home/peko/autobuild/instance-1/output/host/arc-buildroot-linux-uclibc/sysroot/usr/include/linux/in.h:29:3: error: redeclaration of enumerator 'IPPROTO_IP' IPPROTO_IP = 0, /* Dummy protocol for TCP */ ^ /home/peko/autobuild/instance-1/output/host/arc-buildroot-linux-uclibc/sysroot/usr/include/netinet/in.h:33:5: note: previous definition of 'IPPROTO_IP' was here IPPROTO_IP = 0, /* Dummy protocol for TCP. */ ^~~~~~~~~~ Include the libc netinet/in.h header first to suppress the kernel header. In addition, add _GNU_SOURCE to vrrp.c for the libc provided in6_pktinfo definition. Signed-off-by: Baruch Siach <bar...@tkos.co.il> --- keepalived/include/vrrp_arp.h | 1 + keepalived/vrrp/vrrp.c | 1 + 2 files changed, 2 insertions(+) Index: keepalived/include/vrrp_arp.h =================================================================== --- keepalived/include/vrrp_arp.h.orig +++ keepalived/include/vrrp_arp.h @@ -24,6 +24,7 @@ #define _VRRP_ARP_H /* system includes */ +#include <netinet/in.h> #include <sys/types.h> #include <linux/if_infiniband.h> Index: keepalived/vrrp/vrrp.c =================================================================== --- keepalived/vrrp/vrrp.c.orig +++ keepalived/vrrp/vrrp.c @@ -44,6 +44,7 @@ #endif /* local include */ +#define _GNU_SOURCE #include "parser.h" #include "vrrp_arp.h" Index: keepalived/include/vrrp_if.h =================================================================== --- keepalived/include/vrrp_if.h.orig +++ keepalived/include/vrrp_if.h @@ -33,9 +33,7 @@ #include <sys/types.h> #include <net/if.h> #include <stdio.h> -#ifdef _HAVE_NET_LINUX_IF_H_COLLISION_ #define _LINUX_IF_H -#endif #include <linux/netdevice.h> #ifdef _HAVE_VRRP_VMAC_ #include <linux/if_link.h>
