We want to be sure that all configs (cluster,host,vmconfig,vmdata) don't have change during an update, to have consistency. --- debian/control | 1 + src/PVE/Firewall.pm | 9 +++++++++ 2 files changed, 10 insertions(+)
diff --git a/debian/control b/debian/control index 2a92b16..c28353e 100644 --- a/debian/control +++ b/debian/control @@ -20,6 +20,7 @@ Depends: ebtables, iptables, libpve-access-control, libpve-common-perl, + libdata-compare-perl, lsb-base, pve-cluster, ${misc:Depends}, diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm index f738dba..be448c9 100644 --- a/src/PVE/Firewall.pm +++ b/src/PVE/Firewall.pm @@ -4,6 +4,7 @@ use warnings; use strict; use POSIX; use Data::Dumper; +use Data::Compare; use Digest::SHA; use Socket qw(AF_INET6 inet_ntop inet_pton); use PVE::INotify; @@ -4204,6 +4205,14 @@ sub update { return if !PVE::Cluster::check_cfs_is_mounted(1); my ($cluster_conf, $hostfw_conf, $vmdata, $vmfw_configs) = read_config(); + sleep 1; + my ($cluster_conf2, $hostfw_conf2, $vmdata2, $vmfw_configs2) = read_config(); + + if (!Compare($cluster_conf, $cluster_conf) || !Compare($hostfw_conf, $hostfw_conf) || + !Compare($vmdata, $vmdata2) || !Compare($vmfw_configs, $vmfw_configs2)) { + syslog(info => "Can't update. Rules have changed during update"); + return; + } my $cluster_options = $cluster_conf->{options}; -- 2.11.0 _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel