From d10cb1ba997fb8bd602fb570fa1868bebb9b35c6 Mon Sep 17 00:00:00 2001 From: teastep Date: Mon, 30 Jul 2007 14:35:03 +0000 Subject: [PATCH] Fix stale lock problems git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7002 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall-common/changelog.txt | 2 ++ Shorewall-common/releasenotes.txt | 5 +++++ Shorewall-common/shorewall | 32 +++++++++++++------------------ 3 files changed, 20 insertions(+), 19 deletions(-) diff --git a/Shorewall-common/changelog.txt b/Shorewall-common/changelog.txt index 82de2ec0d..9e79832ce 100644 --- a/Shorewall-common/changelog.txt +++ b/Shorewall-common/changelog.txt @@ -25,6 +25,8 @@ Changes in 4.0.1 12) Check for state match +13) Fix stale lock problems. + Changes in 4.0.0 Final 1) Fix lite install.sh manpage problem. diff --git a/Shorewall-common/releasenotes.txt b/Shorewall-common/releasenotes.txt index 244b566d1..6a79730a2 100644 --- a/Shorewall-common/releasenotes.txt +++ b/Shorewall-common/releasenotes.txt @@ -81,6 +81,11 @@ Problems corrected in 4.0.1. 10) Shorewall-perl was incorrectly rejecting 'min' as a valid unit of time in rate-limiting specifications. +11) Certain errors occurring during + start/restart/safe-start/safe-restart/try processing could cause + the lockfile to be left behind. This resulted in a 60-second delay + the next time one of these commands was run. + Other changes in Shorewall 4.0.1. 1) A new EXPAND_POLICIES option is added to shorewall.conf. The diff --git a/Shorewall-common/shorewall b/Shorewall-common/shorewall index 3cb4f1e4e..cd802b3f6 100755 --- a/Shorewall-common/shorewall +++ b/Shorewall-common/shorewall @@ -375,19 +375,18 @@ start_command() { do_it() { local rc=0 - [ -n "$nolock" ] || mutex_on - progress_message3 "Compiling..." if compiler run $debugging $nolock compile ${VARDIR}/.start; then + [ -n "$nolock" ] || mutex_on ${VARDIR}/.start $debugging start rc=$? + [ -n "$nolock" ] || mutex_off else rc=$? logger -p kern.err "ERROR:Shorewall start failed" fi - [ -n "$nolock" ] || mutex_off exit $rc } @@ -727,19 +726,18 @@ restart_command() { export NOROUTES - [ -n "$nolock" ] || mutex_on - progress_message3 "Compiling..." if compiler run $debugging $nolock compile ${VARDIR}/.restart; then + [ -n "$nolock" ] || mutex_on $SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart rc=$? + [ -n "$nolock" ] || mutex_off else rc=$? logger -p kern.err "ERROR:Shorewall restart failed" fi - [ -n "$nolock" ] || mutex_off return $rc } @@ -795,18 +793,17 @@ refresh_command() { export NOROUTES - [ -n "$nolock" ] || mutex_on - progress_message3 "Compiling..." if compiler run $debugging $nolock compile ${VARDIR}/.refresh; then + [ -n "$nolock" ] || mutex_on $SHOREWALL_SHELL ${VARDIR}/.refresh $debugging refresh + rc=$? + [ -n "$nolock" ] || mutex_off + else + rc=$? fi - rc=$? - - [ -n "$nolock" ] || mutex_off - return $rc } @@ -882,8 +879,6 @@ safe_commands() { [ -n "$STARTUP_ENABLED" ] || fatal_error "Startup is disabled" - [ -n "$nolock" ] || mutex_on - if shorewall_is_started; then running=Yes else @@ -893,7 +888,6 @@ safe_commands() { if [ "$COMMAND" = "safe-start" -a -n "$running" ]; then # the command is safe-start but the firewall is already running error_message "Shorewall is already started" - [ -n "$nolock" ] || mutex_off exit 0 fi @@ -909,7 +903,6 @@ safe_commands() { if ! compiler run $debugging nolock compile ${VARDIR}/.$command; then status=$? - [ -n "$nolock" ] || mutex_off exit $status fi @@ -926,6 +919,8 @@ safe_commands() { ;; esac + [ -n "$nolock" ] || mutex_on + if ${VARDIR}/.$command $command; then echo -n "Do you want to accept the new firewall configuration? [y/n] " @@ -1030,8 +1025,6 @@ try_command() { [ -n "$STARTUP_ENABLED" ] || fatal_error "Startup is disabled" - [ -n "$nolock" ] || mutex_on - if shorewall_is_started; then running=Yes else @@ -1050,7 +1043,6 @@ try_command() { if ! compiler run $debugging $nolock compile ${VARDIR}/.$command; then status=$? - [ -n "$nolock" ] || mutex_off exit $status fi @@ -1067,6 +1059,8 @@ try_command() { ;; esac + [ -n "$nolock" ] || mutex_on + if ${VARDIR}/.$command $command && [ -n "$timeout" ]; then sleep $timeout