From dfbe8c4f0158366e91ea5118e5aa68c07d28ddbf Mon Sep 17 00:00:00 2001 From: Kali Kaneko Date: Thu, 15 May 2014 09:25:25 -0500 Subject: avoid openvp soft-restart. Closes: #5669 --- changes/bug-avoid-soft-restart | 1 + pkg/linux/bitmask-root | 1 + src/leap/bitmask/services/eip/vpnprocess.py | 10 ++++++---- 3 files changed, 8 insertions(+), 4 deletions(-) create mode 100644 changes/bug-avoid-soft-restart diff --git a/changes/bug-avoid-soft-restart b/changes/bug-avoid-soft-restart new file mode 100644 index 00000000..36795ad7 --- /dev/null +++ b/changes/bug-avoid-soft-restart @@ -0,0 +1 @@ +- Use openvpn hard restart. Closes: #5669 diff --git a/pkg/linux/bitmask-root b/pkg/linux/bitmask-root index d9c8a61f..136fd6a4 100755 --- a/pkg/linux/bitmask-root +++ b/pkg/linux/bitmask-root @@ -87,6 +87,7 @@ FIXED_FLAGS = [ "--script-security", "1", "--user", "nobody", "--group", "nogroup", + "--remap-usr1", "SIGTERM", ] ALLOWED_FLAGS = { diff --git a/src/leap/bitmask/services/eip/vpnprocess.py b/src/leap/bitmask/services/eip/vpnprocess.py index d57eafe2..1559ea8b 100644 --- a/src/leap/bitmask/services/eip/vpnprocess.py +++ b/src/leap/bitmask/services/eip/vpnprocess.py @@ -68,9 +68,8 @@ class VPNObserver(object): 'Network is unreachable (code=101)',), 'PROCESS_RESTART_TLS': ( "SIGUSR1[soft,tls-error]",), - # Let ping-restart work as it should - # 'PROCESS_RESTART_PING': ( - # "SIGUSR1[soft,ping-restart]",), + 'PROCESS_RESTART_PING': ( + "SIGTERM[soft,ping-restart]",), 'INITIALIZATION_COMPLETED': ( "Initialization Sequence Completed",), } @@ -296,7 +295,10 @@ class VPN(object): """ from twisted.internet import reactor self._stop_pollers() - self._user_stopped = True + + # We assume that the only valid shutodowns are initiated + # by an user action. + self._user_stopped = shutdown # First we try to be polite and send a SIGTERM... if self._vpnproc: -- cgit v1.2.3