From 88af29f3aba662aab4ca5ac3122d43139fb97004 Mon Sep 17 00:00:00 2001
From: Micah Anderson <micah@leap.se>
Date: Tue, 17 Dec 2013 15:43:58 -0500
Subject: Fix for openvpn/unbound not starting at boot (#4506)

This change sets the sysctl net.ipv4.ip_nonlocal_bind to allow
applications to bind to an address, even when the link is down. This is
necessary because applications like unbound and openvpn fail to start on
boot in some situations because interfaces are not fully up (due to a
combination of non-deterministic booting because of the likely potential
setting of allow-hotplug in the interfaces file and the LSB boot
dependency on $network not being sufficient.

The only down-side to setting this is a daemon could bind to an
incorrect ip and we wouldn't get an error, but this would be a
configuration mistake, rather than a fatal condition.

Change-Id: I5c03083e8c20bb25afad85a1230f4555808d341c
---
 .gitmodules | 3 +++
 1 file changed, 3 insertions(+)

(limited to '.gitmodules')

diff --git a/.gitmodules b/.gitmodules
index 0b339593..cc8afdb5 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -85,3 +85,6 @@
 [submodule "puppet/modules/backupninja"]
 	path = puppet/modules/backupninja
 	url = https://leap.se/git/puppet_backupninja
+[submodule "puppet/modules/sysctl"]
+	path = puppet/modules/sysctl
+	url = https://leap.se/git/puppet_sysctl
-- 
cgit v1.2.3