[xl2tpd] * Tue Jun 26 2012 Paul Wouters <pwouters at redhat.com> - 1.3.1-8 - The l2tp_ppp kernel module is now i
Paul Wouters
pwouters at fedoraproject.org
Tue Jun 26 03:49:50 UTC 2012
commit 66109b0d4b63335bf566fb19a137c1af3feacab0
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Jun 25 23:49:17 2012 -0400
* Tue Jun 26 2012 Paul Wouters <pwouters at redhat.com> - 1.3.1-8
- The l2tp_ppp kernel module is now in kernel-module-extra
- Don't insist on openswan, some ISPS use L2TP without IPsec
- Don't call grantpt(), it's not needed and triggers SElinux
block (rhbz#834861)
xl2tpd-1.3.1-pty.patch | 19 +++++++++++++++++++
xl2tpd.service | 3 ++-
xl2tpd.spec | 12 ++++++++++--
3 files changed, 31 insertions(+), 3 deletions(-)
---
diff --git a/xl2tpd-1.3.1-pty.patch b/xl2tpd-1.3.1-pty.patch
new file mode 100644
index 0000000..2679873
--- /dev/null
+++ b/xl2tpd-1.3.1-pty.patch
@@ -0,0 +1,19 @@
+diff -aur xl2tpd-1.3.1-orig/pty.c xl2tpd-1.3.1/pty.c
+--- xl2tpd-1.3.1-orig/pty.c 2011-10-06 15:22:05.000000000 -0400
++++ xl2tpd-1.3.1/pty.c 2012-06-25 23:45:51.241543911 -0400
+@@ -87,6 +87,7 @@
+ return -EINVAL;
+ }
+
++#if 0 /* not needed, triggers SElinux block */
+ /* change the onwership */
+ if (grantpt(fd))
+ {
+@@ -95,6 +96,7 @@
+ close(fd);
+ return -EINVAL;
+ }
++#endif
+
+ if (unlockpt(fd))
+ {
diff --git a/xl2tpd.service b/xl2tpd.service
index d222874..247a2ce 100644
--- a/xl2tpd.service
+++ b/xl2tpd.service
@@ -2,7 +2,8 @@
Description=Level 2 Tunnel Protocol Daemon (L2TP)
After=syslog.target network.target
After=openswan.service
-Wants=openswan.service
+# Some ISPs in Russia use l2tp without IPsec, so don't insist anymore
+#Wants=openswan.service
[Service]
Type=simple
diff --git a/xl2tpd.spec b/xl2tpd.spec
index 60672d9..aa13150 100644
--- a/xl2tpd.spec
+++ b/xl2tpd.spec
@@ -1,7 +1,7 @@
Summary: Layer 2 Tunnelling Protocol Daemon (RFC 2661)
Name: xl2tpd
Version: 1.3.1
-Release: 7%{?dist}
+Release: 8%{?dist}
License: GPL+
Url: http://www.xelerance.com/software/xl2tpd/
Group: System Environment/Daemons
@@ -12,8 +12,9 @@ Patch1: xl2tpd-1.3.1-Wunused.patch
Patch2: xl2tpd-bz80693.patch
Patch3: xl2tpd-1.3.1-kernelmode.patch
Patch4: xl2tpd-1.3.1-conf.patch
+Patch5: xl2tpd-1.3.1-pty.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-Requires: ppp >= 2.4.5-18
+Requires: ppp >= 2.4.5-18, kernel-modules-extra
BuildRequires: libpcap-devel
BuildRequires: systemd-units
Requires(post): systemd-sysv
@@ -52,6 +53,7 @@ It was de-facto maintained by Jacco de Leeuw <jacco2 at dds.nl> in 2002 and 2003.
%patch2 -p1
%patch3 -p1
%patch4 -p1
+%patch5 -p1
rm linux/include/linux/if_pppol2tp.h
%build
@@ -118,6 +120,12 @@ fi
%ghost %attr(0600,root,root) %{_localstatedir}/run/xl2tpd/l2tp-control
%changelog
+* Tue Jun 26 2012 Paul Wouters <pwouters at redhat.com> - 1.3.1-8
+- The l2tp_ppp kernel module is now in kernel-module-extra
+- Don't insist on openswan, some ISPS use L2TP without IPsec
+- Don't call grantpt(), it's not needed and triggers SElinux
+ block (rhbz#834861)
+
* Fri Jun 15 2012 Paul Wouters <pwouters at redhat.com> - 1.3.1-7
- Moved modprobe code from daemon to initscript/systemd
(SElinux does not allow a daemon to do this, see rhbz#832149)
More information about the scm-commits
mailing list