Because of recent changes when creating AF_NETLINK socket, kernel will
cache capabilities of the caller and if file descriptor is used or
otherwise handed to another process it will check that current user has
necessary capabilities to use the socket. Hence we need to ensure we
have necessary capabilities when creating the socket and at the time we
use the socket.
See: http://www.spinics.net/lists/netdev/msg280198.htmlResolves: #1097684
quagga daemons don't remove pidfiles before exit. Previously it was done by
init script, now pidfiles stay around after daemon is stopped. If they are
referenced in service files systemd will remove them automatically after service
is stopped.
Also fix typo, there is no BindTo dependency, change to BindsTo.
rpm-checksec revealed that ospfd is not compiled as PIE. We enable
hardened build in specfile, this should not break anything and it should
take care of enabling security related compiler options.
We install tmpfiles configuration fragment and %{_tmpfilesdir} macro is
provided by systemd. Let's please this save and add systemd explicitly
as build requirement.
Previously with configuration WantedBy=network.target it could happen
that after enabling let's say zebra and bgpd and restarting the server
services won't be started. In case when no service pulls in
network.target quagga daemons won't start, because they are enabled
under network.target. This might be the case when only zebra is used
for configuring interfaces and other services like NM and initscripts
are disabled.
This commit also removes ordering dependency on syslog.target, since
this is redundant these days, because systemd-journald is early boot
service.
We should depend on /sbin/install-info instead of
/usr/sbin/install-info. Once usrmove is done properly we can change
it back.
Also we should claim ownership of directory %{_libdir}/quagga.
- Add babeld (Babel routing protocol daemon, RFC 6126)
- Use .tar.xz source distribution
- Drop all patches (included upstream)
- Move watchquagga to -sysvinit
(The systemd service files are now configured to automatically
restart any daemon on failure. If zebra fails, all running
daemons will be stopped; zebra will be started again; and then
the previously running daemons will be started again.)