Date: Sun, 16 Feb 2003 17:17:23 +0100 (CET) From: Flemming Jacobsen <fj@batmule.dk> To: FreeBSD-gnats-submit@FreeBSD.org Subject: conf/48332: [PATCH] /etc/rc.d/ipsec has ipsec_file hardcoded, overriding rc.conf Message-ID: <200302161617.h1GGHNOq050237@prefect.unknown.dk>
next in thread | raw e-mail | index | archive | help
>Number: 48332
>Category: conf
>Synopsis: [PATCH] /etc/rc.d/ipsec has ipsec_file hardcoded, overriding rc.conf
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Feb 16 08:20:05 PST 2003
>Closed-Date:
>Last-Modified:
>Originator: Flemming Jacobsen <fj@batmule.dk>
>Release: FreeBSD 5.0-CURRENT i386
>Organization:
>Environment:
System: FreeBSD dent.unknown.dk 5.0-CURRENT FreeBSD 5.0-CURRENT #11: Sun Feb 9 20:36:00 CET 2003 fj@dent.unknown.dk:/usr/obj/usr/src/sys/DENT i386
>Description:
ipsec_file is set in /etc/defaults/rc.conf and (possibly) in
/etc/rc.conf. However /etc/rc.d/ipsec set it to /etc/ipsec.conf.
The attached patch moved this setting into the NetBSD section
(where I assume it is needed).
>How-To-Repeat:
Create a valid /etc/ipsec.conf file.
Set ipsec_enable="YES" in /etc/rc.conf
Reboot and observe that everything is behaving well.
Rename /etc/ipsec.conf to (i.e.) /etc/ipsec1.conf
Set ipsec_file="/etc/ipsec1.conf" in /etc/rc.conf
Reboot and observe the following error:
/etc/rc: WARNING: /etc/ipsec.conf not readable; ipsec start aborted.
ERROR: ABORTING BOOT((sending SIGTERM to parent)!
Enter full pathname of shell or RETURN for /bin/sh:
>Fix:
See attached patch.
--- ipsec.udiff begins here ---
--- ipsec.orig Sun Feb 16 16:29:22 2003
+++ ipsec Sun Feb 16 16:30:32 2003
@@ -15,8 +15,6 @@
name="ipsec"
rcvar=`set_rcvar`
-# This will be overiden from rc.conf on FreeBSD.
-ipsec_file="/etc/ipsec.conf"
start_precmd="ipsec_prestart"
start_cmd="ipsec_start"
stop_precmd="test -f /etc/ipsec.conf"
@@ -27,9 +25,11 @@
case ${OSTYPE} in
FreeBSD)
ipsec_program="/usr/sbin/setkey"
+ # ipsec_file is set by rc.conf
;;
NetBSD)
ipsec_program="/sbin/setkey"
+ ipsec_file="/etc/ipsec.conf"
;;
esac
--- ipsec.udiff ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200302161617.h1GGHNOq050237>