From owner-freebsd-current  Sun Jul 28  8:23: 0 2002
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 43F7337B41E; Sun, 28 Jul 2002 08:22:55 -0700 (PDT)
Received: from cheer.mahoroba.org (flets19-007.kamome.or.jp [218.45.19.7])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 5F40A43E42; Sun, 28 Jul 2002 08:22:53 -0700 (PDT)
	(envelope-from ume@mahoroba.org)
Received: from lyrics.mahoroba.org (IDENT:ReyNA5voUfeSfBC/bOaJt5O3c9+yBsv0FJI32ltyFENzhfMwsabuelWloq+hg7F5@lyrics-wi.mahoroba.org [IPv6:2001:200:301:0:202:2dff:fe41:8630])
	(user=ume mech=CRAM-MD5 bits=0)
	by cheer.mahoroba.org (8.12.5/8.12.5) with ESMTP/inet6 id g6SFMkB4000336
	(version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO);
	Mon, 29 Jul 2002 00:22:50 +0900 (JST)
	(envelope-from ume@mahoroba.org)
Date: Mon, 29 Jul 2002 00:22:46 +0900
Message-ID: <yge1y9nlvw9.wl@lyrics.mahoroba.org>
From: Hajimu UMEMOTO <ume@mahoroba.org>
To: gordon@FreeBSD.org
Cc: current@FreeBSD.org
Subject: location of setkey in /etc/rc.d/ipsec
User-Agent: Wanderlust/2.9.14 (Unchained Melody) SEMI/1.14.4 (Hosorogi)
 FLIM/1.14.3 (=?ISO-8859-4?Q?Unebigory=F2mae?=) APEL/10.3 Emacs/21.2
 (i386--freebsd) MULE/5.0 (=?ISO-2022-JP?B?GyRCOC1MWhsoQg==?=)
X-Operating-System: FreeBSD 5.0-CURRENT
MIME-Version: 1.0 (generated by SEMI 1.14.4 - "Hosorogi")
Content-Type: text/plain; charset=US-ASCII
X-Virus-Scanned: by AMaViS-perl11-milter (http://amavis.org/)
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG

Hi,

I found that setup of IPsec doesn't work correctly if you are using
/etc/rc.d/.  While NetBSD has setkey in /sbin, FreeBSD has it in
/usr/sbin.  However, the location is hardcoded in /etc/rc.d/ipsec.
Here is a patch.
It may be a time to consider to move setkey into /sbin as NetBSD did.

Sincerely,

--- etc/rc.d/ipsec.orig	Fri Jun 14 17:30:58 2002
+++ etc/rc.d/ipsec	Mon Jul 29 00:03:28 2002
@@ -45,7 +45,7 @@
 ipsec_start()
 {
 	echo "Installing ipsec manual keys/policies."
-	/sbin/setkey -f $ipsec_file
+	setkey -f $ipsec_file
 }
 
 ipsec_stop()
@@ -56,16 +56,16 @@
 	# it is very questionable to do this during shutdown session, since
 	# it can hang any of remaining IPv4/v6 session.
 	#
-	/sbin/setkey -F
-	/sbin/setkey -FP
+	setkey -F
+	setkey -FP
 }
 
 ipsec_reload()
 {
 	echo "Reloading ipsec manual keys/policies."
-	/sbin/setkey -F
-	/sbin/setkey -FP
-	/sbin/setkey -f "$ipsec_file"
+	setkey -F
+	setkey -FP
+	setkey -f "$ipsec_file"
 }
 
 load_rc_config $name


--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
ume@mahoroba.org  ume@bisd.hitachi.co.jp  ume@{,jp.}FreeBSD.org
http://www.imasy.org/~ume/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message