From owner-freebsd-bugs@FreeBSD.ORG Tue Dec 26 00:04:38 2006 Return-Path: X-Original-To: freebsd-bugs@FreeBSD.org Delivered-To: freebsd-bugs@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C53F016A412; Tue, 26 Dec 2006 00:04:38 +0000 (UTC) (envelope-from ken@kdmd.net) Received: from amethyst.kdmd.net (amethyst.servers.class.csupomona.edu [134.71.213.151]) by mx1.freebsd.org (Postfix) with ESMTP id A3B8C13C479; Tue, 26 Dec 2006 00:04:38 +0000 (UTC) (envelope-from ken@kdmd.net) Received: from localhost (unknown [127.0.0.1]) by amethyst.kdmd.net (Postfix) with ESMTP id A748A1537A8; Mon, 25 Dec 2006 15:44:54 -0800 (PST) Received: from amethyst.kdmd.net ([127.0.0.1]) by localhost (amethyst.kdmd.net [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 36872-13; Mon, 25 Dec 2006 15:44:49 -0800 (PST) Received: from mercury.kdmd.net (mercury-internal.kdmd.net [10.253.1.2]) by amethyst.kdmd.net (Postfix) with ESMTP id 88D1B1536C3; Mon, 25 Dec 2006 15:44:49 -0800 (PST) Received: from localhost (localhost.kdmd.net [127.0.0.1]) by mercury.kdmd.net (Postfix) with ESMTP id BE43679D968; Mon, 25 Dec 2006 16:44:44 -0700 (MST) Received: from mercury.kdmd.net ([127.0.0.1]) by localhost (mercury.kdmd.net [127.0.0.1]) (amavisd-new, port 10024) with LMTP id EOA7m8YF4gSo; Mon, 25 Dec 2006 16:44:44 -0700 (MST) Received: from [10.253.1.13] (herman.kdmd.net [10.253.1.13]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mercury.kdmd.net (Postfix) with ESMTP id 5F0B879D967; Mon, 25 Dec 2006 16:44:43 -0700 (MST) Message-ID: <45906265.9090409@kdmd.net> Date: Mon, 25 Dec 2006 16:44:37 -0700 From: Ken Diliberto Organization: KDMD Networks, LLC User-Agent: Thunderbird 1.5.0.9 (Windows/20061207) MIME-Version: 1.0 To: Remko Lodder References: <200612251433.kBPEXKvY059508@freefall.freebsd.org> In-Reply-To: <200612251433.kBPEXKvY059508@freefall.freebsd.org> X-Enigmail-Version: 0.94.1.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at kdmd.net Cc: freebsd-bugs@FreeBSD.org Subject: Re: kern/87107: Boot process will not complete with IPSEC enabled and no ipsec.conf file X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: ken@kdmd.net List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Dec 2006 00:04:38 -0000 I just tested this under FreeBSD 6.2 RC1 and confirmed the problem. /etc/rc.conf: ipsec_enable="YES" /etc/ipsec.conf does not exist. Reboot. The console shows an error and asks for a shell to load. Comment out the ipsec_enable line and the system boots normally. Sorry, no logs to include. :-( If you're working on a box locally, you can fix the boot problem. If it's a remote box, you're in trouble until someone can visit it. Ken Remko Lodder wrote: > Synopsis: Boot process will not complete with IPSEC enabled and no ipsec.conf file > > State-Changed-From-To: open->closed > State-Changed-By: remko > State-Changed-When: Mon Dec 25 14:31:45 UTC 2006 > State-Changed-Why: > This is not true, data will just not be encrypted if the ipsec.conf is not > there (since the gw does not know the encryption domain of the remote host > so to say). You probably had an " too much somewhere, causing a broken /etc/rc.conf > which results in the behaviour you are seeing. > > Since i am fairly confident this is the case i will close the PR. If I am wrong > (yes ofcourse I can be wrong ;-)) please poke me and I will look together with the > submitter how we can resolve this. > > > Responsible-Changed-From-To: freebsd-bugs->remko > Responsible-Changed-By: remko > Responsible-Changed-When: Mon Dec 25 14:31:45 UTC 2006 > Responsible-Changed-Why: > grab the PR to get the feedback. > > http://www.freebsd.org/cgi/query-pr.cgi?pr=87107