[Bug 856625] New: systemd fails to set IPsec keys
https://bugzilla.novell.com/show_bug.cgi?id=856625 https://bugzilla.novell.com/show_bug.cgi?id=856625#c0 Summary: systemd fails to set IPsec keys Classification: openSUSE Product: openSUSE 13.1 Version: Final Platform: All OS/Version: openSUSE 13.1 Status: NEW Severity: Normal Priority: P5 - None Component: Network AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: berny156@gmx.de QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:25.0) Gecko/20100101 Firefox/25.0 The file /usr/lib/systemd/system/racoon-setkey.service out of the package ipsec-tools lacks the line RemainAfterExit=yes in the section "[Service]". Without it the command `ExecStop` is executed, which immediately removes the IPsec keys. Maybe bug #840818 is related. Reproducible: Always Steps to Reproduce: 1. install ipsec-tools 2. use /etc/racoon/setkey.conf from RPM 3. `systemctl start racoon-setkey.service` 3. check loaded keys with `setkey -DP` Actual Results: No SPD entries. Expected Results: 127.0.0.0/8[any] 127.0.0.0/8[any] any in none created: Dec 21 01:58:56 2013 lastused: lifetime: 0(s) validtime: 0(s) spid=816 seq=1 pid=17456 refcnt=1 127.0.0.0/8[any] 127.0.0.0/8[any] any out none created: Dec 21 01:58:56 2013 lastused: lifetime: 0(s) validtime: 0(s) spid=809 seq=0 pid=17456 --- /usr/lib/systemd/system/racoon-setkey.service.orig 2013-12-21 02:00:23.564956252 +0100 +++ /usr/lib/systemd/system/racoon-setkey.service 2013-12-21 01:31:14.301033213 +0100 @@ -9,6 +9,7 @@ EnvironmentFile=-/etc/sysconfig/racoon ExecStart=/usr/sbin/setkey $SETKEY_OPTIONS -f /etc/racoon/setkey.conf ExecStop=/usr/sbin/setkey $SETKEY_FLUSH_OPTIONS +RemainAfterExit=yes [Install] WantedBy=multi-user.target -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=856625
https://bugzilla.novell.com/show_bug.cgi?id=856625#c
zhang jiajun
https://bugzilla.novell.com/show_bug.cgi?id=856625
https://bugzilla.novell.com/show_bug.cgi?id=856625#c3
--- Comment #3 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=856625
https://bugzilla.novell.com/show_bug.cgi?id=856625#c4
Benjamin Brunner
https://bugzilla.novell.com/show_bug.cgi?id=856625
https://bugzilla.novell.com/show_bug.cgi?id=856625#c5
--- Comment #5 from Bernhard Held
https://bugzilla.novell.com/show_bug.cgi?id=856625
https://bugzilla.novell.com/show_bug.cgi?id=856625#c6
--- Comment #6 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=856625
https://bugzilla.novell.com/show_bug.cgi?id=856625#c7
--- Comment #7 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=856625
https://bugzilla.novell.com/show_bug.cgi?id=856625#c8
--- Comment #8 from Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=856625
https://bugzilla.novell.com/show_bug.cgi?id=856625#c9
Jiri Bohac
participants (1)
-
bugzilla_noreply@novell.com