[Openswan dev] openswan init script (setup.in) related issues
avagarwa at redhat.com
Mon Oct 27 13:21:21 EDT 2008
During local testing of Openswan, we noticed couple of issues with the
init script (setup.in) which I am outlining below.
1. As It can be noticed that two temporary files
"/var/run/pluto/ipsec_setup.st" and "/var/run/pluto/ipsec_setup.out"
are being created during initialization of Openswan. The file
"/var/run/pluto/ipsec_setup.st" is being used just to restore a return
value, whereas "/var/run/pluto/ipsec_setup.out" is used to store some
output. I think both of these files are really not needed, as the same
functionality can be achieved without creating these files. Moreover the
way, these files are being created, conflicts with selinux policies,
which is captured in the redhat bugzilla 466861. So omitting these
files also avoids conflicts with selinux policies.
2. "/etc/init.d/ipsec version" command does not output any version
number, even though I found that the "--version" option is there in the
3. Similarly, I found that "/etc/init.d/ipsec help" does not work.
4. Another thing is that we feel that the organization of the init
script could be improved so that It becomes much more easy to handle
with and also much more readable.
I have attached a patch with this email, which addresses the above
issues. I have tested it locally and it seems to be working fine.
I would be very happy to know your views.
Thanks and Regards
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
More information about the Dev