[Openswan Users] Openswan and RHEL 3 error xfrm_user module

Nicole Hähnel nicole.haehnel at epost.de
Mon Jun 28 14:32:19 CEST 2004


Hi,

Paul Wouters wrote:
> On Mon, 28 Jun 2004, Graham Leggett wrote:
> 
> 
>>>We need CONFIG_XFRM_USER. This can be build into the kernel or as module.
>>>Since I know of no way to detect wether we actually have it either loaded
>>>or inline, we just modprobe it and hope for the best.
>>
>>Is it possible to log a warning message that the requirement is not 
>>loaded, and that the config is broken and needs to be fixed before 
>>freeswan will work?
> 
> 
> No, because I have no way of knowing wether the requirement is met. The
> only thing I could possibly detect is if it is a module and it is loaded.
>  
> 
>>>So for now, check your .config file to see if it is inline. If it is not part
>>>of the kernel, build the module or rebuild the kernel. If it is part of the
>>>kernel, ignore the modprobe warning.
> 
> 
> Install the kernel-source rpm and check the /usr/src/linux-version/configs
> directory.
it seems to me, the redhat kernels include it by default:

[root at VPN configs]# grep XFRM /usr/src/linux-2.4.21-15.0.2.EL/configs/*
/usr/src/linux-2.4.21-15.0.2.EL/configs/kernel-2.4.21-athlon.config:CONFIG_XFRM_USER=y
/usr/src/linux-2.4.21-15.0.2.EL/configs/kernel-2.4.21-athlon-smp.config:CONFIG_XFRM_USER=y
/usr/src/linux-2.4.21-15.0.2.EL/configs/kernel-2.4.21-i386-BOOT.config:# 
CONFIG_XFRM_USER is not set
/usr/src/linux-2.4.21-15.0.2.EL/configs/kernel-2.4.21-i386-BOOT.config:# 
CONFIG_XFRM_USER is not set
/usr/src/linux-2.4.21-15.0.2.EL/configs/kernel-2.4.21-i386.config:CONFIG_XFRM_USER=y
/usr/src/linux-2.4.21-15.0.2.EL/configs/kernel-2.4.21-i586.config:CONFIG_XFRM_USER=y
/usr/src/linux-2.4.21-15.0.2.EL/configs/kernel-2.4.21-i586-smp.config:CONFIG_XFRM_USER=y
/usr/src/linux-2.4.21-15.0.2.EL/configs/kernel-2.4.21-i686.config:CONFIG_XFRM_USER=y
/usr/src/linux-2.4.21-15.0.2.EL/configs/kernel-2.4.21-i686-hugemem.config:CONFIG_XFRM_USER=y
/usr/src/linux-2.4.21-15.0.2.EL/configs/kernel-2.4.21-i686-smp.config:CONFIG_XFRM_USER=y
/usr/src/linux-2.4.21-15.0.2.EL/configs/kernel-2.4.21-ia32e.config:CONFIG_XFRM_USER=y
/usr/src/linux-2.4.21-15.0.2.EL/configs/kernel-2.4.21-ia64.config:CONFIG_XFRM_USER=y
/usr/src/linux-2.4.21-15.0.2.EL/configs/kernel-2.4.21-ppc64.config:CONFIG_XFRM_USER=y
/usr/src/linux-2.4.21-15.0.2.EL/configs/kernel-2.4.21-ppc64iseries.config:CONFIG_XFRM_USER=y
/usr/src/linux-2.4.21-15.0.2.EL/configs/kernel-2.4.21-ppc64pseries.config:CONFIG_XFRM_USER=y
/usr/src/linux-2.4.21-15.0.2.EL/configs/kernel-2.4.21-s390.config:CONFIG_XFRM_USER=y
/usr/src/linux-2.4.21-15.0.2.EL/configs/kernel-2.4.21-s390x.config:CONFIG_XFRM_USER=y
/usr/src/linux-2.4.21-15.0.2.EL/configs/kernel-2.4.21-x86_64.config:CONFIG_XFRM_USER=y
/usr/src/linux-2.4.21-15.0.2.EL/configs/kernel-2.4.21-x86_64-smp.config:CONFIG_XFRM_USER=y

Either openswan cannot use it, or the configs include it, but the kernel 
was not compiled with it by mistake of redhat?
Is there a way to check if running kernel provides the function?
But the log continues with errors:

Jun 28 10:35:29 VPN ipsec_setup: Starting Openswan IPsec 
U2.1.2/K2.4.21-15.0.2.EL...
Jun 28 10:35:29 VPN ipsec_setup: modprobe: Can't locate module xfrm_user
Jun 28 10:35:29 VPN ipsec_setup: KLIPS ipsec0 on ppp0 
xx.xx.xx.xx/255.255.255.255 pointopoint xx.xx.xx.xx
Jun 28 10:35:29 VPN ipsec_setup: ...Openswan IPsec started
Jun 28 10:35:29 VPN modprobe: modprobe: Can't locate module ripemd160
Jun 28 10:35:30 VPN modprobe: modprobe: Can't locate module cast128
Jun 28 10:35:30 VPN modprobe: modprobe: Can't locate module lzs
Jun 28 10:35:30 VPN modprobe: modprobe: Can't locate module lzjh
Jun 28 10:35:30 VPN modprobe: modprobe: Can't locate module ripemd160
Jun 28 10:35:30 VPN modprobe: modprobe: Can't locate module cast128
Jun 28 10:35:30 VPN modprobe: modprobe: Can't locate module lzs
Jun 28 10:35:30 VPN modprobe: modprobe: Can't locate module lzjh
Jun 28 10:35:30 VPN modprobe: modprobe: Can't locate module ripemd160
Jun 28 10:35:30 VPN modprobe: modprobe: Can't locate module cast128
Jun 28 10:35:30 VPN modprobe: modprobe: Can't locate module lzs
Jun 28 10:35:30 VPN modprobe: modprobe: Can't locate module lzjh

Thank you
Nicole


More information about the Users mailing list