[Openswan Users] - Building module saga (was: kernel panic )
Paul Wouters
paul at xelerance.com
Mon Mar 14 11:23:12 CET 2005
On Thu, 10 Mar 2005 mcr at xelerance.com wrote:
> Paul> yes, unloading klips causes this failure. I thought we removed
> Paul> unloading the module from cvs. Are you running a fresh cvs
> Paul> checkout or could this tree be a few weeks old?
>
> No, we did not remove unloading. It works relatively fine on 2.4.
> Unloading on 2.6 may not work. Neither I nor Linus recommends enabling
> module unloading on 2.6.
We did: from _realsetup:
#lsmod 2>&1 | grep "^ipsec" > /dev/null && rmmod ipsec'
There were various reasons for this change
1 rmmod'ing ipsec on 2.6 kernels causes a kernel panic
2 removing ipsec causes confusion at the next start as to which kernel
stack to use, since any trace of a preloaded klips stack has vanished.
This was causing some people to spontaniously which to NETKEY after an
openswan restart.
3 module removing might not be fully supported by Linus and kernel developers
We could test for '2.4 and klips and no netkey installed' and then remove
klips, but it seems rather silly to only leave it in for that case.
A testcase should be written to ensure restarting without a rmmod/modprobe of
klips does not leave a lingering state around.
Paul
Paul
More information about the Users
mailing list