[Openswan Users] endless loop pluto keeps crashing and trying to restart
brian at daviesinc.com
Mon Mar 10 18:25:27 EDT 2008
root at tom:~# gdb --core=/tmp/core
GNU gdb 6.7.1-debian
Copyright (C) 2007 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu".
(no debugging symbols found)
Using host libthread_db library "/lib/libthread_db.so.1".
Core was generated by `/usr/lib/ipsec/pluto --nofork --secretsfile
/etc/ipsec.secrets --ipsecdir /etc/'.
Program terminated with signal 6, Aborted.
#0 0xb7d81f06 in ?? ()
I actually got a little bit further- initially I couldnt even get a key
generated, til I read something about /dev/random, so then I was able to
generate a new key on this (idle, but production) server, and on another
terminal just tailed the syslog while it looped.
Also figured out how to kill all the processes so it would stop filling
up syslog (bit crude, IMO but it worked- /etc/init.d/ipsec stop;killall
-9 _plutorun; )
The machine that has the problem - this is what I was getting after
making a kernel module change, so I think it's a little bit closer, but
still isnt there yet:
Mar 10 14:52:09 tom ipsec__plutorun: !pluto failure!: exited with error
status 134 (signal 6)
Mar 10 14:52:09 tom ipsec__plutorun: restarting IPsec after pause...
Mar 10 14:52:19 tom ipsec_setup: ...Openswan IPsec stopped
Mar 10 14:52:19 tom ipsec_setup: Stopping Openswan IPsec...
Mar 10 14:52:19 tom ipsec_setup: Removing orphaned /var/run/pluto/pluto.pid:
Mar 10 14:52:19 tom ipsec_setup: NETKEY on eth0
188.8.131.52/255.255.255.0 broadcast 184.108.40.206
Mar 10 14:52:19 tom ipsec_setup: ...Openswan IPsec started
Mar 10 14:52:19 tom ipsec_setup: Restarting Openswan IPsec
Mar 10 14:52:20 tom ipsec__plutorun: whack: read() failed (104
Connection reset by peer)
Mar 10 14:52:20 tom ipsec__plutorun: /usr/lib/ipsec/_plutorun: line 237:
4475 Aborted (core dumped) /usr/lib/ipsec/pluto
--nofork --secretsfile /etc/ipsec.secrets --ipsecdir /etc/ipsec.d
--use-auto --uniqueids --nat_traversal --nhelpers 0
Mar 10 14:52:20 tom ipsec__plutorun: !pluto failure!: exited with error
status 134 (signal 6)
Ive tried looking up the connection reset by peer part, and get the
impression this is caused from the abort , so the last line- exited with
error status 134 (signal 6)
I havent figured out what that means yet, I'm still reading the source
code trying to see what generates that status code, hopefully this
information will help pinpoint the issue or at least get us in the right
- Thanks for the help so far.. definitely an interesting challenge :)
Paul Wouters wrote:
> On Mon, 10 Mar 2008, Brian Gustin wrote:
>> Mar 10 12:28:23 tom ipsec__plutorun: restarting IPsec after pause...
>> Linux Openswan U2.4.8/K220.127.116.11 (netkey)
> We have not even looked at 2.6.24 yet. If any XFRM or CryptoAPI code
> changed, that might be the reason.
> Add dumpdir=/tmp to config setup and check the core in /tmp/ with
> gdb to give us more information.
More information about the Users