[Openswan Users] pluto does not start with Kernel 2.6.25

Roger Schreiter roger at planinternet.de
Thu Nov 6 10:56:34 EST 2008 

Hi,

I'm running on serveral machines Suse-Linux-10.2.
I've now installed OpenSwan 2.6.18.

On a machine with SuSE installed kernel 2.6.18.2-34-default
    /etc/init.d/ipsec start
starts fine.
Unfortunately this is not the machine, where I want to use ipsec.

On an embedded machine, running also SuSE-Linux-10.2, but with a
kernel compiled by myself, version 2.6.25.4, OpenSwan 2.6.18
does not start.
Ipsec support is included in the kerel.

When calling /etc/init.d/ipsec start, I get:
    ipsec_setup: Starting Openswan IPsec U2.6.18/K2.6.25.4...
    ipsec_setup: Command line is not complete. Try option "help"

In both cases, I used for this test the preinstalled sample
config files.

I already tried to figure out, where I could add the option "help",
successless.
Furthermore I do not find any log data.

/var/run/pluto contains then this:
    -rw-r--r-- 1 root root 79 Nov  6 16:47 ipsec.info
    -rw-r--r-- 1 root root 27 Nov  6 16:48 ipsec_setup.out
    -rw-r--r-- 1 root root  5 Nov  6 16:47 ipsec_setup.pid
    srwxrwxrwx 1 root root  0 Nov  6 16:47 pluto.info

Imho, the lack of pluto.ctl is a sign, that pluto did not start
properly.

Furthermore I can see, that _plutorun is started and restarted
again and again (which makes it hard to kill, since PID is constantly
increasing.)

    ps aux | grep pluto
    root      2655  0.0  0.1   2892   540 pts/0    S    16:49   0:00
      /bin/sh /usr/local/lib/ipsec/_plutorun --re --debug  --uniqueids
      yes --force_busy no --nocrsend no --strictcrlpolicy no
      --nat_traversal yes --keep_alive  --protostack netkey
      --force_keepalive  --disable_port_floating no --virtual_private
      --crlcheckinterval 0 --ocspuri  --nhelpers  --dump  --opts
      --stderrlog  --wait no --pre  --post  --log daemon.error
      --plutorestartoncrash true --pid /var/run/pluto/pluto.pid
    root      2749 11.0  0.2   2892  1348 pts/0    S    16:49   0:00
      /bin/sh /usr/local/lib/ipsec/_startnetkey --info
      /var/run/pluto/ipsec.info --debug  --omtu  --fragicmp yes --hidetos
      yes --log daemon.error %defaultroute

Any hint, what's going wrong?
How can I resolv the problem?

Regards,
Roger Schreiter.

More information about the Users mailing list