[Openswan Users] "/usr/local/sbin/ipsec setup --start" doesn't return the prompt on Ubuntu 9.10 when complied from source.

phearnomore phearnomore at gmail.com
Wed Dec 9 12:39:47 EST 2009

2009/12/9 Paul Wouters <paul at xelerance.com>:
> On Wed, 9 Dec 2009, phearnomore wrote:
>> I have two versions of Openswan installed on my fresh Ubuntu 9.10 system:
>> assiduus at ubuntu:~$ /usr/local/sbin/ipsec --version
>> Linux Openswan U2.6.23/K2.6.31-14-generic-pae (netkey)
>> See `ipsec --copyright' for copyright information.
>> Now the problem: when I run the first version of the program I don't
>> get the prompt back while ^C doesn't seem to cancel Openswan's
>> operation:
> This is a known bug with /bin/dash. It has been reported to the dash
> maintainer (Herbert Xu), but I have not seen a bugfix for this yet.
> A workaround has been commit, see a4f8195028a3d293ce1b9fcdb2dda3f7495337cc
> shown below. Another workaround (a better one in my opinion) is to link
> /bin/sh back to /bin/bash on your ubuntu/debian system.

When you mention it now I must say I did read about it somewhere along
the way it but I must have been already too tired to try something
else to fix the problem (I even had a different kernel installed,
that's how deseperate I got:).

> diff --git a/programs/_plutorun/_plutorun.in
> b/programs/_plutorun/_plutorun.in
> index d2bef7f..ec27b09 100755
> --- a/programs/_plutorun/_plutorun.in
> +++ b/programs/_plutorun/_plutorun.in
> @@ -222,6 +222,19 @@ then
>        exit 0
>  fi
> +# Work around problem with broken shells (e.g. Busybox sh).
> +# We are called with stdout & stderr going to a logger process started
> +# by "ipsec setup". For some reason, when the below loop runs with
> +# stdout & stderr redirected to a new logger, the pipe to the old logger
> +# is leaked through to _plutorun as file descriptor 11, and the old
> +# logger (and "ipsec setup") can never exit. By closing fds 1 & 2
> +# before they can be dup'd to 11, we somehow avoid the problem.
> +# This problem may also apply to Ubuntu's dash shell
> +# (http://archives.free.net.ph/message/20090803.221025.1b0ebafd.en.html)
> +# but the workaround has not been tested there.
> +exec 1>/dev/null
> +exec 2>/dev/null
> +
>  until (
>        if test -s $info
>        then
> Paul

Thanks for a lightspeed answer. Too be honset I've never used this
kind of communication (mailing lists as a traditional communication
fan - face2face, telephone:) so I'm not sure I should be starting a
new (discussed here some time ago I think) topic meaning xmlto - I
mean the fact that in order to install openswan from source (which I'm
also a fan of) along with the man pages you have to have it installed
which is, well, unpleasant since then Ubuntu forces you to install
dozens of other packages (more than 200 megabytes). I guess you could
exlude some of them but that's just another set of commands and a
possibility of ruining the whole process after all. Installing xmlto
manually isn't cool either (too be honest I gave up after 30 minutes)
cause it depends on other packages which depend on other packages and
so on. So as not to say too much in this thread: is there an option
*not* to install the man pages? Because I couldn't find anywhere and
AFAIR you did comment on someone else's sorrow concerning xmlto saying
that you'd add such an option in a future release. ;)



More information about the Users mailing list