[Openswan Users] Openswan doesn't starts because pluto is down

Jorge Jimenez jorge.jimenez at pross.com
Mon Jan 4 15:26:13 EST 2010


Hi Tuomo,

I try your patch but it ask me for a file, what file?



[root at pross-mon01 tmp]# patch < openswan.git-b451d26f471a5348fa8e2d16d74dace588825ae4.patch
(Stripping trailing CRs from patch.)
can't find file to patch at input line 15
Perhaps you should have used the -p or --strip option?
The text leading up to this was:
--------------------------
|From: Tuomo Soini <tis at foobar.fi>
|Date: Tue, 29 Dec 2009 23:16:15 +0000 (+0200)
|Subject: Remove extra sql: from NSS db directory name.
|X-Git-Url: http://git.openswan.org/cgi-bin/gitweb.cgi?p=openswan.git%2F.git;a=commitdiff_plain;h=b451d26f471a5348fa8e2d16d74dace588825ae4
|
|Remove extra sql: from NSS db directory name.
|
|Because of this extra sql: pluto couldn't open nss certificate database.
|---
|
|diff --git a/programs/pluto/plutomain.c b/programs/pluto/plutomain.c
|index 568ffdd..58686bd 100644
|--- a/programs/pluto/plutomain.c
|+++ b/programs/pluto/plutomain.c
--------------------------
File to patch:



Thanks and kind regards


¡Feliz Navidad y Prospero 2010!

Jorge Jiménez Miguélez
Avinguda Diagonal, 605 - 4ª Planta
08028 - Barcelona
Tel.: 902 01 35 34 - Móvil: 669 83 08 76
http://www.pross.com



-----Mensaje original-----
De: Tuomo Soini [mailto:tis at foobar.fi] 
Enviado el: lunes, 04 de enero de 2010 20:39
Para: Jorge Jimenez
CC: Ondrej Valousek; users at openswan.org
Asunto: Re: [Openswan Users] Openswan doesn't starts because pluto is down

Jorge Jimenez wrote:
> Hi Ondrej,
> 
> "certuil -H" isn't a valid option to certutil in my machine.
> I try:
> 
> [root at pross-mon01 ~]# certutil -K

certutil -K -d /etc/ipsec.d

> [root at pross-mon01 ~]# certutil -L

certutil -L -d /etc/ipsec.d

> /var/log/secure contains 3 lines when I try to start ipsec:
> 
> Jan  4 19:50:30 pross-mon01 ipsec__plutorun: Starting Pluto subsystem...
> Jan  4 19:50:30 pross-mon01 pluto[3035]: nss directory plutomain: 
> sql:/etc/ipsec.d

I just fixed this in git. NSS support had hardcoded requirement for latest NSPR/NSS than el5 has. Fix was to remove hardcoded sql: from nss directory path.

> Jan  4 19:50:30 pross-mon01 pluto[3035]: NSS initialization failed 
> (err -8174)

Try attached patch, it should fix your problem.

--
Tuomo Soini <tis at foobar.fi>
Foobar Linux services
+358 40 5240030
Foobar Oy <http://foobar.fi/>


More information about the Users mailing list