ports/91317: ports/security/ipsec-tools enables itself at startup
VANHULLEBUS Yvan
vanhu at netasq.com
Thu Jan 5 08:33:01 UTC 2006
Hi.
The problem is in fact a little bit more complex.
First, the test is not logic:
We have to load /etc/rc.subr (so include rc.conf) then do the test, or
directly do the racoon_enable affectation then include rc.subr, so
rc.conf will eventually overwrite racoon_enable.
Second, this change will impact actual ipsec-tools users, which were
probably quite all happy with a self-enabling daemon, and which may
won't understand why racoon is not starting anymore !
They will probably have to add racoon_enable="YES" in their
/etc/rc.conf.
Third, there may be a misunderstanding between racoon_enable (used in
racoon.sh) and ike_* values in /etc/defaults/rc.conf.
And last, but not least, ipsec-tools's versions of setkey/libipsec are
really NOT the same as system's versions, so we cannot just "remove
them and use the system's versions", we are currently working on a
clean solution with some system's developpers.
Yvan.
--
NETASQ - Secure Internet Connectivity
http://www.netasq.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3393 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs/attachments/20060105/5252b58e/attachment.bin>
More information about the freebsd-ports-bugs
mailing list