| Summary: | reload / reload-or-try-restart does not work for ipsec.service | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Petr Sklenar <psklenar> |
| Component: | libreswan | Assignee: | Paul Wouters <pwouters> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Aleš Mareček <amarecek> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 7.0 | Keywords: | Regression |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2014-06-13 09:20:01 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
This request was resolved in Red Hat Enterprise Linux 7.0. Contact your manager or support representative in case you have further questions about the request. |
Description of problem: reload / reload-or-try-restart does not work for ipsec.service Version-Release number of selected component (if applicable): libreswan-3.5-2.el7.x86_64 kernel-3.10.0-33.el7.x86_64 selinux-policy-3.12.1-95.el7.noarch systemd-207-4.el7.x86_64 How reproducible: always Steps to Reproduce: 1, reload / reload-or-try-restart does not work for ipsec service: [root@ibm-x3650m4-01-vm-09 ~]# systemctl reload-or-try-restart ipsec.service Job for ipsec.service failed. See 'systemctl status ipsec.service' and 'journalctl -xn' for details. [root@ibm-x3650m4-01-vm-09 ~]# systemctl status ipsec.service ipsec.service - Internet Key Exchange (IKE) Protocol Daemon for IPsec Loaded: loaded (/usr/lib/systemd/system/ipsec.service; disabled) Active: active (running) (Result: exit-code) since Tue 2013-11-05 02:37:16 EST; 24s ago Process: 5339 ExecReload=/usr/sbin/ipsec whack --listen (code=exited, status=3) Process: 5240 ExecStartPre=/usr/libexec/ipsec/_stackmanager start (code=exited, status=0/SUCCESS) Process: 5237 ExecStartPre=/usr/sbin/ipsec addconn --config /etc/ipsec.conf --checkconfig (code=exited, status=0/SUCCESS) Main PID: 5304 (sh) CGroup: /system.slice/ipsec.service ├─5304 /bin/sh -c eval `/usr/libexec/ipsec/pluto --config /etc/ipsec.conf --nofork $PLUTO_OPTIONS` ├─5306 /bin/sh -c eval `/usr/libexec/ipsec/pluto --config /etc/ipsec.conf --nofork $PLUTO_OPTIONS` ├─5307 /usr/libexec/ipsec/pluto --config /etc/ipsec.conf --nofork └─5333 _pluto_adns Nov 05 02:37:16 ibm-x3650m4-01-vm-09.lab.eng.bos.redhat.com pluto[5307]: no secrets filename matched "/etc/ipsec.d/*.secrets" Nov 05 02:37:31 ibm-x3650m4-01-vm-09.lab.eng.bos.redhat.com systemd[1]: Reloading Internet Key Exchange (IKE) Protocol Daemon for IPsec. Nov 05 02:37:31 ibm-x3650m4-01-vm-09.lab.eng.bos.redhat.com pluto[5307]: listening for IKE messages Nov 05 02:37:31 ibm-x3650m4-01-vm-09.lab.eng.bos.redhat.com pluto[5307]: loading secrets from "/etc/ipsec.secrets" Nov 05 02:37:31 ibm-x3650m4-01-vm-09.lab.eng.bos.redhat.com pluto[5307]: no secrets filename matched "/etc/ipsec.d/*.secrets" Nov 05 02:37:31 ibm-x3650m4-01-vm-09.lab.eng.bos.redhat.com ipsec[5339]: 002 listening for IKE messages Nov 05 02:37:31 ibm-x3650m4-01-vm-09.lab.eng.bos.redhat.com ipsec[5339]: 002 loading secrets from "/etc/ipsec.secrets" Nov 05 02:37:31 ibm-x3650m4-01-vm-09.lab.eng.bos.redhat.com ipsec[5339]: 003 no secrets filename matched "/etc/ipsec.d/*.secrets" Nov 05 02:37:31 ibm-x3650m4-01-vm-09.lab.eng.bos.redhat.com systemd[1]: ipsec.service: control process exited, code=exited status=3 Nov 05 02:37:31 ibm-x3650m4-01-vm-09.lab.eng.bos.redhat.com systemd[1]: Reload failed for Internet Key Exchange (IKE) Protocol Dae...sec. Hint: Some lines were ellipsized, use -l to show in full. Actual results: reload / reload-or-try-restart does not work for ipsec service: Expected results: it works as in the past with openswan Additional info: