Bug 1608353

Summary: /usr/sbin/ipsec part of the libreswan packages still invokes commands that were deprecated a decade ago
Product: Red Hat Enterprise Linux 8 Reporter: manuel wolfshant <manuel.wolfshant>
Component: libreswanAssignee: Paul Wouters <pwouters>
Status: CLOSED ERRATA QA Contact: Jaroslav Aster <jaster>
Severity: low Docs Contact:
Priority: low    
Version: 8.1CC: jaster, tis
Target Milestone: rcFlags: pm-rhel: mirror+
Target Release: 8.1   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-11-05 20:59:01 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1682518    
Bug Blocks:    

Description manuel wolfshant 2018-07-25 11:12:46 UTC 
Description of problem:
the command ipsec barf invokes, among other commands, mii-tool, netstat and ifconfig. These commands are no longer installed by default as they were deprecated and replaced by  ethtool, ss and ip

Version-Release number of selected component (if applicable):
libreswan-3.23-5.el7_5.x86_64

How reproducible:
always

Steps to Reproduce:
1. run ipsec barf


Actual results:
+ netstat -nr
+ head -n 100
/usr/libexec/ipsec/barf: line 158: netstat: command not found

+ ifconfig -a
/usr/libexec/ipsec/barf: line 220: ifconfig: command not found

+ mii-tool -v                                                        
/usr/libexec/ipsec/barf: line 237: mii-tool: command not found      


Expected results:
The above mentioned commands should be replaced by their modern equivalents ( ss, ip a l, ethtool )


Additional info:
The issue is mostly cosmetic but patching /usr/libexec/ipsec/barf is really trivial
Comment 2 Paul Wouters 2018-11-12 10:37:10 UTC 
Agreed those should be removed.

Note it is mostly cosmetic, as the modern equivalents (ip route list and ip addr show) are also included in the barf output. The way upstream uses this is that if one or the other is available, useful diagnostics are produced by barf.

I do agree that use of ifconfig and netstat can now be removed from ipsec barf

it does seem no ethtool equivalent for mii-tool has been added, which should be fixed.
Comment 3 Paul Wouters 2018-12-12 04:52:08 UTC 
this has been fixed in upstream 3.28 and will come into rhel8 via rebase
Comment 7 errata-xmlrpc 2019-11-05 20:59:01 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2019:3391