Description of problem: When trying to use strongswan's built in commands to manage a certificate authority, a file not found error is thrown. [root ~]# strongswan pki --gen --outform pem > /etc/pki/tls/private/caKey.pem /usr/sbin/strongswan: line 319: /usr/bin/pki: No such file or directory /usr/sbin/strongswan: line 319: exec: /usr/bin/pki: cannot execute: No such file or directory [root ~]# Version-Release number of selected component (if applicable): strongswan.x86_64 5.1.1-4.el6 @epel strongswan-tnc-imcvs.x86_64 5.1.1-4.el6 @epel How reproducible: Always Steps to Reproduce: 1. Install strongswan package from EPEL repository 2. Run: strongswan pki --gen --outform pem Actual results: File not found Error Message Expected results: PEM format certificate output Additional info: I downloaded the source RPM and unpackaged it. The spec file shows the /usr/sbin/pki file is being renamed to strongswan-pki on lines 159-160. 159 #rename /usr/bin/pki to avoid conflict with pki-core/pki-tools 160 mv %{buildroot}%{_bindir}/pki %{buildroot}%{_bindir}/%{name}-pki It seems a patch is needed for the strongswan source to tell it the pki tools new name.
This bug is filed for EPEL7. However, you seem to be using EPEL6 packages. I'd assume the EPEL7 was a mistake.
Created attachment 867683 [details] Changes name of pki tool to strongswan-pki Attached patch should fix the file not found issue for the renaming of the strongSwan pki tool from pki to strongswan-pki.
I believe the fix from Avesh (in dist-git master) will work.
strongswan-5.1.2-2.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/strongswan-5.1.2-2.el6
Package strongswan-5.1.2-2.el6: * should fix your issue, * was pushed to the Fedora EPEL 6 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=epel-testing strongswan-5.1.2-2.el6' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0881/strongswan-5.1.2-2.el6 then log in and leave karma (feedback).
Package strongswan-5.1.2-3.el6: * should fix your issue, * was pushed to the Fedora EPEL 6 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=epel-testing strongswan-5.1.2-3.el6' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0881/strongswan-5.1.2-3.el6 then log in and leave karma (feedback).
Still broken in -3. /usr/sbin/strongswan: IPSEC_BINDIR="/usr/bin" ... exec $IPSEC_BINDIR/pki "$@"
Updated the patch, posted upstream: http://wiki.strongswan.org/issues/552
5.1.2-4.el6 fixes this for me. Thanks for the quick update :)
(In reply to Andreas Bierfert from comment #9) > 5.1.2-4.el6 fixes this for me. Thanks for the quick update :) I owe you big thanks for taking over the whole testing! Cheers, Pavel
strongswan-5.1.2-4.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.