Hide Forgot
The same issue on rhel-7. libreswan-3.15-5.el7_1.x86_64 +++ This bug was initially created as a clone of Bug #1313816 +++ Description of problem: Pluto crashes with --ctlbase option. It appears only on x86_64. Version-Release number of selected component (if applicable): How reproducible: mostly, but not 100% Steps to Reproduce: # yum install -y libreswan # rm -rf /etc/ipsec.d/*.db /etc/ipsec.d/pkcs11.txt # mkdir /tmp/pluto # ipsec initnss Initializing NSS database See 'man pluto' if you want to protect the NSS database with a password # ipsec pluto --ctlbase /tmp/pluto # dmesg | grep pluto | grep segfault pluto[11944]: segfault at 0 ip 00007f79c6069d36 sp 00007fff2379fdf0 error 4 in pluto[7f79c6002000+10a000] Actual results: Pluto crashes. Expected results: Pluto does not crash. Additional info:
This is fixed in 3.23. pluto no longer crashes and shuts down cleanly because there is no valid nss db in /tmp/pluto. The logs show: Pluto initialized Feb 8 10:41:42.466182: FIPS Product: NO Feb 8 10:41:42.466342: FIPS Kernel: NO Feb 8 10:41:42.466445: FIPS Mode: NO Feb 8 10:41:42.466551: NSS DB directory: sql:/etc/ipsec.d Feb 8 10:41:42.466782: Initializing NSS Feb 8 10:41:42.466871: Opening NSS database "sql:/etc/ipsec.d" read-only Feb 8 10:41:42.500884: Initialization of NSS with read-only database "sql:/etc/ipsec.d" failed (-8174) Feb 8 10:41:42.501006: FATAL: NSS initialization failure