Bug 148950 - racoon unable to start with stale socket /tmp/.racoon
Summary: racoon unable to start with stale socket /tmp/.racoon
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: ipsec-tools (Show other bugs)
(Show other bugs)
Version: 3.0
Hardware: All Linux
medium
medium
Target Milestone: ---
Assignee: Bill Nottingham
QA Contact:
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-02-17 07:26 UTC by Milan Kerslager
Modified: 2014-03-17 02:52 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-03-23 10:10:30 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2005:232 normal SHIPPED_LIVE Moderate: ipsec-tools security update 2005-03-23 05:00:00 UTC

Description Milan Kerslager 2005-02-17 07:26:54 UTC
When restarting IPsec connection racoon give up if stale socket file
/tmp/.racoon exists. This prevent IPsec to work after unexpected racoon die
(racoon crash, server crash, sigkill when machine went down and racoon did not
exit via sigterm etc).

The ifup-ipsec script should check for stale socket and remove it if no racoon
copy is running or racoon should handle this issue by itself.

This arised after http://rhn.redhat.com/errata/RHBA-2004-513.html (bug #129611)

Comment 1 Uwe Beck 2005-03-12 23:35:29 UTC
This is a problem in ipsec-tools-0.2.5-0.6 (RHEL3) and also in
ipsec-tools-0.3.3-5.6 (RHEL4) which use the /tmp/.racoon socket file
(I test for socket and remove it before racoon starts). The better way
should be that racoon handle it by itself.

The ipsec-tools-0.5-1.RHEL4 do not have this problem, but use now the
/var/racoon/racoon.sock socket file. I see it during test of
ipsec-tools-0.5-1.RHEL4 in #145424.


Comment 2 Bill Nottingham 2005-03-14 17:22:59 UTC
It *should* be fixed in 0.3.3-5.6.

Comment 3 Mark J. Cox 2005-03-23 10:10:30 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2005-232.html



Note You need to log in before you can comment on or make changes to this bug.