Bug 148950 - racoon unable to start with stale socket /tmp/.racoon
racoon unable to start with stale socket /tmp/.racoon
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: ipsec-tools (Show other bugs)
3.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Bill Nottingham
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-02-17 02:26 EST by Milan Kerslager
Modified: 2014-03-16 22:52 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-03-23 05:10:30 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Milan Kerslager 2005-02-17 02:26:54 EST
When restarting IPsec connection racoon give up if stale socket file
/tmp/.racoon exists. This prevent IPsec to work after unexpected racoon die
(racoon crash, server crash, sigkill when machine went down and racoon did not
exit via sigterm etc).

The ifup-ipsec script should check for stale socket and remove it if no racoon
copy is running or racoon should handle this issue by itself.

This arised after http://rhn.redhat.com/errata/RHBA-2004-513.html (bug #129611)
Comment 1 Uwe Beck 2005-03-12 18:35:29 EST
This is a problem in ipsec-tools-0.2.5-0.6 (RHEL3) and also in
ipsec-tools-0.3.3-5.6 (RHEL4) which use the /tmp/.racoon socket file
(I test for socket and remove it before racoon starts). The better way
should be that racoon handle it by itself.

The ipsec-tools-0.5-1.RHEL4 do not have this problem, but use now the
/var/racoon/racoon.sock socket file. I see it during test of
ipsec-tools-0.5-1.RHEL4 in #145424.
Comment 2 Bill Nottingham 2005-03-14 12:22:59 EST
It *should* be fixed in 0.3.3-5.6.
Comment 3 Mark J. Cox (Product Security) 2005-03-23 05:10:30 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2005-232.html

Note You need to log in before you can comment on or make changes to this bug.