Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
For bugs related to Red Hat Enterprise Linux 3 product line. The current stable release is 3.9. For Red Hat Enterprise Linux 6 and above, please visit Red Hat JIRA https://issues.redhat.com/secure/CreateIssue!default.jspa?pid=12332745 to report new issues.

Bug 148950

Summary: racoon unable to start with stale socket /tmp/.racoon
Product: Red Hat Enterprise Linux 3 Reporter: Milan Kerslager <milan.kerslager>
Component: ipsec-toolsAssignee: Bill Nottingham <notting>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 3.0CC: rvokal, ubeck
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-03-23 10:10:30 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Milan Kerslager 2005-02-17 07:26:54 UTC 
When restarting IPsec connection racoon give up if stale socket file
/tmp/.racoon exists. This prevent IPsec to work after unexpected racoon die
(racoon crash, server crash, sigkill when machine went down and racoon did not
exit via sigterm etc).

The ifup-ipsec script should check for stale socket and remove it if no racoon
copy is running or racoon should handle this issue by itself.

This arised after http://rhn.redhat.com/errata/RHBA-2004-513.html (bug #129611)
Comment 1 Uwe Beck 2005-03-12 23:35:29 UTC 
This is a problem in ipsec-tools-0.2.5-0.6 (RHEL3) and also in
ipsec-tools-0.3.3-5.6 (RHEL4) which use the /tmp/.racoon socket file
(I test for socket and remove it before racoon starts). The better way
should be that racoon handle it by itself.

The ipsec-tools-0.5-1.RHEL4 do not have this problem, but use now the
/var/racoon/racoon.sock socket file. I see it during test of
ipsec-tools-0.5-1.RHEL4 in #145424.
Comment 2 Bill Nottingham 2005-03-14 17:22:59 UTC 
It *should* be fixed in 0.3.3-5.6.
Comment 3 Mark J. Cox 2005-03-23 10:10:30 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2005-232.html