Red Hat Bugzilla – Bug 636572
ipsec service is started by default
Last modified: 2010-11-09 20:06:48 EST
Description of problem:
The presence of:
# Default-Start: 2 3 4 5
in /etc/rc.d/init.d/ipsec causes it to be started by default. This should be empty, e.g.:
Version-Release number of selected component (if applicable):
Fixed and made a new build openswan-2.6.29-2.fc14.
This conflicts with http://wiki.debian.org/LSBInitScripts
Can Debian/Fedora talk and decide on what the LSB really means?
just to clarify, Debian wanted us to put the numbers us. Fedora wants us not to put the numbers in......
But what decides whether the service is enabled by default or not?
Unnecessary daemons should not run by default. If you look at /etc/rc.d/init.d/raccoon, you will see that it does not run by default. Pluto is a replacement for it.
There should also be a way for NetworkManager to start pluto if its not running and it needs to be running...
I understand openswan should not run per default after install. However, debian asked us to change this, because Default-Start is used by their update-rc.d to know what symlinks to create. However, they do not run update-rc.d on package install - the sysadmin does that.
So, as stated above, Fedora and Debian do not agree on the meaning of Default-Start in the LSB, and openswan seems to be stuck in the middle.
(In reply to comment #6)
> There should also be a way for NetworkManager to start pluto if its not running
> and it needs to be running...
Actually NetworkManager-openswan already does this.
Same issue in openswan-2.6.29-1.fc13
The patch to fix this issue is only in F14/F15 right now. Once it gets some testing there, I can commit the patch in F13 too.
I don't see an update for F14.
Can you please submit an update to testing with bodhi?
openswan-2.6.29-2.fc14 has been submitted as an update for Fedora 14.
openswan-2.6.29-2.fc14 has been pushed to the Fedora 14 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
su -c 'yum --enablerepo=updates-testing update openswan'. You can provide feedback for this update here: https://admin.fedoraproject.org/updates/openswan-2.6.29-2.fc14
Closing this as the issue has been resolved. Please reopen if the issue still persists.
openswan-2.6.29-2.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report.