setkey is not run automatically on system start
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ipsec-tools (Ubuntu) |
Triaged
|
Critical
|
Unassigned |
Bug Description
The „setkey” service should run at system startup to add keys defined in /etc/ipsec-
However, no keys are defined after system boot:
root@ReThinkCen
No SAD entries.
After inquiring systemd, I learn this:
root@ReThinkCen
● setkey.service - LSB: option to manually manipulate the IPsec SA/SP database
Loaded: loaded (/etc/init.
Active: inactive (dead)
Docs: man:systemd-
ápr 25 21:15:28 ReThinkCentre systemd[1]: setkey.service: Job setkey.
Upon manually calling „systemctl start setkey” after the system booted up, the keys are added properly – but it is not feasible to do after each reboot.
Moreover, I can't help to notice that /etc/init.d/setkey is a legacy SysV init script. No proper systemd service file seems to exist for setkey. I think it would be a great time to add one.
tags: | added: wily xenial |
no longer affects: | systemd (Ubuntu) |
Changed in ipsec-tools (Ubuntu): | |
importance: | Undecided → Medium |
Status changed to 'Confirmed' because the bug affects multiple users.