vpnaas problem --- strongswan on rocky 9
Bug #2049624 reported by
Ian Kumlien
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
New
|
Medium
|
Unassigned |
Bug Description
It seems like this is written exclusively for some dist..
On rocky, it's named strongswan just like in the man page, and it uses /etc/strongswan
So setting:
[strongswan]
default_config_area = /etc/strongswan
should be enough according to the configuration, but there are some issues:
1. Configuration is copied with cp -a and thus still owned by root
2. It seems it doesn't even attempt to put the configuration in the right path -- i patched this manually nd got error that a normal run doesn't get (ie permission denied for the temporary file)
Why not ask the binary?
strongswan --confdir
/etc/strongswan
Or set the paths using the environment variables documented?
tags: | added: vpnaas |
To post a comment you must log in.
Replacing /usr/sbin/ipsec with: CONF="/ etc/strongswan. conf"
#!/bin/bash
export STRONGSWAN_
ARGS=()
while [[ $# -gt 0 ]]; do
start| restart)
ARGS+ =("$1")
ARGS+ =("--conf /etc/ipsec.conf")
shift
;;
ARGS+ =($1)
shift
;; strongswan ${ARGS[@]}
case $1 in
*)
esac
done
/usr/sbin/
---
Seems to make things work...