Comment 27 for bug 1938571

So renaming the libreswan ipsec to something else, creating a symlink from ipsec to strongswan and applying this patch means that i now have strongswan up and running on one of the nodes.

Will go trough all of them and see if can get this part working at least

diff --git a/etc/neutron/rootwrap.d/vpnaas.filters b/etc/neutron/rootwrap.d/vpnaas.filters
index 846ac2d1c..dc21cc6b1 100644
--- a/etc/neutron/rootwrap.d/vpnaas.filters
+++ b/etc/neutron/rootwrap.d/vpnaas.filters
@@ -8,11 +8,11 @@

 [Filters]

-cp: RegExpFilter, cp, root, cp, -a, .*, .*/strongswan.d
+cp: RegExpFilter, cp, root, cp, -a, .*, .*/strongswan
 ip: IpFilter, ip, root
 ip_exec: IpNetnsExecFilter, ip, root
 ipsec: CommandFilter, ipsec, root
-rm: RegExpFilter, rm, root, rm, -rf, (.*/strongswan.d|.*/ipsec/[0-9a-z-]+)
+rm: RegExpFilter, rm, root, rm, -rf, (.*/strongswan|.*/ipsec/[0-9a-z-]+)
 rm_file: RegExpFilter, rm, root, rm, -f, .*/ipsec.secrets
 strongswan: CommandFilter, strongswan, root
 neutron_netns_wrapper: CommandFilter, neutron-vpn-netns-wrapper, root
diff --git a/neutron_vpnaas/services/vpn/device_drivers/strongswan_ipsec.py b/neutron_vpnaas/services/vpn/device_drivers/strongswan_ipsec.py
index 708952a1f..30cdabed5 100644
--- a/neutron_vpnaas/services/vpn/device_drivers/strongswan_ipsec.py
+++ b/neutron_vpnaas/services/vpn/device_drivers/strongswan_ipsec.py
@@ -51,7 +51,7 @@ strongswan_opts = [
         'default_config_area',
         default=os.path.join(
             TEMPLATE_PATH,
- '/etc/strongswan.d'),
+ '/etc/strongswan'),
         help=_('The area where default StrongSwan configuration '
                'files are located.'))
 ]
@@ -150,7 +150,7 @@ class StrongSwanProcess(ipsec.BaseSwanProcess):
             self.vpnservice,
             0o600)
         self.copy_and_overwrite(cfg.CONF.strongswan.default_config_area,
- self._get_config_filename('strongswan.d'))
+ self._get_config_filename('strongswan'))

     def get_status(self):
         return self._execute([self.binary, 'status'],