On Thu, 18 May 2017, Martin T wrote:
I installed Libreswan 3.20 under OpenSUSE 42.1 and it has following
options in ipsec.service unit file:
ExecStart=/usr/lib/ipsec/pluto --leak-detective --config
/etc/ipsec.conf --nofork
ExecStop=/usr/lib/ipsec/whack --shutdown
As I understand, this should mean that pluto should be stopped with
"whack --shutdown" command. However, "systemctl stop ipsec.service"
command hangs until watchdog kicks in and if I execute "whack
--shutdown" manually using "strace -f", then following can be seen:
[hangs]
Odd, can you tell me what happens when you run: killall -SIGTERM pluto
That should do the same thing as whack --shutdown but won't use the
socket. Then we know if it is pluto that's failing to die, or something
weird with reading/writing the socket?
Is there any apparmor or selinux policies that you could temporarilly
disable to see if those are causing this?
Paul
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
