Package: libstrongswan Severity: wishlist Tags: patch Hi,
Would you please consider creating a directory where configuration snippets can be dropped to extend strongswan.conf? The idea being a) easier configuration management by splitting the config, b) allowing something (a package or a configuration management system) to drop a file to modify the configuration without touching the main strongswan.conf LTDR: Please consider git-am'ing the attached mbox. Thanks! Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net
From a281d077254db5fd86001896300d3fa356f0f6ca Mon Sep 17 00:00:00 2001 From: Raphael Geissert <geiss...@debian.org> Date: Tue, 14 Jan 2014 14:51:01 +0100 Subject: [PATCH] Support configuration via /etc/strongswan.conf.d/ Upstream's position on this is that packages should ship this configuration, instead of modifying it upstream. See: https://wiki.strongswan.org/issues/475 --- debian/changelog | 5 +++++ debian/libstrongswan.dirs | 1 + debian/patches/02_include-strongswan.conf.d.patch | 10 ++++++++++ debian/patches/series | 1 + 4 files changed, 17 insertions(+) create mode 100644 debian/patches/02_include-strongswan.conf.d.patch diff --git a/debian/changelog b/debian/changelog index 50412cf..11f417e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,5 +1,6 @@ strongswan (5.0.2-1) UNRELEASED; urgency=low + [ Yves-Alexis Perez ] * New upstream release. * debian/patches: - 01_fix-manpages refreshed. @@ -30,6 +31,10 @@ strongswan (5.0.2-1) UNRELEASED; urgency=low * debian/strongswan-starter.* remove references to pluto. * debian/po: update potfiles for new phrasing. + [ Raphael Geissert ] + * Allow the configuration of strongswan.conf to be stored in snippets + in /etc/strongswan.conf.d/ + -- Yves-Alexis Perez <cor...@debian.org> Thu, 07 Feb 2013 13:27:53 +0100 strongswan (4.6.4-6) unstable; urgency=low diff --git a/debian/libstrongswan.dirs b/debian/libstrongswan.dirs index 3550fea..ed957af 100644 --- a/debian/libstrongswan.dirs +++ b/debian/libstrongswan.dirs @@ -2,5 +2,6 @@ /etc/logcheck/ignore.d.server /etc/logcheck/ignore.d.workstation /etc/logcheck/violations.ignore.d +/etc/strongswan.conf.d /usr/share/lintian/overrides /usr/lib/ipsec/plugins diff --git a/debian/patches/02_include-strongswan.conf.d.patch b/debian/patches/02_include-strongswan.conf.d.patch new file mode 100644 index 0000000..45d95fb --- /dev/null +++ b/debian/patches/02_include-strongswan.conf.d.patch @@ -0,0 +1,10 @@ +Index: strongswan/src/strongswan.conf +=================================================================== +--- strongswan.orig/src/strongswan.conf 2014-01-14 13:45:31.898298701 +0100 ++++ strongswan/src/strongswan.conf 2014-01-14 14:43:30.936346911 +0100 +@@ -32,3 +32,5 @@ + # set to no, the DH exponent size is optimized + # dh_exponent_ansi_x9_42 = no + } ++ ++include /etc/strongswan.conf.d/*.conf diff --git a/debian/patches/series b/debian/patches/series index 2cf256b..a004656 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1 +1,2 @@ 01_fix-manpages.patch +02_include-strongswan.conf.d.patch -- 1.7.10.4
