Package: strongswan Version: 5.9.8-5+deb12u1 Severity: normal X-Debbugs-Cc: and...@napalm.hu
Dear Maintainer, Packages related to strongswan are very hard to understand, and to use them properly. Currently it is possible to have the strongswan, strongswan-starter and strongswan-charon triplet installed alongside with charon-systemd and strongswan-swanctl. While in rare cases it might make sense, i think most of the users only needs one set of them. Either they want to use the legacy ipsec.conf or the newer swanctl.conf. Also there may be differences whether they use systemd or not. And maybe more factors, i really do not know. When I install everything, two copies of charon daemon are trying to run at the same time, and it leads to a lot of problems. The error messages in 5.9.8 are not helpful in any way. It took me 2 days to figure out that there are two deamons. Even the upstream developer has a separate section regarding debian packages: https://docs.strongswan.org/docs/5.9/install/install.html " When installing the strongswan metapackage, the legacy daemon and configuration backend are installed. To use swanctl/vici instead, install the charon-systemd and strongswan-swanctl packages and remove both the strongswan-starter and strongswan-charon packages. Make sure you only have either the charon-systemd or the strongswan-starter package installed (or at least disable one of the systemd units they install, which are strongswan.service and strongswan- starter.service, respectively). " There was a time when they were conflicting packages, but not any more: strongswan-libcharon Breaks: strongswan-starter (<= 5.6.1-2) Replaces: strongswan-starter (<= 5.6.1-2) strongswan-swanctl Breaks: strongswan-starter (<< 5.8.0-1) Replaces: strongswan-starter (<< 5.8.0-1) I doubt this is the intended behaviour. Also the names of the packages makes no sense to me. see also: https://github.com/strongswan/strongswan/discussions/2502 https://github.com/strongswan/strongswan/discussions/2282 -- System Information: Debian Release: 12.6 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-23-amd64 (SMP w/2 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages strongswan depends on: pn strongswan-charon <none> pn strongswan-starter <none> strongswan recommends no packages. strongswan suggests no packages.
