Public bug reported:

A lot of `strongswan` files got updated this morning. It breaks
strongswan because it can't find `/etc/ipsec.conf`. Sure enough, it's
missing. The package file indicates that it's there, but it doesn't get
installed.

I went to packages.ubuntu.com and downloaded `strongswan-
starter_5.6.3-1ubuntu4.1_amd64.deb` and manually reinstalled it, and IT
didn't install /etc/ipsec.conf either!

I manually extracted ipsec.conf from the .deb file, copied it to
/etc/ipsec.conf, chmod 600 /etc/ipsec.conf, and made sure it was
root:root, then `sudo systemctl restart ipsec`.

`sudo systemctl status ipsec` now shows correctly.

The /etc/ipsec.conf file looks like this...

    # ipsec.conf - strongSwan IPsec configuration file
    
    # basic configuration
    
    config setup
        # strictcrlpolicy=yes
        # uniqueids = no
    
    # Add connections here.
    
    # Sample VPN connections
    
    #conn sample-self-signed
    #      leftsubnet=10.1.0.0/16
    #      leftcert=selfCert.der
    #      leftsendcert=never
    #      right=192.168.0.2
    #      rightsubnet=10.2.0.0/16
    #      rightcert=peerCert.der
    #      auto=start
    
    #conn sample-with-ca-cert
    #      leftsubnet=10.1.0.0/16
    #      leftcert=myCert.pem
    #      right=192.168.0.2
    #      rightsubnet=10.2.0.0/16
    #      rightid="C=CH, O=Linux strongSwan CN=peer name"
    #      auto=start

ProblemType: Bug
DistroRelease: Ubuntu 18.10
Package: strongswan-starter 5.6.3-1ubuntu4.1
ProcVersionSignature: Ubuntu 4.18.0-13.14-generic 4.18.17
Uname: Linux 4.18.0-13-generic x86_64
ApportVersion: 2.20.10-0ubuntu13.1
Architecture: amd64
CurrentDesktop: ubuntu:GNOME
Date: Sun Jan 13 11:31:11 2019
InstallationDate: Installed on 2014-05-10 (1709 days ago)
InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Release amd64 (20140417)
ProcEnviron:
 TERM=xterm-256color
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: strongswan
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.ipsec.conf: [inaccessible: [Errno 13] Permission denied: 
'/etc/ipsec.conf']
modified.conffile..etc.ipsec.secrets: [inaccessible: [Errno 13] Permission 
denied: '/etc/ipsec.secrets']

** Affects: strongswan (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: amd64 apport-bug cosmic

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1811610

Title:
  latest strongswan update is broken in 18.10

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1811610/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to