Project

General

Profile

Bug #745

5.2.1 updown script not running

Added by K H Jeng about 6 years ago. Updated almost 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
libcharon
Target version:
Start date:
22.10.2014
Due date:
Estimated time:
Affected version:
5.2.1
Resolution:
Fixed

Description

Hi
When 5.2.0 work fine but 5.2.1 did not work updown script
the log is [charon: 14[CHD] updown: /bin/sh: strongswan: command not found]
what is wrong?

Associated revisions

Revision 4736ba06 (diff)
Added by Martin Willi about 6 years ago

updown: Explicitly pass caller PATH to updown script

When invoking /bin/sh, its default PATH is used. On some systems, that does
not include the PATH where the ipsec script is installed, as charon is invoked
with a custom PATH. Explicitly setting the PATH of charon should fix this
case, properly invoking the (default) updown script.

Fixes #745.

History

#1 Updated by K H Jeng about 6 years ago

K H Jeng wrote:

Hi
When 5.2.0 work fine but 5.2.1 did not work updown script
the log is [charon: 14[CHD] updown: /bin/sh: strongswan: command not found]
what is wrong?

When i Test copy 5.2.0[/src/libcharon/plugins/updown/updown_listener.c] to 5.2.1[/src/libcharon/plugins/updown/updown_listener.c]
and recompile [5.2.1] then work fine.
so I think the file 5.2.1 version[/src/libcharon/plugins/updown/updown_listener.c] is bone bug
Check it .
Thanks

#2 Updated by Martin Willi about 6 years ago

  • Status changed from New to Assigned
  • Assignee set to Martin Willi

Hi,

There have been some larger changes to the updown invocation code. To analyze the bug, please let us know:

  • What your leftupdown/leftfirewall configuration is
  • On what OS you are running strongSwan

Regards
Martin

#3 Updated by K H Jeng about 6 years ago

Martin Willi wrote:

Hi,

There have been some larger changes to the updown invocation code. To analyze the bug, please let us know:

  • What your leftupdown/leftfirewall configuration is
  • On what OS you are running strongSwan

Regards
Martin

Hi
#cat ipsec.conf
config setup
cachecrls=yes
uniqueids=yes

conn VPN-IKE
inactivity = 600s
keyexchange=ikev1
authby=xauthpsk
xauth=server
left=%defaultroute
leftsubnet=0.0.0.0/0
leftfirewall=yes
right=%any
rightsubnet=10.7.0.0/24
rightsourceip=%radius
auto=add

did not leftupdown define, only leftfirewall=yes
the log is display when user connect

My OS is CentOS 32bit
#strongswan --version
Linux strongSwan U5.2.1/K2.6.32-220.el6.i686
Thanks

#4 Updated by Martin Willi about 6 years ago

Thanks for the feedback. Most likely your /bin/sh default PATH does not include the strongswan/ipsec script, hence the invocation fails.

I don't have a CentOS installation, but please try the referenced patch. It passes charons PATH to the updown script; as long as you have a proper PATH set for charon, it should be available to the invoked shell as well.

Regards
Martin

#5 Updated by K H Jeng about 6 years ago

Martin Willi wrote:

Thanks for the feedback. Most likely your /bin/sh default PATH does not include the strongswan/ipsec script, hence the invocation fails.

I don't have a CentOS installation, but please try the referenced patch. It passes charons PATH to the updown script; as long as you have a proper PATH set for charon, it should be available to the invoked shell as well.

Regards
Martin

Thanks
work Fine with your patch

#6 Updated by Martin Willi about 6 years ago

  • Tracker changed from Issue to Bug
  • Category set to libcharon
  • Status changed from Assigned to Closed
  • Target version set to 5.2.2
  • Resolution set to Fixed

work Fine with your patch

Great. Thanks for testing, merged to master.

Regards
Martin

#7 Updated by Tobias Brunner almost 6 years ago

  • Subject changed from 5.2.1 updown script not runnind to 5.2.1 updown script not running

Also available in: Atom PDF