diff options
-rw-r--r-- | debian/changelog | 9 | ||||
-rwxr-xr-x | debian/rules | 1 | ||||
-rw-r--r-- | debian/strongswan.init | 130 |
3 files changed, 136 insertions, 4 deletions
diff --git a/debian/changelog b/debian/changelog index 1ccf71150..90e191222 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,5 +1,8 @@ -strongswan (4.1.8-2) unstable; urgency=low +strongswan (4.1.8-2) unstable; urgency=medium + * Ship our own init script, since upstream no longer doesn't. + Really closes: #442880: strongswan: postinst failure (missing + /etc/init.d/ipsec) * Actually, need to be smarter with ipsec.conf and ipsec.secrets. Not marking them as conffiles isn't the right thing either. Instead, now use the includes feature to pull in config snippets that are @@ -10,12 +13,10 @@ strongswan (4.1.8-2) unstable; urgency=low under /var/lib/strongswan. * Cleanup debian/rules: no longer need to remove leftover files from patching, as currently there are no Debian-specific patches (fortunately). - Really closes: #442880: strongswan: postinst failure (missing - /etc/init.d/ipsec) * More cleanup: drop debconf translations hack for woody compatibility, depend on build-stamp instead of build in the install-strongswan target, and remove the now unnecessary dh_clean -k call in install-strongswan so - that configure isn't run twice during building the package. + that configure shouldn't run twice during building the package. * Update French debconf translation. Closes: #448327: strongswan: [INTL:fr] French debconf templates translation update diff --git a/debian/rules b/debian/rules index 0b77fac3d..e49876403 100755 --- a/debian/rules +++ b/debian/rules @@ -117,6 +117,7 @@ install-strongswan: build-stamp binary-common: dh_testdir dh_testroot + dh_installinit dh_installdebconf dh_installchangelogs ChangeLog dh_link diff --git a/debian/strongswan.init b/debian/strongswan.init new file mode 100644 index 000000000..c264e973f --- /dev/null +++ b/debian/strongswan.init @@ -0,0 +1,130 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: vpn +# Required-Start: $network $local_fs +# Required-Stop: $network $local_fs +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Strongswan IPsec services +### END INIT INFO + +# Author: Rene Mayrhofer <rene@mayrhofer.eu.org> + +# PATH should only include /usr/* if it runs after the mountnfs.sh script +PATH=/sbin:/usr/sbin:/bin:/usr/bin +DESC="strongswan IPsec services" +NAME=ipsec +DAEMON=/usr/sbin/$NAME +PIDFILE=/var/run/$NAME.pid +SCRIPTNAME=/etc/init.d/$NAME + +# Exit if the package is not installed +[ -x "$DAEMON" ] || exit 0 + +# Read configuration variable file if it is present +[ -r /etc/default/$NAME ] && . /etc/default/$NAME + +# Load the VERBOSE setting and other rcS variables +. /lib/init/vars.sh + +# Define LSB log_* functions. +# Depend on lsb-base (>= 3.0-6) to ensure that this file is present. +. /lib/lsb/init-functions + +# +# Function that starts the daemon/service +# +do_start() +{ + # Return + # 0 if daemon has been started + # 1 if daemon was already running + # 2 if daemon could not be started + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \ + || return 1 + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \ + $DAEMON_ARGS \ + || return 2 +} + +# +# Function that stops the daemon/service +# +do_stop() +{ + # Return + # 0 if daemon has been stopped + # 1 if daemon was already stopped + # 2 if daemon could not be stopped + # other if a failure occurred + start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME + RETVAL="$?" + [ "$RETVAL" = 2 ] && return 2 + # Wait for children to finish too if this is a daemon that forks + # and if the daemon is only ever run from this initscript. + # If the above conditions are not satisfied then add some other code + # that waits for the process to drop all resources that could be + # needed by services started subsequently. A last resort is to + # sleep for some time. + start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON + [ "$?" = 2 ] && return 2 + # Many daemons don't delete their pidfiles when they exit. + rm -f $PIDFILE + return "$RETVAL" +} + +do_reload() { + $DAEMON reload + return 0 +} + +case "$1" in + start) + [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME" + do_start + case "$?" in + 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; + 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; + esac + ;; + stop) + [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" + do_stop + case "$?" in + 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; + 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; + esac + ;; + status) + $DAEMON status + ;; + reload|force-reload) + log_daemon_msg "Reloading $DESC" "$NAME" + do_reload + log_end_msg $? + ;; + restart) + log_daemon_msg "Restarting $DESC" "$NAME" + do_stop + case "$?" in + 0|1) + do_start + case "$?" in + 0) log_end_msg 0 ;; + 1) log_end_msg 1 ;; # Old process is still running + *) log_end_msg 1 ;; # Failed to start + esac + ;; + *) + # Failed to stop + log_end_msg 1 + ;; + esac + ;; + *) + echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2 + exit 3 + ;; +esac + +: |