205438 – security/strongswan: Version 5.3.5_1 -- /usr/local/bin/pki: not found

Bug 205438 - security/strongswan: Version 5.3.5_1 -- /usr/local/bin/pki: not found

Summary: security/strongswan: Version 5.3.5_1 -- /usr/local/bin/pki: not found

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Only Me
Assignee:	Jason Unovitch

URL:
Keywords:	easy, patch, patch-ready

Depends on:
Blocks:

Reported:	2015-12-19 21:11 UTC by Nick B
Modified:	2016-02-17 02:36 UTC (History)
CC List:	3 users (show)

See Also:

Flags:	strongswan: maintainer-feedback+

Attachments
Set PKI and SWANCTL options to default on (730 bytes, patch) 2016-02-15 12:08 UTC, Francois ten Krooden	strongswan: maintainer-approval+	Details \| Diff
Set PKI, SWANCTL and VICI options to default on (1.28 KB, patch) 2016-02-16 13:01 UTC, Francois ten Krooden	no flags	Details \| Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Nick B 2015-12-19 21:11:51 UTC

On:

FreeBSD vmf1 10.2-RELEASE-p8 FreeBSD 10.2-RELEASE-p8 #0 r292468: Sat Dec 19 20:12:28 UTC 2015     user@vmf1:/usr/obj/usr/src/sys/GENERIC-IPSEC  amd64

running a GENERIC kernel modified for IPSEC (only added crypto and IPSEC)


Encounter the following when trying to run strongswan's pki command:

# ipsec pki
exec: /usr/local/bin/pki: not found

Therefore breaking certificate creation with strongswan.

Port was added via "pkg install strongswan"

Comment 1 Jason Unovitch freebsd_committer

2015-12-27 14:24:55 UTC

The PKI option is off by default.  You would have to compile from ports and set PKI to be on.  However looking at the Makefile it introduces no external port dependencies.  Is there a good reason to not include it by default to make the package the most useful?

Comment 2 Nick B 2015-12-27 15:52:29 UTC

(In reply to Jason Unovitch from comment #1)
It should probably be on by default or else the package is somewhat useless if you want to build a server.

Comment 3 Francois ten Krooden 2016-02-15 12:08:15 UTC

Created attachment 167023 [details]
Set PKI and SWANCTL options to default on

Added the PKI and swanctl options as defaults.

Comment 4 Jason Unovitch freebsd_committer

2016-02-15 15:24:42 UTC

Can we enable the VICI option as well?  The SWANCTL option depends on it.
(strongswan-5.3.5_3) /wrkdirs/usr/ports/security/strongswan/work/stage//usr/local/sbin/swanctl - required shared library libvici.so.0 not found

We should add the _IMPLIES to reflect that dependency on VICI.

Comment 5 Francois ten Krooden 2016-02-16 13:01:42 UTC

Created attachment 167079 [details]
Set PKI, SWANCTL and VICI options to default on

Set PKI, SWANCTL and VICI options to default on
Added SWANCTL_IMPLIES= VICI as well

Comment 6 Francois ten Krooden 2016-02-16 13:03:00 UTC

(In reply to Jason Unovitch from comment #4)
See no problem why not.  I updated the patch to include VICI as well.

Comment 7 commit-hook freebsd_committer

2016-02-17 02:34:51 UTC

A commit references this bug:

Author: junovitch
Date: Wed Feb 17 02:34:06 UTC 2016
New revision: 409026
URL: https://svnweb.freebsd.org/changeset/ports/409026

Log:
  security/strongswan: enable options to increase usefulness of default pkg

  - Enable PKI, SWANCTL, and VICI options (no external dependencies)
  - Document IMPLIES dependency on VICI for SWANCTL; mention in SWANCTL_DESC
  - Bump PORTREVISION

  PR:		205438
  Reported by:	Nick B <nicblais@clkroot.net>
  Submitted by:	strongswan@Nanoteq.com (maintainer)

Changes:
  head/security/strongswan/Makefile

Comment 8 Jason Unovitch freebsd_committer

2016-02-17 02:36:36 UTC

(In reply to strongswan from comment #6)
Excellent.  Thank you for the patch.

(In reply to Nick B from comment #0)
Nick, thank you for the report!