Bug 205438 - security/strongswan: Version 5.3.5_1 -- /usr/local/bin/pki: not found
Summary: security/strongswan: Version 5.3.5_1 -- /usr/local/bin/pki: not found
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Jason Unovitch
Keywords: easy, patch, patch-ready
Depends on:
Reported: 2015-12-19 21:11 UTC by Nick B
Modified: 2016-02-17 02:36 UTC (History)
3 users (show)

See Also:
strongswan: maintainer-feedback+

Set PKI and SWANCTL options to default on (730 bytes, patch)
2016-02-15 12:08 UTC, strongswan
strongswan: maintainer-approval+
Details | Diff
Set PKI, SWANCTL and VICI options to default on (1.28 KB, patch)
2016-02-16 13:01 UTC, strongswan
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Nick B 2015-12-19 21:11:51 UTC

FreeBSD vmf1 10.2-RELEASE-p8 FreeBSD 10.2-RELEASE-p8 #0 r292468: Sat Dec 19 20:12:28 UTC 2015     user@vmf1:/usr/obj/usr/src/sys/GENERIC-IPSEC  amd64

running a GENERIC kernel modified for IPSEC (only added crypto and IPSEC)

Encounter the following when trying to run strongswan's pki command:

# ipsec pki
exec: /usr/local/bin/pki: not found

Therefore breaking certificate creation with strongswan.

Port was added via "pkg install strongswan"
Comment 1 Jason Unovitch freebsd_committer 2015-12-27 14:24:55 UTC
The PKI option is off by default.  You would have to compile from ports and set PKI to be on.  However looking at the Makefile it introduces no external port dependencies.  Is there a good reason to not include it by default to make the package the most useful?
Comment 2 Nick B 2015-12-27 15:52:29 UTC
(In reply to Jason Unovitch from comment #1)
It should probably be on by default or else the package is somewhat useless if you want to build a server.
Comment 3 strongswan 2016-02-15 12:08:15 UTC
Created attachment 167023 [details]
Set PKI and SWANCTL options to default on

Added the PKI and swanctl options as defaults.
Comment 4 Jason Unovitch freebsd_committer 2016-02-15 15:24:42 UTC
Can we enable the VICI option as well?  The SWANCTL option depends on it.
(strongswan-5.3.5_3) /wrkdirs/usr/ports/security/strongswan/work/stage//usr/local/sbin/swanctl - required shared library libvici.so.0 not found

We should add the _IMPLIES to reflect that dependency on VICI.
Comment 5 strongswan 2016-02-16 13:01:42 UTC
Created attachment 167079 [details]
Set PKI, SWANCTL and VICI options to default on

Set PKI, SWANCTL and VICI options to default on
Comment 6 strongswan 2016-02-16 13:03:00 UTC
(In reply to Jason Unovitch from comment #4)
See no problem why not.  I updated the patch to include VICI as well.
Comment 7 commit-hook freebsd_committer 2016-02-17 02:34:51 UTC
A commit references this bug:

Author: junovitch
Date: Wed Feb 17 02:34:06 UTC 2016
New revision: 409026
URL: https://svnweb.freebsd.org/changeset/ports/409026

  security/strongswan: enable options to increase usefulness of default pkg

  - Enable PKI, SWANCTL, and VICI options (no external dependencies)
  - Document IMPLIES dependency on VICI for SWANCTL; mention in SWANCTL_DESC

  PR:		205438
  Reported by:	Nick B <nicblais@clkroot.net>
  Submitted by:	strongswan@Nanoteq.com (maintainer)

Comment 8 Jason Unovitch freebsd_committer 2016-02-17 02:36:36 UTC
(In reply to strongswan from comment #6)
Excellent.  Thank you for the patch.

(In reply to Nick B from comment #0)
Nick, thank you for the report!