Date: Mon, 12 Dec 2005 14:54:51 -0800 From: Doug Barton <dougb@FreeBSD.org> To: foobar <0xfcfb@gmx.net> Cc: freebsd-isp@freebsd.org, vanhu@netasq.com Subject: Re: only reload racoon.conf? Message-ID: <439DFFBB.7030002@FreeBSD.org> In-Reply-To: <20051212135558.6FD6543D68@mx1.FreeBSD.org> References: <20051212135558.6FD6543D68@mx1.FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format.
--------------000804080708060002030207
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
foobar wrote:
> hy list,
>
> is there any possibility to RELOAD the racoon (ipsec-tools) configuration in
> freebsd 5/6?
>
> in linux i can do "/etc/init.d/racoon reload" but freebsd seems only to
> support a service restart.
Adding this capability is easy in rc.d, I've added a suggested patch, and
cc'ed the maintainer.
Two things to note. First, I looked at the man page for racoon and it's not
at all obvious to me how to get it to reload its conf file without
restarting. IF it will do this by sending a 'kill -HUP <pid>' to the pid of
the racoon process, then all you have to do is add the extra_commands line
to the file, and rc.subr will handle the rest. If there is some command
invocation involved, I've included an example of how to make that work.
The other thing to note is that rc.d scripts should never enable themselves
by default. If someone can provide the information on how to get racoon to
reread it's conf file, and the maintainer approves, I'll be glad to commit
this update.
Doug
--
This .signature sanitized for your protection
--------------000804080708060002030207
Content-Type: text/plain;
name="racoon.sh.in.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="racoon.sh.in.diff"
--- /usr/ports/security/ipsec-tools/files/racoon.sh.in Fri Dec 2 03:28:06 2005
+++ racoon.sh.in Mon Dec 12 14:52:49 2005
@@ -1,12 +1,11 @@
#!/bin/sh
-# Start or stop racoon
# $FreeBSD: ports/security/ipsec-tools/files/racoon.sh.in,v 1.1 2005/12/02 11:28:06 lawrance Exp $
# PROVIDE: racoon
# REQUIRE: DAEMON
# BEFORE: LOGIN
-# KEYWORD: FreeBSD shutdown
+# KEYWORD: shutdown
#
# NOTE for FreeBSD 5.0+:
# If you want this script to start with the base rc scripts
@@ -21,7 +20,7 @@
#
# DO NOT CHANGE THESE DEFAULT VALUES HERE
#
-[ -z "$racoon_enable" ] && racoon_enable="YES" # Enable racoon
+#racoon_enable="NO" # Enable racoon
#racoon_program="${prefix}/sbin/racoon" # Location of racoon
#racoon_flags="" # Flags to racoon program
@@ -33,6 +32,14 @@
pidfile="/var/run/racoon.pid"
required_files="${prefix}/etc/racoon/racoon.conf"
stop_postcmd="racoon_poststop"
+extra_commands=reload
+
+# This is only necessary if 'kill -HUP <pid of racoon process>'
+# is not sufficient to reload the conf file
+reload_cmd="${name}_reload"
+racoon_reload () {
+ # Do something cool here that reloads racoon
+}
racoon_poststop() {
/bin/rm -f ${pidfile}
--------------000804080708060002030207--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?439DFFBB.7030002>