From owner-freebsd-current@FreeBSD.ORG Sun Nov 2 05:49:48 2003 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DE06716A4CE; Sun, 2 Nov 2003 05:49:48 -0800 (PST) Received: from shop.digma.com.ua (shop.digma.com.ua [217.12.194.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6721C43FDD; Sun, 2 Nov 2003 05:49:44 -0800 (PST) (envelope-from cub@cub.org.ua) Received: from cub.org.ua (demani.digma [172.22.5.7]) by shop.digma.com.ua (8.12.6p2/8.12.6) with ESMTP id hA2Dneba056188; Sun, 2 Nov 2003 15:49:40 +0200 (EET) (envelope-from cub@cub.org.ua) Received: from cub by cub.org.ua with local (Exim 4.22) id 1AGIbn-0001Ux-7o; Sun, 02 Nov 2003 15:49:35 +0200 To: FreeBSD-gnats-submit@freebsd.org From: Kostyuk Oleg X-send-pr-version: 3.113 X-GNATS-Notify: Message-Id: Sender: Kostyuk Oleg Date: Sun, 02 Nov 2003 15:49:35 +0200 X-spamscan: scanned by cub.org.ua X-spamscan: Total score 0 cc: freebsd-current@freebsd.org Subject: /etc/rc.d/ipsec starts not in time X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Kostyuk Oleg List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Nov 2003 13:49:49 -0000 >Submitter-Id: current-users >Originator: Kostyuk Oleg >Organization: >Confidential: no >Synopsis: /etc/rc.d/ipsec starts not in time >Severity: serious >Priority: medium >Category: conf >Class: sw-bug >Release: FreeBSD 5.1-CURRENT i386 >Environment: System: FreeBSD demani.digma 5.1-CURRENT FreeBSD 5.1-CURRENT #4: Sun Nov 2 13:45:34 EET 2003 root@demani.digma:/var/.0/usr/obj/usr/src/sys/CUB i386 >Description: I use ipsec between my desktop and nfs/ntp server. On boot my mashine stops on "Mounting NFS file systems". If I press Ctrl+C, booting continue ok, but nfs mounts left unmounted and time not in sync. I try to use -b flag to mount_nfs in fstab, but this not help me. Problem is in order of starting /etc/rc.d/ipsec. It must start BEFORE any network interaction, may be even before configuring interfaces. But I not sure in case with diskless mashines. >How-To-Repeat: Create entry in /etc/fstab for nfs mount, create /etc/ipsec.conf to establish secure connection to same server (on both sides, of course :), and reboot. >Fix: (~)% grep -h '\$FreeBSD' /usr/src/etc/rc.d/ipsec /etc/rc.d/ipsec # $FreeBSD: src/etc/rc.d/ipsec,v 1.6 2003/07/30 18:53:59 mtm Exp $ # $FreeBSD: src/etc/rc.d/ipsec,v 1.6 2003/07/30 18:53:59 mtm Exp $ (~)% diff -u /usr/src/etc/rc.d/ipsec /etc/rc.d/ipsec --- /usr/src/etc/rc.d/ipsec Wed Jul 30 21:53:59 2003 +++ /etc/rc.d/ipsec Sun Nov 2 14:43:59 2003 @@ -5,8 +5,8 @@ # # PROVIDE: ipsec # REQUIRE: root beforenetlkm mountcritlocal -# BEFORE: DAEMON +# BEFORE: NETWORK # KEYWORD: FreeBSD NetBSD # it does not really require beforenetlkm.