Bug 151375 - net-firewall/ipsec-tools-0.6.5 racoon init script restart sometimes fails
Bug#: 151375 Product:  Gentoo Linux Version: 2006.1 Platform: All
OS/Version: Linux Status: RESOLVED Severity: normal Priority: P2
Resolution: FIXED Assigned To: latexer@gentoo.org Reported By: dadok@kvados.cz
Component: Applications
URL: 
Summary: net-firewall/ipsec-tools-0.6.5 racoon init script restart sometimes fails
Keywords:  
Status Whiteboard: 
Opened: 2006-10-14 11:51 0000
Description:   Opened: 2006-10-14 11:51 0000 
etc # /etc/init.d/racoon restart
 * Stopping racoon ...
 * Flushing policy entries ...
 * Loading ipsec policies from /etc/ipsec.conf.
 * Starting racoon ...
etc # /etc/init.d/racoon restart
 * Stopping racoon ...
/etc/init.d/racoon: line 50: kill: (9434) - No such process
 * Flushing policy entries ...
 * Loading ipsec policies from /etc/ipsec.conf.
 * Starting racoon ...

In first restart kill command is used for clean shutdown of racoon proces, but
without waiting for it's end. Than in start section new racoon process is
started and it complains about ports already used.

2006-10-14 20:40:33: ERROR: failed to bind to address x.x.x.x[500] (Address
already in use).
2006-10-14 20:40:33: ERROR: no address could be bound.
2006-10-14 20:40:34: INFO: racoon shutdown

Probablly using start-stop-deamon may solve this.
PS. There is another bug #136970 with using kill in racoon init script

------- Comment #1 From Jakub Moc (RETIRED) 2006-10-14 11:57:24 0000 ------- 
So, does the init script in Bug 136970 work for you? If it does, just mark this
one as duplicate.

------- Comment #2 From Milan Dadok 2006-10-14 12:25:46 0000 ------- 
No, it's using killall insted of kill (for stopping racoon in chroted
envirovment), so new racoon proces can be started before previous stops too.

------- Comment #3 From Caleb Cushing 2007-02-01 05:10:55 0000 ------- 
I have this problem with 0.6.3 of the tools. at least I think it's this
problem, same symptoms, but I haven't checked the init script.

------- Comment #4 From Hopeless 2007-04-15 17:06:06 0000 ------- 
I have the exact same problem on two very different gentoo systems, 
including the same racoon error output.

"/etc/init.d/racoon stop; /etc/init.d/racoon start" has the same problem, but 
"/etc/init.d/racoon stop; sleep 1; /etc/init.d/racoon start" works fine.

------- Comment #5 From Hopeless 2007-04-18 15:38:12 0000 ------- 
Created an attachment (id=116639) [details]
init script patch

As the OP suggested, changing the init script to use start-stop-daemon fixes
the issue.

Also, the same problem exists when using ipsec-tools 0.6.7 (released on
2007-04-06) with the ebuild in portage, but works fine with the patch above.

------- Comment #6 From Daniel Black 2007-04-21 11:38:27 0000 ------- 
this has been included in the latest version. Thanks Hopeless.