Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 325859

Summary: strongswan ebuild should warn about using the non-root use flag
Product: Gentoo Linux Reporter: Bjarke Istrup Pedersen (RETIRED) <gurligebis>
Component: New packagesAssignee: Patrick Lauer <patrick>
Status: RESOLVED NEEDINFO    
Severity: minor CC: ua_gentoo_bugzilla
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://wiki.strongswan.org/wiki/1/ReducedPrivileges
Whiteboard:
Package list:
Runtime testing required: ---

Description Bjarke Istrup Pedersen (RETIRED) gentoo-dev 2010-06-27 18:29:20 UTC 
When using the non-root use flag for strongswan (which is the standard way), the iptables commands called from the updown script fails.

This is described here: http://wiki.strongswan.org/wiki/1/ReducedPrivileges

The ebuild should notify the user about this, and tell them that they should look here, and maybe deploy some sort of sudo workaround if they need the leftfirewall option.

Reproducible: Always

Steps to Reproduce:
Comment 1 Matthias Dahl 2010-06-27 18:51:33 UTC 
Actually both versions currently in portage try to get as much important information to the user as possible... and there is also a fair share about the downside of running strongswan w/o root privileges (including a link to the appropriate wiki page).

So the information is indeed there. Please, if I am missing the point, just let me know. Or did you mean that those messages should be ewarn instead of einfo?
Comment 2 Bjarke Istrup Pedersen (RETIRED) gentoo-dev 2010-06-27 20:58:15 UTC 
Hmm, seems like I have missed that, by bad.

I discovered another bug - it tries to install ipsec.secrets, which does not exist, maybe a demo ipsec.secrets should be included?