[strongSwan] NO_PROPOSAL_CHOSEN when using 5.6.2 on Ubuntu 18.04
Karuna Sagar Krishna
karunasagark at gmail.com
Wed May 12 11:03:19 CEST 2021
@Tobias Brunner <tobias at strongswan.org> do you have any inputs on this
issue?
--karuna
On Tue, May 11, 2021, 6:27 PM Karuna Sagar Krishna <karunasagark at gmail.com>
wrote:
> Ah ofcourse `sudo ipsec restart` helps. But I'm hesitant to use it since
> it breaks existing connections.
>
> Would strace help, pasted it below:
>
> sudo strace ipsec update
> execve("/usr/sbin/ipsec", ["ipsec", "update"], 0x7ffebdb60588 /* 20 vars
> */) = 0
> brk(NULL) = 0x55c1e8416000
> access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or
> directory)
> access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or
> directory)
> openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
> fstat(3, {st_mode=S_IFREG|0644, st_size=47015, ...}) = 0
> mmap(NULL, 47015, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f8447a9f000
> close(3) = 0
> access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or
> directory)
> openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libtinfo.so.5",
> O_RDONLY|O_CLOEXEC) = 3
> read(3,
> "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220\311\0\0\0\0\0\0"...,
> 832) = 832
> fstat(3, {st_mode=S_IFREG|0644, st_size=170784, ...}) = 0
> mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
> 0x7f8447a9d000
> mmap(NULL, 2267936, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
> = 0x7f8447658000
> mprotect(0x7f844767d000, 2097152, PROT_NONE) = 0
> mmap(0x7f844787d000, 20480, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x25000) = 0x7f844787d000
> close(3) = 0
> access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or
> directory)
> openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libdl.so.2", O_RDONLY|O_CLOEXEC) =
> 3
> read(3,
> "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P\16\0\0\0\0\0\0"..., 832) =
> 832
> fstat(3, {st_mode=S_IFREG|0644, st_size=14560, ...}) = 0
> mmap(NULL, 2109712, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
> = 0x7f8447454000
> mprotect(0x7f8447457000, 2093056, PROT_NONE) = 0
> mmap(0x7f8447656000, 8192, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f8447656000
> close(3) = 0
> access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or
> directory)
> openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
> read(3,
> "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20\35\2\0\0\0\0\0"..., 832)
> = 832
> fstat(3, {st_mode=S_IFREG|0755, st_size=2030928, ...}) = 0
> mmap(NULL, 4131552, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
> = 0x7f8447063000
> mprotect(0x7f844724a000, 2097152, PROT_NONE) = 0
> mmap(0x7f844744a000, 24576, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1e7000) = 0x7f844744a000
> mmap(0x7f8447450000, 15072, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f8447450000
> close(3) = 0
> mmap(NULL, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
> = 0x7f8447a9a000
> arch_prctl(ARCH_SET_FS, 0x7f8447a9a740) = 0
> mprotect(0x7f844744a000, 16384, PROT_READ) = 0
> mprotect(0x7f8447656000, 4096, PROT_READ) = 0
> mprotect(0x7f844787d000, 16384, PROT_READ) = 0
> mprotect(0x55c1e668d000, 16384, PROT_READ) = 0
> mprotect(0x7f8447aab000, 4096, PROT_READ) = 0
> munmap(0x7f8447a9f000, 47015) = 0
> openat(AT_FDCWD, "/dev/tty", O_RDWR|O_NONBLOCK) = 3
> close(3) = 0
> brk(NULL) = 0x55c1e8416000
> brk(0x55c1e8437000) = 0x55c1e8437000
> openat(AT_FDCWD, "/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3
> fstat(3, {st_mode=S_IFREG|0644, st_size=1683056, ...}) = 0
> mmap(NULL, 1683056, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f84478ff000
> close(3) = 0
> openat(AT_FDCWD, "/usr/share/locale/locale.alias", O_RDONLY|O_CLOEXEC) = 3
> fstat(3, {st_mode=S_IFREG|0644, st_size=2995, ...}) = 0
> read(3, "# Locale name alias data base.\n#"..., 4096) = 2995
> read(3, "", 4096) = 0
> close(3) = 0
> openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_IDENTIFICATION",
> O_RDONLY|O_CLOEXEC) = 3
> fstat(3, {st_mode=S_IFREG|0644, st_size=252, ...}) = 0
> mmap(NULL, 252, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f8447aaa000
> close(3) = 0
> openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/gconv/gconv-modules.cache",
> O_RDONLY) = 3
> fstat(3, {st_mode=S_IFREG|0644, st_size=26376, ...}) = 0
> mmap(NULL, 26376, PROT_READ, MAP_SHARED, 3, 0) = 0x7f8447aa3000
> close(3) = 0
> openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_MEASUREMENT",
> O_RDONLY|O_CLOEXEC) = 3
> fstat(3, {st_mode=S_IFREG|0644, st_size=23, ...}) = 0
> mmap(NULL, 23, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f8447aa2000
> close(3) = 0
> openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_TELEPHONE",
> O_RDONLY|O_CLOEXEC) = 3
> fstat(3, {st_mode=S_IFREG|0644, st_size=47, ...}) = 0
> mmap(NULL, 47, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f8447aa1000
> close(3) = 0
> openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_ADDRESS", O_RDONLY|O_CLOEXEC)
> = 3
> fstat(3, {st_mode=S_IFREG|0644, st_size=131, ...}) = 0
> mmap(NULL, 131, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f8447aa0000
> close(3) = 0
> openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_NAME", O_RDONLY|O_CLOEXEC) = 3
> fstat(3, {st_mode=S_IFREG|0644, st_size=62, ...}) = 0
> mmap(NULL, 62, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f8447a9f000
> close(3) = 0
> openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_PAPER", O_RDONLY|O_CLOEXEC) =
> 3
> fstat(3, {st_mode=S_IFREG|0644, st_size=34, ...}) = 0
> mmap(NULL, 34, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f84478fe000
> close(3) = 0
> openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_MESSAGES",
> O_RDONLY|O_CLOEXEC) = 3
> fstat(3, {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
> close(3) = 0
> openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_MESSAGES/SYS_LC_MESSAGES",
> O_RDONLY|O_CLOEXEC) = 3
> fstat(3, {st_mode=S_IFREG|0644, st_size=48, ...}) = 0
> mmap(NULL, 48, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f84478fd000
> close(3) = 0
> openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_MONETARY",
> O_RDONLY|O_CLOEXEC) = 3
> fstat(3, {st_mode=S_IFREG|0644, st_size=270, ...}) = 0
> mmap(NULL, 270, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f84478fc000
> close(3) = 0
> openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_COLLATE", O_RDONLY|O_CLOEXEC)
> = 3
> fstat(3, {st_mode=S_IFREG|0644, st_size=1516558, ...}) = 0
> mmap(NULL, 1516558, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f8446ef0000
> close(3) = 0
> openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_TIME", O_RDONLY|O_CLOEXEC) = 3
> fstat(3, {st_mode=S_IFREG|0644, st_size=3360, ...}) = 0
> mmap(NULL, 3360, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f84478fb000
> close(3) = 0
> openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_NUMERIC", O_RDONLY|O_CLOEXEC)
> = 3
> fstat(3, {st_mode=S_IFREG|0644, st_size=50, ...}) = 0
> mmap(NULL, 50, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f84478fa000
> close(3) = 0
> openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_CTYPE", O_RDONLY|O_CLOEXEC) =
> 3
> fstat(3, {st_mode=S_IFREG|0644, st_size=199772, ...}) = 0
> mmap(NULL, 199772, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f84478c9000
> close(3) = 0
> getuid() = 0
> getgid() = 0
> geteuid() = 0
> getegid() = 0
> rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0
> ioctl(-1, TIOCGPGRP, 0x7ffdff79c184) = -1 EBADF (Bad file descriptor)
> sysinfo({uptime=17179, loads=[23456, 22400, 23552], totalram=14677884928,
> freeram=11554000896, sharedram=2469888, bufferram=277266432,
> totalswap=7516188672, freeswap=7516188672, procs=448, totalhigh=0,
> freehigh=0, mem_unit=1}) = 0
> rt_sigaction(SIGCHLD, {sa_handler=SIG_DFL, sa_mask=[],
> sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f84470a2040},
> {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
> rt_sigaction(SIGCHLD, {sa_handler=SIG_DFL, sa_mask=[],
> sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f84470a2040},
> {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART,
> sa_restorer=0x7f84470a2040}, 8) = 0
> rt_sigaction(SIGINT, {sa_handler=SIG_DFL, sa_mask=[],
> sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
> sa_mask=[], sa_flags=0}, 8) = 0
> rt_sigaction(SIGINT, {sa_handler=SIG_DFL, sa_mask=[],
> sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
> sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, 8) = 0
> rt_sigaction(SIGQUIT, {sa_handler=SIG_DFL, sa_mask=[],
> sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
> sa_mask=[], sa_flags=0}, 8) = 0
> rt_sigaction(SIGQUIT, {sa_handler=SIG_DFL, sa_mask=[],
> sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
> sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, 8) = 0
> rt_sigaction(SIGTSTP, {sa_handler=SIG_DFL, sa_mask=[],
> sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
> sa_mask=[], sa_flags=0}, 8) = 0
> rt_sigaction(SIGTSTP, {sa_handler=SIG_DFL, sa_mask=[],
> sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
> sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, 8) = 0
> rt_sigaction(SIGTTIN, {sa_handler=SIG_DFL, sa_mask=[],
> sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
> sa_mask=[], sa_flags=0}, 8) = 0
> rt_sigaction(SIGTTIN, {sa_handler=SIG_DFL, sa_mask=[],
> sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
> sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, 8) = 0
> rt_sigaction(SIGTTOU, {sa_handler=SIG_DFL, sa_mask=[],
> sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
> sa_mask=[], sa_flags=0}, 8) = 0
> rt_sigaction(SIGTTOU, {sa_handler=SIG_DFL, sa_mask=[],
> sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
> sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, 8) = 0
> rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0
> rt_sigaction(SIGQUIT, {sa_handler=SIG_IGN, sa_mask=[],
> sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
> sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, 8) = 0
> uname({sysname="Linux", nodename="hn1-kkafka", ...}) = 0
> getcwd("/home/karkrish", 4096) = 15
> getpid() = 4884
> getppid() = 4882
> getpid() = 4884
> getpgrp() = 4881
> ioctl(2, TIOCGPGRP, [4881]) = 0
> rt_sigaction(SIGCHLD, {sa_handler=0x55c1e63e1790, sa_mask=[],
> sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f84470a2040},
> {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART,
> sa_restorer=0x7f84470a2040}, 8) = 0
> prlimit64(0, RLIMIT_NPROC, NULL, {rlim_cur=55845, rlim_max=55845}) = 0
> rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0
> openat(AT_FDCWD, "/usr/sbin/ipsec", O_RDONLY) = 3
> stat("/usr/sbin/ipsec", {st_mode=S_IFREG|0755, st_size=7774, ...}) = 0
> ioctl(3, TCGETS, 0x7ffdff79c110) = -1 ENOTTY (Inappropriate ioctl
> for device)
> lseek(3, 0, SEEK_CUR) = 0
> read(3, "#! /bin/sh\n# prefix command to r"..., 80) = 80
> lseek(3, 0, SEEK_SET) = 0
> prlimit64(0, RLIMIT_NOFILE, NULL, {rlim_cur=125*1024, rlim_max=125*1024})
> = 0
> fcntl(255, F_GETFD) = -1 EBADF (Bad file descriptor)
> dup2(3, 255) = 255
> close(3) = 0
> fcntl(255, F_SETFD, FD_CLOEXEC) = 0
> fcntl(255, F_GETFL) = 0x8000 (flags
> O_RDONLY|O_LARGEFILE)
> fstat(255, {st_mode=S_IFREG|0755, st_size=7774, ...}) = 0
> lseek(255, 0, SEEK_CUR) = 0
> read(255, "#! /bin/sh\n# prefix command to r"..., 7774) = 7774
> pipe([3, 4]) = 0
> rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
> rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
> rt_sigprocmask(SIG_BLOCK, [INT CHLD], [], 8) = 0
> lseek(255, -6800, SEEK_CUR) = 974
> clone(child_stack=NULL,
> flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD,
> child_tidptr=0x7f8447a9aa10) = 4885
> rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
> rt_sigaction(SIGCHLD, {sa_handler=0x55c1e63e1790, sa_mask=[],
> sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f84470a2040},
> {sa_handler=0x55c1e63e1790, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART,
> sa_restorer=0x7f84470a2040}, 8) = 0
> close(4) = 0
> read(3, "Linux\n", 128) = 6
> read(3, "", 128) = 0
> close(3) = 0
> --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4885, si_uid=0,
> si_status=0, si_utime=0, si_stime=0} ---
> wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], WNOHANG, NULL) = 4885
> wait4(-1, 0x7ffdff79b550, WNOHANG, NULL) = -1 ECHILD (No child processes)
> rt_sigreturn({mask=[]}) = 0
> rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
> rt_sigaction(SIGINT, {sa_handler=0x55c1e63de160, sa_mask=[],
> sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
> sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, 8) = 0
> rt_sigaction(SIGINT, {sa_handler=SIG_DFL, sa_mask=[],
> sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040},
> {sa_handler=0x55c1e63de160, sa_mask=[], sa_flags=SA_RESTORER,
> sa_restorer=0x7f84470a2040}, 8) = 0
> rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
> read(255, "IPSEC_NAME=\"strongSwan\"\nIPSEC_VE"..., 7774) = 6800
> pipe([3, 4]) = 0
> rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
> rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
> rt_sigprocmask(SIG_BLOCK, [INT CHLD], [], 8) = 0
> lseek(255, -6741, SEEK_CUR) = 1033
> clone(child_stack=NULL,
> flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD,
> child_tidptr=0x7f8447a9aa10) = 4886
> rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
> rt_sigaction(SIGCHLD, {sa_handler=0x55c1e63e1790, sa_mask=[],
> sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f84470a2040},
> {sa_handler=0x55c1e63e1790, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART,
> sa_restorer=0x7f84470a2040}, 8) = 0
> close(4) = 0
> read(3, "5.4.0-1046-azure\n", 128) = 17
> --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4886, si_uid=0,
> si_status=0, si_utime=0, si_stime=0} ---
> wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], WNOHANG, NULL) = 4886
> wait4(-1, 0x7ffdff79b450, WNOHANG, NULL) = -1 ECHILD (No child processes)
> rt_sigreturn({mask=[]}) = 17
> read(3, "", 128) = 0
> close(3) = 0
> rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
> rt_sigaction(SIGINT, {sa_handler=0x55c1e63de160, sa_mask=[],
> sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
> sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, 8) = 0
> rt_sigaction(SIGINT, {sa_handler=SIG_DFL, sa_mask=[],
> sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040},
> {sa_handler=0x55c1e63de160, sa_mask=[], sa_flags=SA_RESTORER,
> sa_restorer=0x7f84470a2040}, 8) = 0
> rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
> read(255, "\n# where the private directory a"..., 7774) = 6741
> brk(0x55c1e8458000) = 0x55c1e8458000
> stat("/var/run/starter.charon.pid", {st_mode=S_IFREG|0644, st_size=5,
> ...}) = 0
> fcntl(1, F_GETFD) = 0
> fcntl(1, F_DUPFD, 10) = 10
> fcntl(1, F_GETFD) = 0
> fcntl(10, F_SETFD, FD_CLOEXEC) = 0
> dup2(2, 1) = 1
> fcntl(2, F_GETFD) = 0
> fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
> write(1, "Updating strongSwan IPsec config"..., 43Updating strongSwan
> IPsec configuration...
> ) = 43
> dup2(10, 1) = 1
> fcntl(10, F_GETFD) = 0x1 (flags FD_CLOEXEC)
> close(10) = 0
> pipe([3, 4]) = 0
> rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
> rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
> rt_sigprocmask(SIG_BLOCK, [INT CHLD], [], 8) = 0
> lseek(255, -171, SEEK_CUR) = 7603
> clone(child_stack=NULL,
> flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD,
> child_tidptr=0x7f8447a9aa10) = 4887
> rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
> rt_sigaction(SIGCHLD, {sa_handler=0x55c1e63e1790, sa_mask=[],
> sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f84470a2040},
> {sa_handler=0x55c1e63e1790, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART,
> sa_restorer=0x7f84470a2040}, 8) = 0
> close(4) = 0
> read(3, "4941\n", 128) = 5
> --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4887, si_uid=0,
> si_status=0, si_utime=0, si_stime=0} ---
> wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], WNOHANG, NULL) = 4887
> wait4(-1, 0x7ffdff79b290, WNOHANG, NULL) = -1 ECHILD (No child processes)
> rt_sigreturn({mask=[]}) = 5
> read(3, "", 128) = 0
> close(3) = 0
> rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
> rt_sigaction(SIGINT, {sa_handler=0x55c1e63de160, sa_mask=[],
> sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
> sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, 8) = 0
> rt_sigaction(SIGINT, {sa_handler=SIG_DFL, sa_mask=[],
> sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040},
> {sa_handler=0x55c1e63de160, sa_mask=[], sa_flags=SA_RESTORER,
> sa_restorer=0x7f84470a2040}, 8) = 0
> rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
> kill(4941, SIGHUP) = 0
> rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
> rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
> exit_group(0) = ?
> +++ exited with 0 +++
>
> --karuna
>
> On Tue, May 11, 2021 at 6:13 PM Noel Kuntze <noel.kuntze at thermi.consulting>
> wrote:
>
>> I'm sorry, I'm at mit wit's end. Try restarting the daemon. Maybe that
>> helps.
>>
>> Am 12.05.21 um 02:33 schrieb Karuna Sagar Krishna:
>> > Not sure if I fully understand. Did you mean to say - remove
>> `auto=route` from default connection and add `auto=add` to each connection
>> section? If yes, I made this change manually to ipsec.conf, ran `sudo ipsec
>> update` but the status has not changed and I'm not able to ping the nodes.
>> >
>> > --karuna
>> >
>> >
>> > On Tue, May 11, 2021 at 5:13 PM Noel Kuntze
>> <noel.kuntze at thermi.consulting> wrote:
>> >
>> > Oh. Right. You need to add auto=add to the configs. In your case,
>> it's probably good if you'd change your script to add that to the conns
>> inserted.
>> >
>> > Am 12.05.21 um 01:55 schrieb Karuna Sagar Krishna:
>> > > Shortened the connection names and changed the order (attached).
>> Tried various orders and shorter names. Each time ran `sudo ipsec update`
>> followed by `sudo ipsec statusall`. The status did not change each time;
>> the status still shows the old name for established connection. And there
>> is nothing specific to this experiment in the logs.
>> > >
>> > > --karuna
>> > >
>> >
>>
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20210512/d7375caf/attachment-0001.html>
More information about the Users
mailing list