Re: only reload racoon.conf?
- From: Doug Barton <dougb@xxxxxxxxxxx>
- Date: Mon, 12 Dec 2005 14:54:51 -0800
foobar wrote:
hy list,
is there any possibility to RELOAD the racoon (ipsec-tools) configuration in freebsd 5/6?
in linux i can do "/etc/init.d/racoon reload" but freebsd seems only to support a service restart.
Adding this capability is easy in rc.d, I've added a suggested patch, and cc'ed the maintainer.
Two things to note. First, I looked at the man page for racoon and it's not at all obvious to me how to get it to reload its conf file without restarting. IF it will do this by sending a 'kill -HUP <pid>' to the pid of the racoon process, then all you have to do is add the extra_commands line to the file, and rc.subr will handle the rest. If there is some command invocation involved, I've included an example of how to make that work.
The other thing to note is that rc.d scripts should never enable themselves by default. If someone can provide the information on how to get racoon to reread it's conf file, and the maintainer approves, I'll be glad to commit this update.
Doug
--
This .signature sanitized for your protection
--- /usr/ports/security/ipsec-tools/files/racoon.sh.in Fri Dec 2 03:28:06 2005
+++ racoon.sh.in Mon Dec 12 14:52:49 2005
@@ -1,12 +1,11 @@
#!/bin/sh
-# Start or stop racoon
# $FreeBSD: ports/security/ipsec-tools/files/racoon.sh.in,v 1.1 2005/12/02 11:28:06 lawrance Exp $
# PROVIDE: racoon
# REQUIRE: DAEMON
# BEFORE: LOGIN
-# KEYWORD: FreeBSD shutdown
+# KEYWORD: shutdown
#
# NOTE for FreeBSD 5.0+:
# If you want this script to start with the base rc scripts
@@ -21,7 +20,7 @@
#
# DO NOT CHANGE THESE DEFAULT VALUES HERE
#
-[ -z "$racoon_enable" ] && racoon_enable="YES" # Enable racoon
+#racoon_enable="NO" # Enable racoon
#racoon_program="${prefix}/sbin/racoon" # Location of racoon
#racoon_flags="" # Flags to racoon program
@@ -33,6 +32,14 @@
pidfile="/var/run/racoon.pid"
required_files="${prefix}/etc/racoon/racoon.conf"
stop_postcmd="racoon_poststop"
+extra_commands=reload
+
+# This is only necessary if 'kill -HUP <pid of racoon process>'
+# is not sufficient to reload the conf file
+reload_cmd="${name}_reload"
+racoon_reload () {
+ # Do something cool here that reloads racoon
+}
racoon_poststop() {
/bin/rm -f ${pidfile}
_______________________________________________freebsd-isp@xxxxxxxxxxx mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-isp To unsubscribe, send any mail to "freebsd-isp-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: only reload racoon.conf?
- From: VANHULLEBUS Yvan
- Re: only reload racoon.conf?
- From: Jeff at NorrisTechs
- Re: only reload racoon.conf?
- References:
- only reload racoon.conf?
- From: foobar
- only reload racoon.conf?
- Prev by Date: Re: only reload racoon.conf?
- Next by Date: Re: only reload racoon.conf?
- Previous by thread: Re: only reload racoon.conf?
- Next by thread: Re: only reload racoon.conf?
- Index(es):
