[Bug 1574833] [NEW] setkey is not run automatically on system start

MegaBrutal ubuntu at megabrutal.com
Mon Apr 25 19:56:01 UTC 2016 

Public bug reported:

The „setkey” service should run at system startup to add keys defined in
/etc/ipsec-tools.conf.

However, no keys are defined after system boot:

root at ReThinkCentre:~# setkey -D
No SAD entries.

After inquiring systemd, I learn this:

root at ReThinkCentre:~# systemctl status setkey
● setkey.service - LSB: option to manually manipulate the IPsec SA/SP database
   Loaded: loaded (/etc/init.d/setkey; bad; vendor preset: enabled)
   Active: inactive (dead)
     Docs: man:systemd-sysv-generator(8)

ápr 25 21:15:28 ReThinkCentre systemd[1]: setkey.service: Job
setkey.service/start deleted to break ordering cycle starting with
sysinit.target/start

Upon manually calling „systemctl start setkey” after the system booted
up, the keys are added properly – but it is not feasible to do after
each reboot.

Moreover, I can't help to notice that /etc/init.d/setkey is a legacy
SysV init script. No proper systemd service file seems to exist for
setkey. I think it would be a great time to add one.

** Affects: ipsec-tools (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: systemd (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: wily xenial

** Also affects: systemd (Ubuntu)
   Importance: Undecided
       Status: New

** Tags added: wily xenial

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1574833

Title:
  setkey is not run automatically on system start

Status in ipsec-tools package in Ubuntu:
  New
Status in systemd package in Ubuntu:
  New

Bug description:
  The „setkey” service should run at system startup to add keys defined
  in /etc/ipsec-tools.conf.

  However, no keys are defined after system boot:

  root at ReThinkCentre:~# setkey -D
  No SAD entries.

  After inquiring systemd, I learn this:

  root at ReThinkCentre:~# systemctl status setkey
  ● setkey.service - LSB: option to manually manipulate the IPsec SA/SP database
     Loaded: loaded (/etc/init.d/setkey; bad; vendor preset: enabled)
     Active: inactive (dead)
       Docs: man:systemd-sysv-generator(8)

  ápr 25 21:15:28 ReThinkCentre systemd[1]: setkey.service: Job
  setkey.service/start deleted to break ordering cycle starting with
  sysinit.target/start

  Upon manually calling „systemctl start setkey” after the system booted
  up, the keys are added properly – but it is not feasible to do after
  each reboot.

  Moreover, I can't help to notice that /etc/init.d/setkey is a legacy
  SysV init script. No proper systemd service file seems to exist for
  setkey. I think it would be a great time to add one.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ipsec-tools/+bug/1574833/+subscriptions

More information about the foundations-bugs mailing list