[Swan-dev] Release tags on github and some packaging issues

Paul Wouters paul at nohats.ca
Sat Dec 21 19:04:09 EET 2013

On Sat, 21 Dec 2013, Mike Gilbert wrote:

> I am working on packaging libreswan for Gentoo Linux.
> Is github the only public repo available? I notice that there are no
> release tags in the repo, so I'm wondering if there is another
> "official" repository somewhere.

I'll push the tags. The github is an "export only" copy of one branch
of our private repository.

> I see that there is a systemd unit in the repostory, but it seems
> quite Fedora-specifc in that it references /etc/sysconfig/pluto and
> has a nasty /bin/sh eval hack in ExecStart because of that. It also
> hard-codes the path to "ip" as /sbin/ip; on Gentoo we have moved this
> to /bin. Would you be open to making ipsec.service a bit more
> distro-agnostic?

systemd is quite picky and error prone unfortunately. We might need to
create a separate service file for gentoo. Look at the detection in
packaging/utils/lswan_detect.sh where we try to deal with those. Also,
look at the spec file for fedora or rhel in packaging/ for an example
on how to use environment variables to override detected values.

> Also related to the systemd unit: it seems that this is installed 
> unconditionally by the make install target, even if pkg-config systemd
> fails. This ends up installing ipsec.service in the root directory (/)
> if systemd is not installed. Can we clean this up a bit? I can work on
> a patch if you like.

Sure. Although that seems we misdetected systemd or someone used an

We're happy to have gentoo support and help. It's just that you probably
know your system better than we do, so we could use your help there.


More information about the Swan-dev mailing list