Bug#1116662: strongswan-starter: Existing SysV init script ignores new config format

Luigi Baldoni aloisio at gmx.com
Mon Sep 29 22:51:28 BST 2025


Package: strongswan-starter
Version: 6.0.1-6+deb13u1
Severity: wishlist
X-Debbugs-Cc: aloisio at gmx.com, debian-init-diversity at chiark.greenend.org.uk

Dear Maintainer,
I was attempting to run strongswan using SysV init.
>From what I understand, /etc/init.d/ipsec is the latest version available
of the script that upstream dropped some 5 years ago.

Since then, strongswan has deprecated the old ipsec.conf format in favour
of swanctl.conf. The systemd scripts launch the daemon first and then invoke
swanctl to load the new-style configuration, but the existing /etc/init.d/ipsec
does not.

Other non-systemd distributions (e.g. openwrt and alpine) use separate launchers
to leave users the choice, upstream systemd seems to do it the new way only,
but I haven't delved too much into it.

What do you think would be the best solution here?

Regards

-- System Information:
Debian Release: 13.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.12.48+deb13-amd64 (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled

Versions of packages strongswan-starter depends on:
ii  adduser                3.152
ii  debconf [debconf-2.0]  1.5.91
ii  init-system-helpers    1.69~deb13u1
ii  libc6                  2.41-12
ii  libstrongswan          6.0.1-6+deb13u1
ii  sysvinit-utils         3.14-4

Versions of packages strongswan-starter recommends:
ii  strongswan-charon  6.0.1-6+deb13u1

strongswan-starter suggests no packages.

-- Configuration Files:
/etc/ipsec.secrets [Errno 13] Permission denied: '/etc/ipsec.secrets'

-- debconf information excluded



More information about the Debian-init-diversity mailing list