[Pkg-swan-devel] Bug#787156: libstrongswan: configuration file for logcheck ignores completely outdated (useless)

Giacomo Mulas gmulas at oa-cagliari.inaf.it
Fri May 29 08:10:41 UTC 2015 

Package: libstrongswan
Version: 5.2.1-6
Severity: normal

Dear Maintainer,

with the release of jessie, I had to upgrade several machines from freeswan
(in wheezy) to strongswan (in jessie). After some struggling with
configuration files (my freeswan configuration was not compatible with
strongswan and I had to reconfigure my IPSec VPN from scratch) I got it to
work properly, and it now works flawlessly again.

However, I started receiving huge reports from logcheck from all machines in
the IPSec network.  I inspected the log files, and indeed all the log lines
being caught and reported by logcheck are absolutely normal, the bulk of
them being essentially charon doing its job of establishing connections,
checking certificates, rekeying etc..
I then set out to see what was missing from the regexps in the strongswan
ignore files in /etc/logcheck/ignore.d.* and to my surprise I noticed that
the "strongswan" files in there are actually verbatim copies from the
package of some old version of freeswan, the ignore patterns being about
pluto, the IKEv1 in freeswan.
I will now (with some patience) set out to create ignore patterns for my
local installations of stronswan, and install them on my machines.  If they
may be of any help, when done I can send them to you as a skeleton for
updated logcheck ignore files.  In the meanwhile, I recommend that you
either remove altogether the current stronswan files in the
/etc/logcheck/ignore.d.* directories, or replace them with empty
placeholders, until you have something more useful to put in them.

This problem affects versions in jessie, sid and experimental.

Thanks, bye
Giacomo Mulas


-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (401, 'unstable'), (10, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.0.2-jak (SMP w/4 CPU cores)
Locale: LANG=it_IT.utf8, LC_CTYPE=it_IT.utf8 (charmap=UTF-8) (ignored: LC_ALL set to it_IT.utf8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libstrongswan depends on:
ii  libc6     2.19-18
ii  libcap2   1:2.24-8
ii  libgmp10  2:6.0.0+dfsg-6

Versions of packages libstrongswan recommends:
ii  libstrongswan-standard-plugins  5.2.1-6

Versions of packages libstrongswan suggests:
ii  libstrongswan-extra-plugins  5.2.1-6

-- Configuration Files:
/etc/logcheck/ignore.d.paranoid/strongswan [Errno 13] Permesso negato: u'/etc/logcheck/ignore.d.paranoid/strongswan'
/etc/logcheck/ignore.d.server/strongswan [Errno 13] Permesso negato: u'/etc/logcheck/ignore.d.server/strongswan'
/etc/logcheck/ignore.d.workstation/strongswan [Errno 13] Permesso negato: u'/etc/logcheck/ignore.d.workstation/strongswan'
/etc/logcheck/violations.ignore.d/strongswan [Errno 13] Permesso negato: u'/etc/logcheck/violations.ignore.d/strongswan'

-- no debconf information

More information about the Pkg-swan-devel mailing list