Community Packages

Please read this before reporting a bug:

Do NOT report bugs when a package is just outdated, or it is in Unsupported. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#62823 - [strongswan] 5.8.0 needs a warning about a breaking change

Attached to Project: Community Packages
Opened by Mantas Mikulėnas (grawity) - Thursday, 06 June 2019, 06:33 GMT
Last edited by Christian Rebischke (Shibumi) - Saturday, 16 November 2019, 13:48 GMT
Task Type Bug Report
Category Packages
Status Closed
Assigned To Christian Rebischke (Shibumi)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No


strongSwan 5.8 renames the systemd unit files like this:

strongswan.service ⇒ strongswan-starter.service
strongswan-swanctl.service ⇒ strongswan.service

This means that
1. For people who had legacy starter-based strongswan.service enabled, init will now start swanctl-based strongswan.service instead, which ignores the legacy ipsec.conf so the system is left with 0 connections.
2. For people who had the new strongswan-swanctl.service enabled, init will start nothing at all because that unit name no longer exists and the symlink is broken, so the system is left with 0 connections again.

I had seen this change in Git logs myself, but for the benefit of other users, I would strongly recommend adding a post_upgrade notice. (Don't revert the change though, swanctl is great.)
This task depends upon

Closed by  Christian Rebischke (Shibumi)
Saturday, 16 November 2019, 13:48 GMT
Reason for closing:  Fixed
Additional comments about closing:  stringswan-5.8.1-2
Comment by Yannick Koechlin (yawniek) - Sunday, 09 June 2019, 12:52 GMT
+1 here, took me a moment to figure this out.
whats the background of this ?

Comment by Florus Dastious (dastious) - Wednesday, 03 July 2019, 09:48 GMT
+ 1 lost 1 hour of work because of this.
Comment by Christian Rebischke (Shibumi) - Monday, 29 July 2019, 22:55 GMT
I have to admit, that I am not a big fan of pre/post install/upgrade messages and I think that such stuff should be documented elsewhere or announced via NEWS on the website or via an own NEWS tool for Arch Linux.
But feel free to convince me otherwise.
Comment by Ralph Corderoy (RalphCorderoy) - Wednesday, 31 July 2019, 10:14 GMT
Hi Christian,

If I need to take an action due to a package upgrade then that needs to be told to me as part of that upgrade. That's where my attention lies. I'm watching it carefully in case a new configuration file has arrived, etc. I don't want an extra step beforehand, e.g. Manjaro say to check a forum each time! Few do and the forum then has lots of broken users. And I don't want extra steps afterwards like checking lots of changelogs, trying to stop the Arch-specific changes v. upstream's own news.

What do you think is wrong with pre/post install/upgrade messages?
Comment by Daniel Albers (al) - Friday, 15 November 2019, 13:16 GMT
Agree 100% with this bug report. I lost quite a bit of time to this.
Comment by Christian Rebischke (Shibumi) - Saturday, 16 November 2019, 11:46 GMT
sorry, I will have a look on this asap.