Your message dated Fri, 21 Feb 2025 13:50:12 +0000
with message-id <[email protected]>
and subject line Bug#1085384: fixed in strongswan 6.0.0-1
has caused the Debian Bug report #1085384,
regarding strongswan: Installing strongswan on debian is highly confusing and
prone to errors
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1085384: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085384
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: strongswan
Version: 5.9.8-5+deb12u1
Severity: normal
X-Debbugs-Cc: [email protected]
Dear Maintainer,
Packages related to strongswan are very hard to understand, and to use them
properly.
Currently it is possible to have the strongswan, strongswan-starter and
strongswan-charon triplet installed alongside with charon-systemd and
strongswan-swanctl. While in rare cases it might make sense, i think most of
the users only needs one set of them. Either they want to use the legacy
ipsec.conf or the newer swanctl.conf. Also there may be differences whether
they use systemd or not. And maybe more factors, i really do not know.
When I install everything, two copies of charon daemon are trying to run at the
same time, and it leads to a lot of problems. The error messages in 5.9.8 are
not helpful in any way. It took me 2 days to figure out that there are two
deamons.
Even the upstream developer has a separate section regarding debian packages:
https://docs.strongswan.org/docs/5.9/install/install.html
"
When installing the strongswan metapackage, the legacy daemon and configuration
backend are installed. To use swanctl/vici instead, install the charon-systemd
and strongswan-swanctl packages and remove both the strongswan-starter and
strongswan-charon packages. Make sure you only have either the charon-systemd
or the strongswan-starter package installed (or at least disable one of the
systemd units they install, which are strongswan.service and strongswan-
starter.service, respectively).
"
There was a time when they were conflicting packages, but not any more:
strongswan-libcharon
Breaks: strongswan-starter (<= 5.6.1-2)
Replaces: strongswan-starter (<= 5.6.1-2)
strongswan-swanctl
Breaks: strongswan-starter (<< 5.8.0-1)
Replaces: strongswan-starter (<< 5.8.0-1)
I doubt this is the intended behaviour.
Also the names of the packages makes no sense to me.
see also:
https://github.com/strongswan/strongswan/discussions/2502
https://github.com/strongswan/strongswan/discussions/2282
-- System Information:
Debian Release: 12.6
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.1.0-23-amd64 (SMP w/2 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages strongswan depends on:
pn strongswan-charon <none>
pn strongswan-starter <none>
strongswan recommends no packages.
strongswan suggests no packages.
--- End Message ---
--- Begin Message ---
Source: strongswan
Source-Version: 6.0.0-1
Done: Yves-Alexis Perez <[email protected]>
We believe that the bug you reported is fixed in the latest version of
strongswan, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Yves-Alexis Perez <[email protected]> (supplier of updated strongswan package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 21 Feb 2025 14:09:27 +0100
Source: strongswan
Architecture: source
Version: 6.0.0-1
Distribution: unstable
Urgency: medium
Maintainer: strongSwan Maintainers <[email protected]>
Changed-By: Yves-Alexis Perez <[email protected]>
Closes: 1039527 1085384
Changes:
strongswan (6.0.0-1) unstable; urgency=medium
.
[ Carles Pina i Estany ]
* Added po-debconf Catalan translation
.
[ Yves-Alexis Perez ]
* New upstream version 6.0.0
* d/patches: rebase against new upstream
* handle removal of bliss and ntru plugins
* d/control: drop breaks/replaces against 5.5 version
* d/rules: force-enable curve25519 plugin
* Enable some upstream-disabled plugin but move them to -extra-plugin
* move openssl plugin to libstrongswan package
* d/control: update pkg-config b-dep to pkgconf
* d/control: update strongswan metapackage to switch from strongswan-starter
to strongswan-swanctl (Closes: #1085384)
* d/copyright updated for new release (Closes: #1039527)
* d/control: drop conflict with openswan, not in Debian anymore
* d/control: drop obsolete breaks/replaces
* move pgp plugin to the -extra-plugins package
* move sshkey plugin to the -standard-plugin package
* move kdf and xcbc plugins to the -extra-plugins package
* move fips-prf to the -extra-plugins package
* update NEWS with info about the plugins moves
* d/control: update standards version to 4.7.1
Checksums-Sha1:
b0cbb67bc205c1a475dbecbfa0cd4a1c4001a763 3179 strongswan_6.0.0-1.dsc
2d5a7922130cb6e8aad99b8b4953c29fe4ab1ea9 4863821 strongswan_6.0.0.orig.tar.bz2
7b5ae5a5707eda76bc03d9e3a7726bd09274acff 659 strongswan_6.0.0.orig.tar.bz2.asc
5b3e26cee8a2ae8bca86ba5ec400c6d0fba423e5 127832
strongswan_6.0.0-1.debian.tar.xz
02068874c829098c61c08211c19641332f33ce55 18376
strongswan_6.0.0-1_amd64.buildinfo
Checksums-Sha256:
4733dc9019a092058b38f74729d47d08091dcf365644aa421421cd67dad43e72 3179
strongswan_6.0.0-1.dsc
72fe58b7523155703b65b08c3cc559c2c9a5c96da54afebd8136f6623e7dda82 4863821
strongswan_6.0.0.orig.tar.bz2
42d0ee4dcbdf261f92210b459e82d6d834327a3afd85cbd55c5ce68f7f398365 659
strongswan_6.0.0.orig.tar.bz2.asc
9696af7bdc065e74ed0fa021573fafdac67c8ce1308f1650f7c3669c6348d7dc 127832
strongswan_6.0.0-1.debian.tar.xz
30a0f20cbae4d2ecab6c9131be400490d4bdef5a9f550681e388f013576de87e 18376
strongswan_6.0.0-1_amd64.buildinfo
Files:
7b700a9c97144a3e3a832f2d8b4cd27b 3179 net optional strongswan_6.0.0-1.dsc
c8bfe179cdbd779bfbc498e9af5f3515 4863821 net optional
strongswan_6.0.0.orig.tar.bz2
55647bd699b500747086f97f04dbd92b 659 net optional
strongswan_6.0.0.orig.tar.bz2.asc
dc56531e12945a9a381235e20c19870c 127832 net optional
strongswan_6.0.0-1.debian.tar.xz
4ddf5f8e21d71c9de21f005ddd88a7b0 18376 net optional
strongswan_6.0.0-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAme4gsAACgkQ3rYcyPpX
RFu7fAf+NR8oFv6jA7BKhUVMnJ6B7sq9W1xVWYw1bNa2STcZ0WaW6hzAug3OWCKy
BnRm/qxHmFRwRzJLLa94W4+F9sZWYck/Quler4Osp90fjTlpoMhkAi4dk6CAJE/a
YtjaumkgDnNV9C6Agm2/Q5J40VKRl6y8HfTeB/5QLjVdtKgWDCwDLchCwYUXBzkF
8RZTO/uFVei+GAc3kuqmXpiuu5Zwqtr3/+OJ7mE9+EYirvOIem3oHh+O6Q3EKPKG
m3doWqlMiQ1V5UEr9I6Y3LTEZvS2fcZUO/nhCS9T0/c7VHVF2waqrtqiP1KRmxJk
QODPwt0Zdxi5kP+G7P8ZOSDVY1esUA==
=3/Ro
-----END PGP SIGNATURE-----
pgplSu7rIauRt.pgp
Description: PGP signature
--- End Message ---
