On Wed, 2017-06-28 at 14:16 -0700, Gerald Turner wrote: > On Wed, Jun 28 2017, Gerald Turner wrote: > > On Wed, Jun 28 2017, Yves-Alexis Perez wrote: > >> I don't have those logs message, because the folders actually exist > >> here, so I somehow have the feeling that strongSwan actually created > >> the directories itself. > > > > I'm not sure...
I'm not sure either to be honest. The swanctl Makefile seems to create them (install-data-local target) but it doesn't seem called. > > Apologies for the nearly frivilous patch, but having mode 0700 set on > directories potentially containing private keys is kind of nifty ;-) > (and consistent with the strongswan-starter package) In any case, it's a good idea to ensure the directories are present (and with the correct permission). I'll investigate a bit about the install-data-local part but if it goes nowhere I'll include the patch as-is. Regards, -- Yves-Alexis
signature.asc
Description: This is a digitally signed message part