diff options
Diffstat (limited to 'main/strongswan')
-rw-r--r-- | main/strongswan/APKBUILD | 23 | ||||
-rw-r--r-- | main/strongswan/charon.initd | 30 | ||||
-rw-r--r-- | main/strongswan/strongswan.initd | 1 | ||||
-rw-r--r-- | main/strongswan/strongswan.pre-install | 10 |
4 files changed, 57 insertions, 7 deletions
diff --git a/main/strongswan/APKBUILD b/main/strongswan/APKBUILD index f86cc647b1..53024e4f5d 100644 --- a/main/strongswan/APKBUILD +++ b/main/strongswan/APKBUILD @@ -2,18 +2,21 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=strongswan pkgver=5.3.0 -pkgrel=1 +pkgrel=2 pkgdesc="IPsec-based VPN solution focused on security and ease of use, supporting IKEv1/IKEv2 and MOBIKE" url="http://www.strongswan.org/" arch="all" +pkgusers="ipsec" +pkggroups="ipsec" license="GPL-2 RSA-MD5 RSA-PKCS11 DES" depends="iproute2 openssl" -depends_dev="sqlite-dev openssl-dev curl-dev gmp-dev" +depends_dev="sqlite-dev openssl-dev curl-dev gmp-dev libcap-dev" makedepends="$depends_dev linux-headers" -install="" +install="$pkgname.pre-install" subpackages="$pkgname-doc" source="http://download.strongswan.org/$pkgname-$pkgver.tar.bz2 - strongswan.initd" + strongswan.initd + charon.initd" _builddir="$srcdir/$pkgname-$pkgver" prepare() { @@ -41,6 +44,9 @@ build() { --sysconfdir=/etc \ --libexecdir=/usr/lib \ --with-ipsecdir=/usr/lib/strongswan \ + --with-capabilities=libcap \ + --with-user=ipsec \ + --with-group=ipsec \ --enable-curl \ --disable-ldap \ --disable-aes \ @@ -91,8 +97,11 @@ package() { } md5sums="c52d4228231c2025d9c320d0e9990327 strongswan-5.3.0.tar.bz2 -358a63c1c38305afc7dd32d748b0149d strongswan.initd" +85ebc1b6c6b9c0c6640d8136e97da8e1 strongswan.initd +7962a720ebef6892d80a3cbdab72c204 charon.initd" sha256sums="824da31a1ff89ac2500d56705e6f9ce06fe5260f9caaeb1da35ea13a8691d284 strongswan-5.3.0.tar.bz2 -7b24ca7d6270e986ffb75d7e147df4a294ee44347fb792db2e9d2875cb40494d strongswan.initd" +ad43d1ed2585d84e12ad1e67fbdfe93983c424c5c64b230d5027c0aae496c65f strongswan.initd +97b018796f0f15106b70694449cff36e8fc586292aab09ef83a05c0c13142e73 charon.initd" sha512sums="1bb677e120b7b38942031a19b2c2caa8a55911ffc3220731fedd717efd6f80f937fd8e4e8d8e22ce638d49d548e9f5b1b043eede2550df2727a0242a08ef50e3 strongswan-5.3.0.tar.bz2 -e4c110b2c6102419c74b93748fc10b6c09055d5edf166c8da674b6082a0cf1a15358dec380832aab8e7fba89159ea269bcfbff4ec84cfa2acefb586765b8395d strongswan.initd" +b56008c07b804dacb3441d3802880058986ab7b314297fe485649a771861885b9232f9fd53b94faa3388a5e9330e2b38a86af5c04f3ff119199720043967ec64 strongswan.initd +6f3abaaa8da0925f06cdd184fdf534518e40c49533dba427dbf31dbe88172e5626bdc9aadf798d791f82fbded08801c1f565d514e2c289e1f28448d0c2e72b79 charon.initd" diff --git a/main/strongswan/charon.initd b/main/strongswan/charon.initd new file mode 100644 index 0000000000..06905c28e8 --- /dev/null +++ b/main/strongswan/charon.initd @@ -0,0 +1,30 @@ +#!/sbin/openrc-run + +description="strongSwan charon IKE daemon" +command="/usr/lib/strongswan/charon" +pidfile="/var/run/charon.pid" +start_stop_daemon_args="--background" +extra_started_commands="reload status" + +depend() { + need net + after firewall + provide ipsec +} + +start_post() { + ebegin "Loading ${name:-$RC_SVCNAME} configuration" + sleep 0.2 + swanctl --load-all &>/dev/null + eend $? +} + +reload() { + swanctl --reload-settings + swanctl --load-all +} + +status() { + swanctl --list-conns + swanctl --list-sas +} diff --git a/main/strongswan/strongswan.initd b/main/strongswan/strongswan.initd index 4220eac7fa..dfe7add8ec 100644 --- a/main/strongswan/strongswan.initd +++ b/main/strongswan/strongswan.initd @@ -3,6 +3,7 @@ depend() { need net after firewall + provide ipsec } start() { diff --git a/main/strongswan/strongswan.pre-install b/main/strongswan/strongswan.pre-install new file mode 100644 index 0000000000..e1fa31974d --- /dev/null +++ b/main/strongswan/strongswan.pre-install @@ -0,0 +1,10 @@ +#!/bin/sh + +if ! getent group ipsec >/dev/null; then + addgroup -S ipsec +fi +if ! getent passwd ipsec >/dev/null; then + adduser -S -H -h /var/empty -s /sbin/nologin -D -G ipsec ipsec 2>/dev/null +fi + +exit 0 |