[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: racoon and bug 372665

>>>>> "Milan" == Milan P Stanic <mps@oss.co.yu> writes:

> On Tue, Mar 06, 2007 at 11:02:35AM +0530, Ganesan Rajagopal wrote:
>> Some daemons _need_ to be started from /etc/rcS.d (udev for
>> example). Another good example is portmap for nfs. If you're mounting nfs
>> volumes over IPsec then, racoon needs to start to setup the IPsec tunnel.

> I don't think so (except maybe udev, but servers can happily work without
> udev). What is the reason to start nfs from "one time initialization"
> subsystem? Portmap and nfs can be started in runlevel 2 to 5.

That's debatable. However current Debian policy as per /etc/rcS.d/README is 

=====
The following sequence points are defined at this time:

* After the S40 scripts have executed, all local file systems are mounted
  and networking is available. All device drivers have been initialized.

* After the S60 scripts have executed, the system clock has been set, NFS
  filesystems have been mounted (unless the system depends on the automounter,
  which is started later) and the filesystems have been cleaned.
=====

Besides NFS, if your entire access to the network requires IPsec, you cannot
even ssh outside the box unless racoon sets up a tunnel. It's really a
critical service in that sense.

Ganesan

-- 
Ganesan Rajagopal
Reply to: