1_STACKMANAGER(8)              Executable programs             _STACKMANAGER(8)
2
3
4

NAME

6       ipsec__stackmanager - internal script to bring up kernel components for
7       Libreswan
8

SYNOPSIS

10       ipsec _stackmanager start [--netkey]
11
12       ipsec _stackmanager stop
13

DESCRIPTION

15       ipsec _stackmanager is called from within the init sub-system (systemd,
16       upstart, sysv initscripts) to bring up the Libreswan kernel component
17       as configured via the protostack= option in the ipsec.conf
18       configuration file.
19
20       This involves loading and optionally unloading of the required kernel
21       modules. Because the Linux kernel cannot autodetect most crypto related
22       drivers on-demand, _stackmanager handles loading the hardware random
23       number (RNG) device drivers, OpenBSD/FreeBSD Cryptographic Framework
24       (OCF) drivers, CryptoAPI drivers, and the modules for the specific
25       stack (Linux NETKEY/XFM or KLIPS/MAST). Probing for OCF supported
26       hardware is not supported - those modules must be loaded by the system
27       before the start of the Libreswan sub system.
28
29       When the --netkey option is given to the start command, the netkey
30       stack is loaded regardless of the existence or contents of the
31       ipsec.conf file. This is used for docker tests where the host system,
32       which might not have libreswan installed, needs to run _stackmanager
33       from the source tree to load the modules on the host so the modules are
34       available inside the containers.
35

SEE ALSO

37       ip(8), ipsec_tncfg(8), ipsec.conf(5), ipsec_addconn(8), pluto(8)
38

HISTORY

40       This script was introduced in Libreswan. On the older Openswan systems,
41       this functionality was split over various script files such as ipsec
42       _startnetkey, ipsec _startklips, ipsec _realsetup and ipsec setup. Man
43       page written for the Libreswan project <http://www.libreswan.org/> by
44       Paul Wouters.
45

AUTHOR

47       Paul Wouters
48           placeholder to suppress warning
49
50
51
52libreswan                         05/14/2019                  _STACKMANAGER(8)
Impressum