From: Tobias Brunner Date: Mon, 16 Jan 2023 10:35:42 +0000 (+0100) Subject: conf: Replace hard-coded /etc where appropriate X-Git-Tag: android-2.4.0~8^2~2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7e43a5f3d28424abfb648b7afd24e25a042efd24;p=thirdparty%2Fstrongswan.git conf: Replace hard-coded /etc where appropriate Also document the actual value of ${sysconfdir}. --- diff --git a/conf/options/charon.opt b/conf/options/charon.opt index 00949222a7..72efd17de2 100644 --- a/conf/options/charon.opt +++ b/conf/options/charon.opt @@ -38,8 +38,8 @@ charon.cert_cache = yes charon.cache_crls = no Whether Certificate Revocation Lists (CRLs) fetched via HTTP or LDAP should be saved under a unique file name derived from the public key of the - Certification Authority (CA) to **/etc/ipsec.d/crls** (stroke) or - **/etc/swanctl/x509crl** (vici), respectively. + Certification Authority (CA) to **${sysconfdir}/ipsec.d/crls** (stroke) or + **${sysconfdir}/swanctl/x509crl** (vici), respectively. charon.check_current_path = no Whether to use DPD to check if the current path still works after any diff --git a/conf/plugins/unbound.opt b/conf/plugins/unbound.opt index f8ca9ca12a..0077973109 100644 --- a/conf/plugins/unbound.opt +++ b/conf/plugins/unbound.opt @@ -1,7 +1,7 @@ charon.plugins.unbound.resolv_conf = /etc/resolv.conf File to read DNS resolver configuration from. -charon.plugins.unbound.trust_anchors = /etc/ipsec.d/dnssec.keys +charon.plugins.unbound.trust_anchors = ${sysconfdir}/ipsec.d/dnssec.keys File to read DNSSEC trust anchors from (usually root zone KSK). File to read DNSSEC trust anchors from (usually root zone KSK). The format diff --git a/conf/strongswan.conf.5.tail.in b/conf/strongswan.conf.5.tail.in index baad476d1f..a6c1c787e3 100644 --- a/conf/strongswan.conf.5.tail.in +++ b/conf/strongswan.conf.5.tail.in @@ -458,6 +458,7 @@ The variables used above are configured as follows: .na ${piddir} @piddir@ ${prefix} @prefix@ +${sysconfdir} @sysconfdir@ ${random_device} @random_device@ ${urandom_device} @urandom_device@ .ad @@ -467,9 +468,9 @@ ${urandom_device} @urandom_device@ . .nf .na -/etc/strongswan.conf configuration file -/etc/strongswan.d/ directory containing included config snippets -/etc/strongswan.d/charon/ plugin specific config snippets +@sysconfdir@/strongswan.conf configuration file +@sysconfdir@/strongswan.d/ directory containing included config snippets +@sysconfdir@/strongswan.d/charon/ plugin specific config snippets .ad .fi .