From c9de9d255a0655112718e8ea33e175fb126705f8 Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tmraz@redhat.com>
Date: Mon, 13 Sep 2010 15:23:50 +0200
Subject: ifup/ifdown-ipsec: do not killall racoon with full path

killall tries to read /proc/<pid>/exe, if called with the full path,
which is not working for selinux in enforcing MLS.

https://bugzilla.redhat.com/show_bug.cgi?id=567295
---
 sysconfig/network-scripts/ifdown-ipsec | 2 +-
 sysconfig/network-scripts/ifup-ipsec   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/sysconfig/network-scripts/ifdown-ipsec b/sysconfig/network-scripts/ifdown-ipsec
index 82a71a9a..f735d168 100755
--- a/sysconfig/network-scripts/ifdown-ipsec
+++ b/sysconfig/network-scripts/ifdown-ipsec
@@ -80,7 +80,7 @@ if [ "$KEYING" = "automatic" ]; then
    racoontmp=`mktemp /etc/racoon/racoon.XXXXXX`
    grep -v "^include \"/etc/racoon/$DST.conf\";" /etc/racoon/racoon.conf >> $racoontmp
    mv -f $racoontmp /etc/racoon/racoon.conf
-   pidof -x /usr/sbin/racoon > /dev/null 2>&1 && killall -HUP /usr/sbin/racoon
+   pidof -x /usr/sbin/racoon > /dev/null 2>&1 && killall -HUP racoon
 fi
 
 /etc/sysconfig/network-scripts/ifdown-post $CONFIG
diff --git a/sysconfig/network-scripts/ifup-ipsec b/sysconfig/network-scripts/ifup-ipsec
index 71662d82..cddb7f98 100755
--- a/sysconfig/network-scripts/ifup-ipsec
+++ b/sysconfig/network-scripts/ifup-ipsec
@@ -262,7 +262,7 @@ EOF
     echo "include \"/etc/racoon/$DST.conf\";" >> $racoontmp
     mv -f $racoontmp /etc/racoon/racoon.conf
     if pidof -x /usr/sbin/racoon > /dev/null 2>&1 ; then
-        killall -HUP /usr/sbin/racoon
+        killall -HUP racoon
     else
        /usr/sbin/racoon
     fi
-- 
cgit v1.2.1