[Pacemaker] LSB openswan script monitor problems

Dennis Jacobfeuerborn dennisml at conversis.de
Mon Jan 27 13:41:25 EST 2014

I'm trying to make an openswan setup redundant and this kind of works 
but pacemaker reports errors like this on failover:

p_ipsec_monitor_15000 on node02 'not running' (7): call=113, 
status=complete, last-rc-change='Mon Jan 27 18:32:29 2014', queued=37ms, 

The resource definition looks like this:

primitive p_ipsec lsb:ipsec \
	op monitor interval="15" timeout="15"

The interesting bit is that the log shows no errors/warnings and the 
service is running fine. After a bit of googling it appears that the 
custom output of the status command is the culprit.
Replacing it with a static string like "ipsec (pid 1111) is running..." 
seems to fix it but replacing "running" with "rnning" also seems to 
work. Also outputting this line followed by the normal status output 
fails as well.

So my question is what exactly is pacemaker doing to determine if the 
status call returned successfully if at all and what needs to be done so 
I don't get the "not running" errors in pacemaker?


