diff -Naur libreswan-3.15-orig/programs/ipsec/ipsec.in libreswan-3.15/programs/ipsec/ipsec.in
--- libreswan-3.15-orig/programs/ipsec/ipsec.in	2015-08-24 22:28:32.000000000 -0400
+++ libreswan-3.15/programs/ipsec/ipsec.in	2016-06-22 09:59:10.786787783 -0400
@@ -212,18 +212,28 @@
 	;;
 
     import|--import)
-	if [ $(id -u) -ne 0 ]; then
-	    echo "permision denied on nss operation (must be superuser)"
-	    exit 4
+	if [ -n "${2}" ]; then
+	    # A lot of nss commands use -d or --configdir to specify
+	    # NSS db location. We use --ipsecdir so we are consistent
+	    # with pluto options
+	    if [ "${2}" = "-d" -o \
+		"${2}" = "--configdir" -o \
+		"${2}" = "--ipsecdir" ]
+	    then
+		if [ -d "${3}" ]; then
+		    IPSEC_NSSDIR="${3}"
+		else
+		    echo "usage: ipsec import [--configdir|--ipsecdir /etc/ipsec.d] /path/to/pkcs.12" >&2
+		    exit 1
+		fi
+		shift
+		shift
+	    fi
+	    IPSEC_NSSDIR_SQL="sql:${IPSEC_NSSDIR}"
 	fi
-	if [ -z "${2}" ]; then
-	    echo "usage: ipsec import /path/to/pkcs.12" >&2
+	if [ -z "${2}" -o ! -f "${2}" ]; then
+	    echo "usage: ipsec import [--configdir|--ipsecdir /etc/ipsec.d] /path/to/pkcs.12" >&2
 	    exit 1
-	else
-	    if [ ! -f "${2}" ]; then
-		echo "usage: ipsec import /path/to/pkcs.12"  >&2
-		exit 1
-	    fi
 	fi
 	pk12util -i "${2}" -d "${IPSEC_NSSDIR_SQL}"
 	# check and correct trust bits
@@ -233,12 +243,17 @@
     initnss|--initnss|checknss|--checknss)
 	if [ -n "${2}" ]; then
 	    # A lot of nss commands use -d or --configdir to specify
-	    # NSS db location
-	    if [ "${2}" = "-d" -o "${2}" = "--configdir" ]; then
+	    # NSS db location. We use --ipsecdir so we are consistent
+	    # with pluto options
+	    if [ "${2}" = "-d" -o \
+		"${2}" = "--configdir" -o \
+		"${2}" = "--ipsecdir" ]
+	    then
 		IPSEC_NSSDIR="${3}"
-            else
+	    else
 		IPSEC_NSSDIR="${2}"
 	    fi
+	    IPSEC_NSSDIR_SQL="sql:${IPSEC_NSSDIR}"
 	fi
 	if [ ! -d "${IPSEC_NSSDIR}" ]; then
 	    mkdir -p "${IPSEC_NSSDIR}"