[strongSwan] strongswan on Android devices

Nitin Verma nitin.jndm at gmail.com
Tue Apr 17 18:13:20 CEST 2012


Hi Tobias,
Thanks a lot for the explanation.
But the page
http://wiki.strongswan.org/projects/strongswan/wiki/ReducedPrivileges says
strongSwan allows to run it's daemons under a non-root user. I am aware of
the facts that starter checks for the uid as root. So are you saying that
even by giving such configure option, its not possible to run the daemon
from Android CLI as shell user?

Regards,
Nitin


On Tue, Apr 17, 2012 at 8:42 PM, Tobias Brunner <tobias at strongswan.org>wrote:

> Hi Nitin,
>
> > My ultimate concern is how to start the ipsec from the Android shell as
> > a non root user.
>
> That's not possible the daemon needs root permission initially to open
> the netlink/xfrm sockets.  Only afterwards can it switch the user ID to
> a non root user.  This is true for Linux too, setting the user ID in the
> Makefile or via ./configure does not change this.
>
> Regards,
> Tobias
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20120417/5ca8cea3/attachment.html>


More information about the Users mailing list