[strongSwan] strongSwan 5.1.2 on Ubuntu Trusty (14.0.4) and AppArmor
Fabrice Barconnière
fabrice.barconniere at ac-dijon.fr
Thu Mar 19 14:22:21 CET 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello,
I've configured VPN on Ubuntu Trusty with strongSwan 5.1.2 and
connections are OK.
But when i execute "ipsec statusall" command, it replies :
"reading from socket failed: Permission denied"
When i suppress "/etc/apparmor.d/usr.lib.ipsec.stroke" AppArmor
profile, the command replies correctly.
This is the default AppArmor profile :
#include <tunables/global>
/usr/lib/ipsec/stroke flags=(audit) {
#include <abstractions/base>
/etc/strongswan.conf r,
/etc/strongswan.d/ r,
/etc/strongswan.d/** r,
/run/charon.ctl rw,
}
I don't find what to add to make the command replies correctly.
Any idea ?
Thanks,
Fabrice Barconnière
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJVCs2NAAoJEMv1LpJod2ZFHb4IAJ9P2hmCi790HuheeMYmOcrn
j88Rl6FIRoi97MpekQ5PTR+G5wlKkuQh7dfQOJHRBSfz4a5rE/TSJlRHJsMjh9ek
0eRioGV7w6WOdig0sHeEY6a6/JKiVrzvN8FxTJ7UW3zQII/scCH8qGvX0SbdIwFL
UI/MsjRaVGtdd4OWZ/hX1nAQ00MktUDmlTZkyWDvmBVpEcj4+vI0vI78Hd21wBP9
riMyLC5I/sI9GY8QgY4hKX+LtOM6o4R8yWMw37qtFHwXVhtIy609taZiIBUYQJEF
2j1HGgI8ZWt0b5QnjTilfiIrhorBnFdA05gwqkqeLBB2aTZ/ieldPBuzVgyTlhY=
=C0EN
-----END PGP SIGNATURE-----
More information about the Users
mailing list