[strongSwan] agent plugin requires CAP_DAC_OVERRIDE capability
xalloc at protonmail.com
Wed May 15 17:11:15 CEST 2019
Hello, I'm tring to run Strongswan unprivileged following your guide.
I already added user and group in strongswan.conf and changed the files owner.
When I start the vpn or do "swanctl -q" two messages appear:
"agent plugin requires CAP_DAC_OVERRIDE capability" and "plugin agent failed to load - agent_plugin_create returned NULL".
I'm on Ubuntu 19.04, already set to "complain" the apparmor module for charon.
Also the command "getpcaps $(pidof charon)" gives:
cap_dac_override, cap_net_admin, cap_net_raw+eip
What else am I missing?
More information about the Users