Hi, could you add to the apparmor profile of charon this line @{PROC}/@{pid}/fd/ r, Then reload it via: sudo apparmor_parser -r /etc/apparmor.d/usr.lib.ipsec.charon
While I never have heard of charon needing this, if the above works you could add it for youself as a config and I could make it part of future packages. If the above makes those messages disappear but shows new apparmor denies afterwards let me know. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1786250 Title: strongswan (charon) is rejected by apparmor to read /proc/<PID>/fd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1786250/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs