Public bug reported:
The swanctl apparmor profile leads to the following deny:
apparmor="DENIED" operation="file_inherit" profile="/usr/sbin/swanctl"
name="/dev/net/tun" pid=490601 comm="swanctl" requested_mask="wr"
denied_mask="wr" fsuid=0 ouid=0
I'm using charon-systemd instead of strongswan-starter.
$ dpkg -l|grep "strongswan\|charon"
ii charon-systemd 5.8.2-1ubuntu3
amd64 strongSwan IPsec client, systemd support
ii libcharon-extauth-plugins 5.8.2-1ubuntu3
amd64 strongSwan charon library (extended authentication plugins)
ii libcharon-extra-plugins 5.8.2-1ubuntu3
amd64 strongSwan charon library (extra plugins)
ii libcharon-standard-plugins 5.8.2-1ubuntu3 all
transitional package
ii libstrongswan 5.8.2-1ubuntu3
amd64 strongSwan utility and crypto library
ii libstrongswan-extra-plugins 5.8.2-1ubuntu3
amd64 strongSwan utility and crypto library (extra plugins)
ii strongswan 5.8.2-1ubuntu3 all
IPsec VPN solution metapackage
ii strongswan-charon 5.8.2-1ubuntu3
amd64 strongSwan Internet Key Exchange daemon
ii strongswan-libcharon 5.8.2-1ubuntu3
amd64 strongSwan charon library
ii strongswan-pki 5.8.2-1ubuntu3
amd64 strongSwan IPsec client, pki command
ii strongswan-starter 5.8.2-1ubuntu3
amd64 strongSwan daemon starter and configuration file parser
ii strongswan-swanctl 5.8.2-1ubuntu3
amd64 strongSwan IPsec client, swanctl command
** Affects: strongswan (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1875504
Title:
apparmor="DENIED" operation="file_inherit" profile="/usr/sbin/swanctl"
name="/dev/net/tun" pid=490601 comm="swanctl" requested_mask="wr"
denied_mask="wr" fsuid=0 ouid=0
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1875504/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
