Additional fixes needed for me: - for `down` action to work we need also `RevertLink` member - the proposed fixes solved running `openvpn` by hand, but running it as a `openvpn@` systemd service - I needed to add `flags=(attach_disconnected)` to `profile update-resolv` to fix the below error:
audit: type=1400 audit(1744966991.727:2719): apparmor="DENIED" operation="connect" class="file" info="Failed name lookup - disconnected path" error=-13 profile="openvpn//update-resolv" name="run/dbus/system_bus_socket" pid=86188 comm="resolvconf" requested_mask="wr" denied_mask="wr" fsuid=0 ouid=0 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2107596 Title: Apparmor is missing rule for openvpn to set DNS domain To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2107596/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
