Public bug reported: Ubuntu 26.04 LTS (beta)
Linux HOSTNAME 7.0.0-10-generic #10-Ubuntu SMP PREEMPT_DYNAMIC Thu Mar 19 10:24:42 UTC 2026 x86_64 GNU/Linux ii openvpn 2.7.0-1ubuntu1 amd64 virtual private network daemon ii apparmor 5.0.0~beta1-0ubuntu5 amd64 user-space parser utility for AppArmor AppArmor misses a capability for OpenVPN (for use with the `openvpn-server@` unit) to be able to use DCO. For DCO to work the `ovpn` kernel module needs to be loaded, which can only happen with the right capability. The fix is easy, but should probably be included in the upstream `openvpn` AppArmor profile: ``` $ cat /etc/apparmor.d/local/openvpn capability setpcap, ``` Then reload the profile: ``` $ sudo apparmor_parser -r /etc/apparmor.d/openvpn ``` If you then restart the OpenVPN server unit, DCO works! First diagnosed: https://codeberg.org/eduVPN/deploy/issues/21 ** Affects: apparmor (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2146980 Title: OpenVPN does not work with DCO To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2146980/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
