Public bug reported: When using the strongswan xauth-pam plugin I get an error at startup regarding missing capabilities and the plugin doesn't load.
--- xauth-pam plugin requires CAP_AUDIT_WRITE capability plugin 'xauth-pam': failed to load - xauth_pam_plugin_create returned NULL --- If I add "capability audit_write," to /etc/apparmor.d/local/usr.lib.ipsec.charon it works. I would expect the plugin to work without modifying the local apparmor profile. Package info: strongswan: Installed: 5.1.2-0ubuntu2.3 Candidate: 5.1.2-0ubuntu2.3 strongswan-plugin-xauth-pam: Installed: 5.1.2-0ubuntu2.3 Candidate: 5.1.2-0ubuntu2.3 Ubuntu info: Description: Ubuntu 14.04.2 LTS Release: 14.04 ** Affects: strongswan (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to strongswan in Ubuntu. https://bugs.launchpad.net/bugs/1470277 Title: strongswan apparmor profile doesn't permit xauth-pam To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1470277/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs