Hi Thomas, >> root@quark:/etc# tail -f /var/log/syslog | egrep -C 2 "fail|erro" >> Feb 9 15:35:31 quark charon: 00[LIB] plugin 'xauth-generic': loaded >> successfully >> Feb 9 15:35:31 quark charon: 00[DMN] xauth-pam plugin requires >> CAP_AUDIT_WRITE capability >> Feb 9 15:35:31 quark charon: 00[LIB] plugin 'xauth-pam': failed to >> load - xauth_pam_plugin_create returned NULL
... >> dpkg -l | grep strongswan | grep ii >> ii libstrongswan 5.1.2-0ubuntu2.2 amd64 strongSwan >> utility and crypto library >> ii strongswan 5.1.2-0ubuntu2 all IPsec VPN >> solution metapackage >> ii strongswan-ike 5.1.2-0ubuntu2.2 amd64 strongSwan >> Internet Key Exchange (v2) daemon >> ii strongswan-plugin-openssl 5.1.2-0ubuntu2.2 amd64 strongSwan >> plugin for OpenSSL >> ii strongswan-plugin-xauth-generic 5.1.2-0ubuntu2.2 amd64 >> strongSwan plugin for the generic XAuth backend >> ii strongswan-plugin-xauth-pam 5.1.2-0ubuntu2.2 amd64 >> strongSwan plugin for XAuth backend using PAM >> ii strongswan-starter 5.1.2-0ubuntu2.2 amd64 strongSwan >> daemon starter and configuration file parser >> >> >> >> >> > i found the problem ... it was apparmor ... Would you mind opening a bug here [1] for the benefit of every other Strongswan users using Ubuntu? I'd do so myself but since I'm not using XAUTH-PAM, I cannot test the simple fix attached [2]. Thank you Best regards, Simon 1: https://launchpad.net/ubuntu/+source/strongswan/+bugs
--- usr.lib.ipsec.charon.orig 2015-02-13 11:08:34.077260262 -0500 +++ usr.lib.ipsec.charon 2015-02-13 11:10:14.589511996 -0500 @@ -20,6 +20,7 @@ capability net_admin, capability net_raw, + capability audit_write, network, network raw,
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
