Hello Martin,
That did it, it works now. :)
Thank you very much.
kind regards,
Claude
On Thursday 15 July 2010 08:57:05 Martin Willi wrote:
>
> > up-client output: /usr/local/libexec/ipsec/_updown: unknown interface
> > version `'
>
> Seems that the PLUTO_VERSION environment variable is not
> up-client output: /usr/local/libexec/ipsec/_updown: unknown interface version
> `'
Seems that the PLUTO_VERSION environment variable is not set.
> In ipsec.conf, I added : leftupdown="sudo ipsec _updown"
Try to add -E to sudo to preserve ENV variables.
> In /etc/sudoers, i added : vpn
Hi,
I'm sorry to bother you again on this topic, but I really would like to get it
to work as non-privileged user.
Charon on the other hand, works like a charm, sadly pluto doesn't.
This is my setup now :
strongswan runs as user vpn
In ipsec.conf, I added : leftupdown="sudo ipse
Hi,
I still get that "unknown interface version" error if I'm trying to start pluto
as non-privileged user, followed by the deletion of the SA.
Is there some fix to my issue or do I have to run strongswan as root as long as
I use pluto ?
thanks a lot for your help
kind regards,
Claude
On Wed
Hi,
I've had it already compiled with --with-capabilities=libcap .
I've tried sudo'ing and it has changed something, but I think there are still
missing some bits.
Here's the new log error :
Jul 2 13:33:56 vpn6-test pluto[3286]: "cisco-vpn"[6] 192.168.3.18:58180 #6:
up-client output: /usr/loc
Hi,
I've had it already compiled with --with-capabilities=libcap .
I've tried sudo'ing and it has changed something, but I think there are still
missing some bits.
Here's the new log error :
Jul 2 13:33:56 vpn6-test pluto[3286]: "cisco-vpn"[6] 192.168.3.18:58180 #6:
up-client output: /usr/loc
Hi,
> I've compiled strongswan with user vpn and group vpn.
If you use non-root users, you'll need support for capability handling
too. Add --with-capabilities=libcap to ./configure.
> route-client output: Not sufficient rights to flush
It is not possible to propagate the capabilities to the up