[Bug 1773956] [NEW] [apparmor] missing entry for CLUSTERIP (used by strongswan HA plugin)

Jean-Daniel Dupas Tue, 29 May 2018 03:31:08 -0700

Public bug reported:

When using the HA plugin, charon-systemd try to read
'@{PROC}/@{pid}/net/ipt_CLUSTERIP/' and to write in files into
'@{PROC}/@{pid}/net/ipt_CLUSTERIP/'


So the 2 rules may be append to charon-systemd.apparmor.conf

# Cluster IP
@{PROC}/@{pid}/net/ipt_CLUSTERIP/ r,
@{PROC}/@{pid}/net/ipt_CLUSTERIP/* rw,

** Affects: strongswan (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1773956

Title:
  [apparmor] missing entry for CLUSTERIP (used by strongswan HA plugin)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1773956/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1773956] [NEW] [apparmor] missing entry for CLUSTERIP (used by strongswan HA plugin)

Reply via email to